tommy/tbd-station-14
2
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

AccessReader IsAllowed use resolve (#8527)

Browse Source
This commit is contained in:
keronshb
2022-06-01 11:26:50 -04:00
committed by GitHub
parent 7f984792a1
commit d5620aa833
11 changed files with 43 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
Content.IntegrationTests/Tests/Access/AccessReaderTest.cs
View File

@@ -21,53 +21,53 @@ namespace Content.IntegrationTests.Tests.Access
// test empty // test empty
var reader = new AccessReaderComponent(); var reader = new AccessReaderComponent();
Assert.That(system.IsAllowed(reader, new[] { "Foo" }), Is.True); Assert.That(system.IsAllowed(new[] { "Foo" }, reader), Is.True);
Assert.That(system.IsAllowed(reader, new[] { "Bar" }), Is.True); Assert.That(system.IsAllowed(new[] { "Bar" }, reader), Is.True);
Assert.That(system.IsAllowed(reader, new string[] { }), Is.True); Assert.That(system.IsAllowed(new string[] { }, reader), Is.True);
// test deny // test deny
reader = new AccessReaderComponent(); reader = new AccessReaderComponent();
reader.DenyTags.Add("A"); reader.DenyTags.Add("A");
Assert.That(system.IsAllowed(reader, new[] { "Foo" }), Is.True); Assert.That(system.IsAllowed(new[] { "Foo" }, reader), Is.True);
Assert.That(system.IsAllowed(reader, new[] { "A" }), Is.False); Assert.That(system.IsAllowed(new[] { "A" }, reader), Is.False);
Assert.That(system.IsAllowed(reader, new[] { "A", "Foo" }), Is.False); Assert.That(system.IsAllowed(new[] { "A", "Foo" }, reader), Is.False);
Assert.That(system.IsAllowed(reader, new string[] { }), Is.True); Assert.That(system.IsAllowed(new string[] { }, reader), Is.True);
// test one list // test one list
reader = new AccessReaderComponent(); reader = new AccessReaderComponent();
reader.AccessLists.Add(new HashSet<string> { "A" }); reader.AccessLists.Add(new HashSet<string> { "A" });
Assert.That(system.IsAllowed(reader, new[] { "A" }), Is.True); Assert.That(system.IsAllowed(new[] { "A" }, reader), Is.True);
Assert.That(system.IsAllowed(reader, new[] { "B" }), Is.False); Assert.That(system.IsAllowed(new[] { "B" }, reader), Is.False);
Assert.That(system.IsAllowed(reader, new[] { "A", "B" }), Is.True); Assert.That(system.IsAllowed(new[] { "A", "B" }, reader), Is.True);
Assert.That(system.IsAllowed(reader, new string[] { }), Is.False); Assert.That(system.IsAllowed(new string[] { }, reader), Is.False);
// test one list - two items // test one list - two items
reader = new AccessReaderComponent(); reader = new AccessReaderComponent();
reader.AccessLists.Add(new HashSet<string> { "A", "B" }); reader.AccessLists.Add(new HashSet<string> { "A", "B" });
Assert.That(system.IsAllowed(reader, new[] { "A" }), Is.False); Assert.That(system.IsAllowed(new[] { "A" }, reader), Is.False);
Assert.That(system.IsAllowed(reader, new[] { "B" }), Is.False); Assert.That(system.IsAllowed(new[] { "B" }, reader), Is.False);
Assert.That(system.IsAllowed(reader, new[] { "A", "B" }), Is.True); Assert.That(system.IsAllowed(new[] { "A", "B" }, reader), Is.True);
Assert.That(system.IsAllowed(reader, new string[] { }), Is.False); Assert.That(system.IsAllowed(new string[] { }, reader), Is.False);
// test two list // test two list
reader = new AccessReaderComponent(); reader = new AccessReaderComponent();
reader.AccessLists.Add(new HashSet<string> { "A" }); reader.AccessLists.Add(new HashSet<string> { "A" });
reader.AccessLists.Add(new HashSet<string> { "B", "C" }); reader.AccessLists.Add(new HashSet<string> { "B", "C" });
Assert.That(system.IsAllowed(reader, new[] { "A" }), Is.True); Assert.That(system.IsAllowed(new[] { "A" }, reader), Is.True);
Assert.That(system.IsAllowed(reader, new[] { "B" }), Is.False); Assert.That(system.IsAllowed(new[] { "B" }, reader), Is.False);
Assert.That(system.IsAllowed(reader, new[] { "A", "B" }), Is.True); Assert.That(system.IsAllowed(new[] { "A", "B" }, reader), Is.True);
Assert.That(system.IsAllowed(reader, new[] { "C", "B" }), Is.True); Assert.That(system.IsAllowed(new[] { "C", "B" }, reader), Is.True);
Assert.That(system.IsAllowed(reader, new[] { "C", "B", "A" }), Is.True); Assert.That(system.IsAllowed(new[] { "C", "B", "A" }, reader), Is.True);
Assert.That(system.IsAllowed(reader, new string[] { }), Is.False); Assert.That(system.IsAllowed(new string[] { }, reader), Is.False);
// test deny list // test deny list
reader = new AccessReaderComponent(); reader = new AccessReaderComponent();
reader.AccessLists.Add(new HashSet<string> { "A" }); reader.AccessLists.Add(new HashSet<string> { "A" });
reader.DenyTags.Add("B"); reader.DenyTags.Add("B");
Assert.That(system.IsAllowed(reader, new[] { "A" }), Is.True); Assert.That(system.IsAllowed(new[] { "A" }, reader), Is.True);
Assert.That(system.IsAllowed(reader, new[] { "B" }), Is.False); Assert.That(system.IsAllowed(new[] { "B" }, reader), Is.False);
Assert.That(system.IsAllowed(reader, new[] { "A", "B" }), Is.False); Assert.That(system.IsAllowed(new[] { "A", "B" }, reader), Is.False);
Assert.That(system.IsAllowed(reader, new string[] { }), Is.False); Assert.That(system.IsAllowed(new string[] { }, reader), Is.False);
}); });
} }

2
Content.Server/AI/Pathfinding/PathfindingHelpers.cs
View File

@@ -116,7 +116,7 @@ namespace Content.Server.AI.Pathfinding
var accessSystem = EntitySystem.Get<AccessReaderSystem>(); var accessSystem = EntitySystem.Get<AccessReaderSystem>();
foreach (var reader in node.AccessReaders) foreach (var reader in node.AccessReaders)
{ {
if (!accessSystem.IsAllowed(reader, access)) if (!accessSystem.IsAllowed(access, reader))
{ {
return false; return false;
} }

2
Content.Server/AI/Pathfinding/PathfindingSystem.Grid.cs
View File

@@ -232,7 +232,7 @@ public sealed partial class PathfindingSystem
var access = _accessReader.FindAccessTags(entity); var access = _accessReader.FindAccessTags(entity);
foreach (var reader in node.AccessReaders) foreach (var reader in node.AccessReaders)
{ {
if (!_accessReader.IsAllowed(reader, access)) if (!_accessReader.IsAllowed(access, reader))
{ {
return false; return false;
} }

2
Content.Server/Access/Components/IdCardConsoleComponent.cs
View File

@@ -56,7 +56,7 @@ namespace Content.Server.Access.Components
var privilegedIdEntity = PrivilegedIdSlot.Item; var privilegedIdEntity = PrivilegedIdSlot.Item;
var accessSystem = EntitySystem.Get<AccessReaderSystem>(); var accessSystem = EntitySystem.Get<AccessReaderSystem>();
return privilegedIdEntity != null && accessSystem.IsAllowed(reader, privilegedIdEntity.Value); return privilegedIdEntity != null && accessSystem.IsAllowed(privilegedIdEntity.Value, reader);
} }
/// <summary> /// <summary>

2
Content.Server/Atmos/Monitor/Systems/AirAlarmSystem.cs
View File

@@ -258,7 +258,7 @@ namespace Content.Server.Atmos.Monitor.Systems
if (!EntityManager.TryGetComponent(uid, out AccessReaderComponent reader) || user == null) if (!EntityManager.TryGetComponent(uid, out AccessReaderComponent reader) || user == null)
return false; return false;
if (!_accessSystem.IsAllowed(reader, user.Value)) if (!_accessSystem.IsAllowed(user.Value, reader))
{ {
_popup.PopupEntity(Loc.GetString("air-alarm-ui-access-denied"), user.Value, Filter.Entities(user.Value)); _popup.PopupEntity(Loc.GetString("air-alarm-ui-access-denied"), user.Value, Filter.Entities(user.Value));
return false; return false;

2
Content.Server/Cargo/CargoSystem.Console.cs
View File

@@ -190,7 +190,7 @@ namespace Content.Server.Cargo
public bool ApproveOrder(EntityUid uid, EntityUid approver, int id, int orderNumber, AccessReaderComponent? reader = null) public bool ApproveOrder(EntityUid uid, EntityUid approver, int id, int orderNumber, AccessReaderComponent? reader = null)
{ {
// does the approver have permission to approve orders? // does the approver have permission to approve orders?
if (Resolve(uid, ref reader) && !_accessReaderSystem.IsAllowed(reader, approver)) if (Resolve(uid, ref reader) && !_accessReaderSystem.IsAllowed(approver, reader))
return false; return false;
// get the approver's name // get the approver's name

