* Added permission verification to the change_admin_rank proc. (#61137)
Checks if usr has R_PERMISSION before going any further in the change_admin_rank proc.
* Added permission verification to the change_admin_rank proc
Co-authored-by: Watermelon914 <37270891+Watermelon914@users.noreply.github.com>
* [s]Fix inverted check where if permanent rank changes were disabled in the config, all rank changes would instead always go to the db, even bypassing DBRANK checks. (#55485)
As this is an admin accessible exploit bypassing the `DBRANKS` flag, merge should slightly rushed but not like "stop the presses" rushed.
* [s]Fix inverted check where if permanent rank changes were disabled in the config, all rank changes would instead always go to the db, even bypassing DBRANK checks.
Co-authored-by: Kyle Spier-Swenson <kyleshome@gmail.com>
* [Ready] CDN browser assets! (#52681)
Rewrites the asset_cache system to handle sending assets to a CDN via a webroot.
see https://github.com/MrStonedOne/tgstation/blob/asset-cdn/code/modules/asset_cache/readme.md
Fixed a lot of bugs with assets, removed some dead code.
Changes:
Moved asset cache code to transport datums, the currently loaded one is located at SSassets.transport, asset cache calls made before the config is loaded use the simple browse_rsc transport.
Added subsystem call for when the config loads or reloads.
Added a webroot CDN asset transport. assets are saved to a file in a format based on the file's hash (currently md5).
Assets that don't use get_asset_url or get_url_mappings (such as browser assets referred to by static html files like changelog.html or static css files) can be saved to browse_rsc even when in cdn asset mode by setting legacy to TRUE on the datum returned by register_assets
Added a system for saving assets on a cdn in a hash based namespace (folder), assets within the same namespace will always be able to refer to each other by relative names. (used to allow cdn'ing font awesome without having to make something that regenerates it's css files.).
The simple/namespaced asset cache datum helper will handle generating a namespace composed of the combined md5 of everything in the same datum, as well as registering them properly.
Moved external resource from a snowflake loaded file to a config entry, added it to resources.txt
To ensure the system breaks in local testing in any situation that wouldn't work in cdn mode, the simple transport will mutate the filenames of non-legacy and non-namespaced assets and return this with get_asset_url.
Simple transport's passive send of all roundstart assets to all clients is now a config that defaults to off. this is to break race conditions during local testings from devs accidentally relying on this instead of using send() properly.
cl
refactor: Interface assets (js/css/images) can now be managed using an external webserver instead of byond's one at a time file transfer queue.
admin: Adds admin verb toggle-cdn that allows admins to disable the external webserver asset transport and revert to the old system. Useful if the webserver backing this goes down (thanks cloudflare).
config: New config file, resources.txt, (must be loaded by an $include statement from the main config)
server: The external_rsc_urls.txt config has been moved to the main config system.
/cl
Porting notes:
Interface webpages must refer to their assets (css/js/image/etc) by a generated url, or the asset must register itself as a legacy asset. The system is designed to break in localtest (on simple/legacy mode) in most situations that would break in cdn mode.
Requires latest tgui.
The webserver must set the proper CORS headers for font files or font awesome (and other fonts) won't load.
/tg/'s webserver config: https://gist.github.com/MrStonedOne/523388b2f161af832292d98a8aad0eae
* [Ready] CDN browser assets!
Co-authored-by: Kyle Spier-Swenson <kyleshome@gmail.com>
* Case of lower
* More changes
* Ruins the nice 420 diff, brainfart when doing the second batch of conversions
* More changes
* Next batch. I think
* Converts even more paths
* Restarts bots
* Capital Free Zone
* Come on travis, do something
* Renames areas
* Bots, please stop dying
* Updates CONTRIBUTING.md and updates a few paths I missed.
* APC recgarftzfvas
/obj/item/computer_hardware/recharger/apc to /obj/item/computer_hardware/recharger/apc_recharger
cl
refactor: BSQL has been replaced with rust-g, improving SQL reliability and safety.
/cl
Queries were parameterized as much as possible. Careful code read by someone else also versed in SQL would be a good idea. Things seemed fine spot-testing roundstart, library, bans, and polls, but more stress-testing may be useful.
Also updates rust-g to v0.4.5:
Improved Linux .so detection
Perlin noise functions
Also updates Travis script to bionic.
* demos (ported from yogstation)
rustg update + write with no format
use external hook for logging
use proper log vars
fix + clarifying comment
don't start the log
release build of rust-g
fix something caught by the lint
Update code/__DEFINES/subsystems.dm
Co-Authored-By: Jordan Brown <Cyberboss@users.noreply.github.com>
Update code/controllers/subsystem/demo.dm
Co-Authored-By: JJRcop <jrubcop@gmail.com>
Update code/controllers/subsystem/demo.dm
Co-Authored-By: JJRcop <jrubcop@gmail.com>
moves hooks out of a dedicated file
len = 0 to Cut(), remove semicolons
untyped loop
* updated rust_g
* 513 updates
* Makes raw HTML and browser datum popups UTF-8 aware
Admin menus specifically really shouldn't break just because you named some guy "☺s the Clown"
* Fixed new_player.dm
* Fucking filing cabinets
* converts to using key instead of ckey for user facing logs and ui
* more key_name for airlock wires
* futureproofing check for if key changes
* --onlyckeymatch script argument and fail/success counter
* fix
* Qdels all queries, adds sleep handling
* DB Core messages admins about undeleted queries
* Compile fixes. Adds missing set waitfor
* Remove world/New shennanigans. Add DBQuery/BlockingExecute()
* Less spammy notifications to admins about undeleted queries
* Increase dbcore fire time to 1 minute
* Upgrade undeleted query warning
* Better place of death
* Fix build
* Remove BlockingExecute, see BSQL PR for why
* Yep, missed that one.
* Psyche, that's the WRONG QUERY!!
* updates sqladmins with excluded flags and tempminning
* rank, editing and permission protections; json backup
* fixes
* reverted the wrong file
* fix slidecolor cascading and disabled switches not being sent in form
* removes debug uncommenting
* whoops this too
* commas fix + versions for changelog entry headers since 3.0
* actually account for can_edit_flags and use of @ with - or *
* fixes and rearrangement of admin > localhost > autoadmin precedence
* in case you want to not have autologin autoadmins
