[MIRROR] Permissions Panel Update (#12300)

Co-authored-by: Selis <12716288+ItsSelis@users.noreply.github.com>
Co-authored-by: Kashargul <144968721+Kashargul@users.noreply.github.com>
This commit is contained in:
CHOMPStation2StaffMirrorBot
2026-01-19 18:10:17 -07:00
committed by GitHub
parent 4a2acf78b2
commit b9d6b71cf5
10 changed files with 1054 additions and 296 deletions
+46 -19
View File
@@ -5,13 +5,20 @@ GLOBAL_LIST_EMPTY(protected_ranks) //admin ranks loaded from txt
GLOBAL_PROTECT(protected_ranks)
/datum/admin_rank
/// Rank name, key'd to the db
var/name = "NoRank"
/// Rank source, see RANK_SOURCE_TXT and friends
var/source = null
/// Our functional rights, these are what we actually use in game
var/rights = R_DEFAULT
var/exclude_rights = NONE
/// Rights we're allowed to use, pre filtering
var/include_rights = NONE
/// These are the rights of include_rights we aren't allowed to use. Frankly I have no idea why this exists
var/exclude_rights = NONE
/// Rights we're allowed to edit on other folks, impact of this is dependent on R_PERMISSIONS and R_DBRANKS
var/can_edit_rights = NONE
/datum/admin_rank/New(init_name, init_rights, init_exclude_rights, init_edit_rights)
/datum/admin_rank/New(init_name, init_source, init_rights, init_exclude_rights, init_edit_rights)
if(IsAdminAdvancedProcCall())
alert_to_permissions_elevation_attempt(usr)
if (name == "NoRank") //only del if this is a true creation (and not just a New() proc call), other wise trialmins/coders could abuse this to deadmin other admins
@@ -19,6 +26,10 @@ GLOBAL_PROTECT(protected_ranks)
CRASH("Admin proc call creation of admin datum")
return
name = init_name
source = init_source
if(!source)
qdel(src)
CRASH("Admin rank created without a source.")
if(!name)
qdel(src)
CRASH("Admin rank created without name.")
@@ -83,6 +94,8 @@ GLOBAL_PROTECT(protected_ranks)
flag = R_EVENT
if("MENTOR")
flag = R_MENTOR
if("DBRANKS")
flag = R_DBRANKS
if("@")
if(previous_rank)
switch(group_count)
@@ -104,6 +117,19 @@ GLOBAL_PROTECT(protected_ranks)
if(3)
can_edit_rights |= flag
/datum/admin_rank/proc/pretty_print_source()
switch(source)
if(RANK_SOURCE_LOCAL)
return "Localhost"
if(RANK_SOURCE_TXT)
return "admin_ranks.txt"
if(RANK_SOURCE_DB)
return "Database"
if(RANK_SOURCE_BACKUP)
return "Backup JSON"
if(RANK_SOURCE_TEMPORARY)
return "Temporary"
/// Loads admin ranks.
/// Return a list containing the backup data if they were loaded from the database backup json
/proc/load_admin_ranks(dbfail, no_update)
@@ -117,17 +143,17 @@ GLOBAL_PROTECT(protected_ranks)
var/datum/admin_rank/previous_rank
var/regex/admin_ranks_regex = new(@"^Name\s*=\s*(.+?)\s*\n+Include\s*=\s*([\l @]*?)\s*\n+Exclude\s*=\s*([\l @]*?)\s*\n+Edit\s*=\s*([\l @]*?)\s*\n*$", "gm")
while(admin_ranks_regex.Find(ranks_text))
var/datum/admin_rank/R = new(admin_ranks_regex.group[1])
if(!R)
var/datum/admin_rank/txt_rank = new(admin_ranks_regex.group[1], RANK_SOURCE_TXT)
if(QDELETED(txt_rank))
continue
var/count = 1
for(var/i in admin_ranks_regex.group - admin_ranks_regex.group[1])
if(i)
R.process_keyword(i, count, previous_rank)
txt_rank.process_keyword(i, count, previous_rank)
count++
GLOB.admin_ranks += R
GLOB.protected_ranks += R
previous_rank = R
GLOB.admin_ranks += txt_rank
GLOB.protected_ranks += txt_rank
previous_rank = txt_rank
if(!CONFIG_GET(flag/admin_legacy_system) && !dbfail)
if(CONFIG_GET(flag/load_legacy_ranks_only))
if(!no_update)
@@ -146,14 +172,15 @@ GLOBAL_PROTECT(protected_ranks)