4
Content.Server/Doors/Systems/DoorSystem.cs
View File

@@ -217,9 +217,9 @@ public sealed class DoorSystem : SharedDoorSystem
return AccessType switch return AccessType switch
{ {
// Some game modes modify access rules. // Some game modes modify access rules.
AccessTypes.AllowAllIdExternal => !isExternal || _accessReaderSystem.IsAllowed(access, user.Value), AccessTypes.AllowAllIdExternal => !isExternal || _accessReaderSystem.IsAllowed(user.Value, access),
AccessTypes.AllowAllNoExternal => !isExternal, AccessTypes.AllowAllNoExternal => !isExternal,
_ => _accessReaderSystem.IsAllowed(access, user.Value) _ => _accessReaderSystem.IsAllowed(user.Value, access)
}; };
} }

2
Content.Server/Lock/LockSystem.cs
View File

@@ -156,7 +156,7 @@ namespace Content.Server.Lock
if (!Resolve(uid, ref reader)) if (!Resolve(uid, ref reader))
return true; return true;
if (!_accessReader.IsAllowed(reader, user)) if (!_accessReader.IsAllowed(user, reader))
{ {
if (!quiet) if (!quiet)
reader.Owner.PopupMessage(user, Loc.GetString("lock-comp-has-user-access-fail")); reader.Owner.PopupMessage(user, Loc.GetString("lock-comp-has-user-access-fail"));

2
Content.Server/Power/EntitySystems/ApcSystem.cs
View File

@@ -48,7 +48,7 @@ namespace Content.Server.Power.EntitySystems
if (args.Session.AttachedEntity == null) if (args.Session.AttachedEntity == null)
return; return;
if (access == null || _accessReader.IsAllowed(access, args.Session.AttachedEntity.Value)) if (access == null || _accessReader.IsAllowed(args.Session.AttachedEntity.Value, access))
{ {
ApcToggleBreaker(uid, component); ApcToggleBreaker(uid, component);
} }

2
Content.Server/VendingMachines/VendingMachineSystem.cs
View File

@@ -175,7 +175,7 @@ namespace Content.Server.VendingMachines
if (TryComp<AccessReaderComponent?>(vendComponent.Owner, out var accessReader)) if (TryComp<AccessReaderComponent?>(vendComponent.Owner, out var accessReader))
{ {
if (!_accessReader.IsAllowed(accessReader, sender.Value) && !vendComponent.Emagged) if (!_accessReader.IsAllowed(sender.Value, accessReader) && !vendComponent.Emagged)
{ {
_popupSystem.PopupEntity(Loc.GetString("vending-machine-component-try-eject-access-denied"), uid, Filter.Pvs(uid)); _popupSystem.PopupEntity(Loc.GetString("vending-machine-component-try-eject-access-denied"), uid, Filter.Pvs(uid));
Deny(uid, vendComponent); Deny(uid, vendComponent);

12
Content.Shared/Access/Systems/AccessReaderSystem.cs
View File

@@ -26,7 +26,7 @@ namespace Content.Shared.Access.Systems
private void OnLinkAttempt(EntityUid uid, AccessReaderComponent component, LinkAttemptEvent args) private void OnLinkAttempt(EntityUid uid, AccessReaderComponent component, LinkAttemptEvent args)
{ {
if (component.Enabled && !IsAllowed(component, args.User)) if (component.Enabled && !IsAllowed(args.User, component))
args.Cancel(); args.Cancel();
} }
@@ -59,13 +59,17 @@ namespace Content.Shared.Access.Systems
/// If no access is found, an empty set is used instead. /// If no access is found, an empty set is used instead.
/// </remarks> /// </remarks>
/// <param name="entity">The entity to bor access.</param> /// <param name="entity">The entity to bor access.</param>
public bool IsAllowed(AccessReaderComponent reader, EntityUid entity) /// <param name="reader"></param>
public bool IsAllowed(EntityUid entity, AccessReaderComponent? reader = null)
{ {
if (!Resolve(entity, ref reader, false))
return true;
var tags = FindAccessTags(entity); var tags = FindAccessTags(entity);
return IsAllowed(reader, tags); return IsAllowed(tags, reader);
} }
public bool IsAllowed(AccessReaderComponent reader, ICollection<string> accessTags) public bool IsAllowed(ICollection<string> accessTags, AccessReaderComponent reader)
{ {
if (!reader.Enabled) if (!reader.Enabled)
{ {