edea3ae8e0
Replaced most instances of Nanotrasen mentions into GATO, though I've kept some that have more sense to be kept as Nanotrasen (like nanotrasen marked stuff and such)
223 lines
6.9 KiB
Plaintext
223 lines
6.9 KiB
Plaintext
GLOBAL_LIST_EMPTY(admin_datums)
|
|
GLOBAL_PROTECT(admin_datums)
|
|
GLOBAL_LIST_EMPTY(protected_admins)
|
|
GLOBAL_PROTECT(protected_admins)
|
|
|
|
GLOBAL_VAR_INIT(href_token, GenerateToken())
|
|
GLOBAL_PROTECT(href_token)
|
|
|
|
/datum/admins
|
|
var/datum/admin_rank/rank
|
|
|
|
var/target
|
|
var/name = "nobody's admin datum (no rank)" //Makes for better runtimes
|
|
var/client/owner = null
|
|
var/fakekey = null
|
|
|
|
var/datum/marked_datum
|
|
|
|
var/spamcooldown = 0
|
|
|
|
var/admincaster_screen = 0 //TODO: remove all these 5 variables, they are completly unacceptable
|
|
var/datum/news/feed_message/admincaster_feed_message = new /datum/news/feed_message
|
|
var/datum/news/wanted_message/admincaster_wanted_message = new /datum/news/wanted_message
|
|
var/datum/news/feed_channel/admincaster_feed_channel = new /datum/news/feed_channel
|
|
var/admin_signature
|
|
|
|
var/href_token
|
|
|
|
var/deadmined
|
|
|
|
var/datum/filter_editor/filteriffic
|
|
|
|
/// A lazylist of tagged datums, for quick reference with the View Tags verb
|
|
var/list/tagged_datums
|
|
|
|
/datum/admins/CanProcCall(procname)
|
|
. = ..()
|
|
if(!check_rights(R_SENSITIVE))
|
|
return FALSE
|
|
|
|
/datum/admins/New(datum/admin_rank/R, ckey, force_active = FALSE, protected)
|
|
if(IsAdminAdvancedProcCall())
|
|
var/msg = " has tried to elevate permissions!"
|
|
message_admins("[key_name_admin(usr)][msg]")
|
|
log_admin("[key_name(usr)][msg]")
|
|
if (!target) //only del if this is a true creation (and not just a New() proc call), other wise trialmins/coders could abuse this to deadmin other admins
|
|
QDEL_IN(src, 0)
|
|
CRASH("Admin proc call creation of admin datum")
|
|
return
|
|
if(!ckey)
|
|
QDEL_IN(src, 0)
|
|
CRASH("Admin datum created without a ckey")
|
|
if(!istype(R))
|
|
QDEL_IN(src, 0)
|
|
CRASH("Admin datum created without a rank")
|
|
target = ckey
|
|
name = "[ckey]'s admin datum ([R])"
|
|
rank = R
|
|
admin_signature = "GATO Officer #[rand(0,9)][rand(0,9)][rand(0,9)]"
|
|
href_token = GenerateToken()
|
|
if(R.rights & R_DEBUG) //grant profile access
|
|
world.SetConfig("APP/admin", ckey, "role=admin")
|
|
//only admins with +ADMIN start admined
|
|
if(protected)
|
|
GLOB.protected_admins[target] = src
|
|
if (force_active || (R.rights & R_AUTOLOGIN))
|
|
activate()
|
|
else
|
|
deactivate()
|
|
|
|
/datum/admins/Destroy()
|
|
if(IsAdminAdvancedProcCall())
|
|
var/msg = " has tried to elevate permissions!"
|
|
message_admins("[key_name_admin(usr)][msg]")
|
|
log_admin("[key_name(usr)][msg]")
|
|
return QDEL_HINT_LETMELIVE
|
|
. = ..()
|
|
|
|
/datum/admins/proc/activate()
|
|
if(IsAdminAdvancedProcCall())
|
|
var/msg = " has tried to elevate permissions!"
|
|
message_admins("[key_name_admin(usr)][msg]")
|
|
log_admin("[key_name(usr)][msg]")
|
|
return
|
|
GLOB.deadmins -= target
|
|
GLOB.admin_datums[target] = src
|
|
deadmined = FALSE
|
|
if (GLOB.directory[target])
|
|
associate(GLOB.directory[target]) //find the client for a ckey if they are connected and associate them with us
|
|
|
|
|
|
/datum/admins/proc/deactivate()
|
|
if(IsAdminAdvancedProcCall())
|
|
var/msg = " has tried to elevate permissions!"
|
|
message_admins("[key_name_admin(usr)][msg]")
|
|
log_admin("[key_name(usr)][msg]")
|
|
return
|
|
GLOB.deadmins[target] = src
|
|
GLOB.admin_datums -= target
|
|
deadmined = TRUE
|
|
var/client/C
|
|
if ((C = owner) || (C = GLOB.directory[target]))
|
|
disassociate()
|
|
add_verb(C, /client/proc/readmin)
|
|
|
|
/datum/admins/proc/associate(client/C)
|
|
if(IsAdminAdvancedProcCall())
|
|
var/msg = " has tried to elevate permissions!"
|
|
message_admins("[key_name_admin(usr)][msg]")
|
|
log_admin("[key_name(usr)][msg]")
|
|
return
|
|
|
|
if(istype(C))
|
|
if(C.ckey != target)
|
|
var/msg = " has attempted to associate with [target]'s admin datum"
|
|
message_admins("[key_name_admin(C)][msg]")
|
|
log_admin("[key_name(C)][msg]")
|
|
return
|
|
if (deadmined)
|
|
activate()
|
|
owner = C
|
|
owner.holder = src
|
|
owner.add_admin_verbs() //TODO <--- todo what? the proc clearly exists and works since its the backbone to our entire admin system
|
|
remove_verb(owner, /client/proc/readmin)
|
|
owner.init_verbs() //re-initialize the verb list
|
|
GLOB.admins |= C
|
|
|
|
/datum/admins/proc/disassociate()
|
|
if(IsAdminAdvancedProcCall())
|
|
var/msg = " has tried to elevate permissions!"
|
|
message_admins("[key_name_admin(usr)][msg]")
|
|
log_admin("[key_name(usr)][msg]")
|
|
return
|
|
if(owner)
|
|
GLOB.admins -= owner
|
|
owner.remove_admin_verbs()
|
|
owner.init_verbs()
|
|
owner.holder = null
|
|
owner = null
|
|
|
|
/datum/admins/proc/check_for_rights(rights_required)
|
|
if(rights_required && !(rights_required & rank.rights))
|
|
return FALSE
|
|
return TRUE
|
|
|
|
|
|
/datum/admins/proc/check_if_greater_rights_than_holder(datum/admins/other)
|
|
if(!other)
|
|
return TRUE //they have no rights
|
|
if(rank.rights == R_EVERYTHING)
|
|
return TRUE //we have all the rights
|
|
if(src == other)
|
|
return TRUE //you always have more rights than yourself
|
|
if(rank.rights != other.rank.rights)
|
|
if( (rank.rights & other.rank.rights) == other.rank.rights )
|
|
return TRUE //we have all the rights they have and more
|
|
return FALSE
|
|
|
|
/datum/admins/vv_edit_var(var_name, var_value)
|
|
if(var_name == NAMEOF(src, fakekey))
|
|
return ..()
|
|
return FALSE //nice try trialmin
|
|
|
|
/*
|
|
checks if usr is an admin with at least ONE of the flags in rights_required. (Note, they don't need all the flags)
|
|
if rights_required == 0, then it simply checks if they are an admin.
|
|
if it doesn't return TRUE and show_msg=1 it will prints a message explaining why the check has failed
|
|
generally it would be used like so:
|
|
|
|
/proc/admin_proc()
|
|
if(!check_rights(R_ADMIN))
|
|
return
|
|
to_chat(world, "you have enough rights!")
|
|
|
|
NOTE: it checks usr! not src! So if you're checking somebody's rank in a proc which they did not call
|
|
you will have to do something like if(client.rights & R_ADMIN) yourself.
|
|
*/
|
|
/proc/check_rights(rights_required, show_msg=1)
|
|
if(usr && usr.client)
|
|
if (check_rights_for(usr.client, rights_required))
|
|
return TRUE
|
|
else
|
|
if(show_msg)
|
|
to_chat(usr, "<font color='red'>Error: You do not have sufficient rights to do that. You require one of the following flags:[rights2text(rights_required," ")].</font>")
|
|
return FALSE
|
|
|
|
//probably a bit iffy - will hopefully figure out a better solution
|
|
/proc/check_if_greater_rights_than(client/other)
|
|
if(usr && usr.client)
|
|
if(usr.client.holder)
|
|
if(!other || !other.holder)
|
|
return TRUE
|
|
return usr.client.holder.check_if_greater_rights_than_holder(other.holder)
|
|
return FALSE
|
|
|
|
//This proc checks whether subject has at least ONE of the rights specified in rights_required.
|
|
/proc/check_rights_for(client/subject, rights_required)
|
|
if(subject && subject.holder)
|
|
return subject.holder.check_for_rights(rights_required)
|
|
return FALSE
|
|
|
|
/proc/GenerateToken()
|
|
. = ""
|
|
for(var/I in 1 to 32)
|
|
. += "[rand(10)]"
|
|
|
|
/proc/RawHrefToken(forceGlobal = FALSE)
|
|
var/tok = GLOB.href_token
|
|
if(!forceGlobal && usr)
|
|
var/client/C = usr.client
|
|
if(!C)
|
|
CRASH("No client for HrefToken()!")
|
|
var/datum/admins/holder = C.holder
|
|
if(holder)
|
|
tok = holder.href_token
|
|
return tok
|
|
|
|
/proc/HrefToken(forceGlobal = FALSE)
|
|
return "admin_token=[RawHrefToken(forceGlobal)]"
|
|
|
|
/proc/HrefTokenFormField(forceGlobal = FALSE)
|
|
return "<input type='hidden' name='admin_token' value='[RawHrefToken(forceGlobal)]'>"
|