if(R.name == rank_name) //this rank was already loaded from txt override
skip = 1
break
if(!skip)
var/rank_flags = text2num(query_load_admin_ranks.item[2])
var/rank_exclude_flags = text2num(query_load_admin_ranks.item[3])
var/rank_can_edit_flags = text2num(query_load_admin_ranks.item[4])
var/datum/admin_rank/R = new(rank_name, rank_flags, rank_exclude_flags, rank_can_edit_flags)
if(!R)
continue
GLOB.admin_ranks += R
if(skip)
continue
var/rank_flags = text2num(query_load_admin_ranks.item[2])
var/rank_exclude_flags = text2num(query_load_admin_ranks.item[3])
var/rank_can_edit_flags = text2num(query_load_admin_ranks.item[4])
var/datum/admin_rank/db_rank = new(rank_name, RANK_SOURCE_DB, rank_flags, rank_exclude_flags, rank_can_edit_flags)
if(QDELETED(db_rank))
continue
GLOB.admin_ranks += db_rank
qdel(query_load_admin_ranks)
//load ranks from backup file
if(dbfail)
@@ -169,10 +196,10 @@ GLOBAL_PROTECT(protected_ranks)
skip = TRUE
if(skip)
continue
var/datum/admin_rank/R = new("[J]", json["ranks"]["[J]"]["include rights"], json["ranks"]["[J]"]["exclude rights"], json["ranks"]["[J]"]["can edit rights"])
if(!R)
var/datum/admin_rank/json_rank = new("[J]", RANK_SOURCE_BACKUP, json["ranks"]["[J]"]["include rights"], json["ranks"]["[J]"]["exclude rights"], json["ranks"]["[J]"]["can edit rights"])
if(QDELETED(json_rank))
continue
GLOB.admin_ranks += R
GLOB.admin_ranks += json_rank
return json
#ifdef TESTING
var/msg = "Permission Sets Built:\n"
File diff suppressed because it is too large Load Diff
+14 -5
View File
@@ -48,19 +48,28 @@
// mentor_commands(href, href_list, src) - Skip because client is already admin & contents handled above
else if(href_list["editrightsbrowser"])
edit_admin_permissions(0)
edit_admin_permissions(PERMISSIONS_PAGE_PERMISSIONS)
else if(href_list["editrightsbrowserlog"])
edit_admin_permissions(1, href_list["editrightstarget"], href_list["editrightsoperation"], href_list["editrightspage"])
else if(href_list["editrightsbrowserranks"])
if(href_list["editrightsaddrank"])
add_rank()
else if(href_list["editrightsremoverank"])
remove_rank(href_list["editrightsremoverank"])
else if(href_list["editrightseditrank"])
change_rank(href_list["editrightseditrank"])
edit_admin_permissions(PERMISSIONS_PAGE_RANKS)
if(href_list["editrightsbrowsermanage"])
else if(href_list["editrightsbrowserlogging"])
edit_admin_permissions(PERMISSIONS_PAGE_LOGGING, href_list["editrightslogtarget"], href_list["editrightslogactor"], href_list["editrightslogoperation"], href_list["editrightslogpage"])
if(href_list["editrightsbrowserhousekeep"])
if(href_list["editrightschange"])
change_admin_rank(ckey(href_list["editrightschange"]), href_list["editrightschange"], TRUE)
else if(href_list["editrightsremove"])
remove_admin(ckey(href_list["editrightsremove"]), href_list["editrightsremove"], TRUE)
else if(href_list["editrightsremoverank"])
remove_rank(href_list["editrightsremoverank"])
edit_admin_permissions(2)
edit_admin_permissions(PERMISSIONS_PAGE_HOUSEKEEPING)
else if(href_list["editrights"])
edit_rights_topic(href_list)
+1 -1
View File
@@ -1,4 +1,4 @@
ADMIN_VERB(secrets, R_HOLDER, "Secrets", "Abuse harder than you ever have before with this handy dandy semi-misc stuff menu.", "Admin.Secrets")
ADMIN_VERB(secrets, R_HOLDER, "Secrets", "Abuse harder than you ever have before with this handy dandy semi-misc stuff menu.", ADMIN_CATEGORY_SECRETS)
var/datum/secrets_menu/tgui = new(user)
tgui.tgui_interact(user.mob)
//BLACKBOX_LOG_ADMIN_VERB("Secrets Panel")