OBS: You'll need to resync/rebuild your database!

- This implements an updated, clearer and more robust access system. The policy is now to lock that which is not explicitly left open. - Permission strings -> Lock strings. Separating permissions and locks makes more sense security-wise - No more permissiongroup table; permissions instead use a simple tuple PERMISSIONS_HIERARCHY to define an access hierarchy - Cleaner lock-definition syntax, all based on function calls. - New objects/players/channels get a default security policy during creation (set through typeclass) As part of rebuilding and testing the new lock/permission system I got into testing and debugging several other systems, fixing some outstanding issues: - @reload now fully updates the database asynchronously. No need to reboot server when changing cmdsets - Dozens of new test suites added for about 30 commands so far - Help for channels made more clever and informative.
2011-03-15 16:08:32 +00:00 · 2011-03-15 16:08:32 +00:00 · 08b3de9e5e
commit 08b3de9e5e
parent c2030c2c0c
49 changed files with 1714 additions and 1877 deletions
--- a/game/gamesrc/commands/basecommand.py
+++ b/game/gamesrc/commands/basecommand.py
@ -10,7 +10,6 @@ See src/commands/default/muxcommand.py for an example.

 from src.commands.command import Command as BaseCommand
 from src.commands.default.muxcommand import MuxCommand as BaseMuxCommand
-from src.permissions import permissions
 from src.utils import utils 

 class MuxCommand(BaseMuxCommand):
@ -41,7 +40,7 @@ class MuxCommand(BaseMuxCommand):
        cmdhandler):
           self.key - the name of this command ('look')
           self.aliases - the aliases of this cmd ('l')
-           self.permissions - permission string for this command
+           self.locks - lock definition for this command, usually cmd:<func>
           self.help_category - overall category of command
           
           self.caller - the object calling this command
@ -105,7 +104,7 @@ class Command(BaseCommand):
    used by Evennia to create the automatic help entry for
    the command, so make sure to document consistently here. 
    """
-    def has_perm(self, srcobj):
+    def access(self, srcobj):
        """
        This is called by the cmdhandler to determine
        if srcobj is allowed to execute this command. This
@ -114,7 +113,7 @@ class Command(BaseCommand):
        By default, We use checks of the 'cmd' type of lock to determine
        if the command should be run. 
        """
-        return permissions.has_perm(srcobj, self, 'cmd')
+        return super(Command, self).access(srcobj)

    def at_pre_cmd(self):
        """