@function/restrict #661
Comments
|
Comment #1 originally posted by brazilofmux on 2011-04-08T17:02:16.000Z: You should be able to switch on orflags(%@,W) - pretty sure %@ works the same in MUX as in Penn. |
|
Comment #2 originally posted by brazilofmux on 2011-04-08T18:03:02.000Z: I didn't know about %@, thanks very much. There's still a snag though - in MUX the calling object is not set WIZ it's set INHERIT. Obviously you don't just want to lock on the "inherit" flag because a mortal could put that on something just as easily :) Do you know if there's a way to figure out if something has inherited wizard permissions? I've never needed it - I work almost exclusively on Penn where wizard things are just set wizard :) |
|
Comment #3 originally posted by brazilofmux on 2011-04-09T14:39:13.000Z: Suggested solution was to use a function to check for either the wizard flag or inherit + a wizard owner. But I still think having @function/restrict would be a better all-around solution: FUN_ISWIZARD Functions=cand(not(hasflag(%0,quell)),cor(hasflag(%0,wizard),cand(hasflag(%0,inherit),hasflag(owner(%0),wizard)))) FUN_PROTECTEDFUN Funtions=switch(iswizard(@0),0,#-1 RESTRICTED,Execute normally) |
|
Comment #4 originally posted by brazilofmux on 2011-04-09T15:53:25.000Z: I don't mind adding /restrict, but the when is still a question. |
|
Comment #5 originally posted by brazilofmux on 2011-04-09T17:12:58.000Z: No hurry since there's a workaround. Thanks. |
|
From the #1 user, I think you can use @admin function_access=protectedfun wizard function_access I believe works on @functions as well as hardcoded functions. |
Original issue 659 created by brazilofmux on 2011-04-05T14:23:39.000Z:
Version of the codebase you are currently using:
MUX 2.10.0.5 # 1 [ALPHA]
Description of the feature:
Consider something equivalent to the PennMUSH "restrict" option for a global @function. It basically runs like a privileged function when called by a wizard or by other privileged softcode, but cannot be invoked directly by a mortal.
Example, imagine a friends(<player>) function provided by the Friends module and used by the +Mail module. Consider these three scenarios:
A) Wizard executes: think friends(_Faraday) --> works
B) Mortal executes +mail command, +mail executes friends(_Faraday) --> works
C) Mortal executes: think friends(*Faraday) --> permission denied
Note: Using a switch() statement to lock the function to orflags(%#,W) does not work because the enactor in both cases B & C is the mortal. This would make case B fail.
References to similar features in other codebases/applications (if any):
PennMUSH @function/restrict <function>=admin
The text was updated successfully, but these errors were encountered: