1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
|
-- lib/lace/builtin.lua
--
-- Lua Access Control Engine -- Builtin commands for Lace
--
-- Copyright 2012 Daniel Silverstone <dsilvers@digital-scurf.org>
--
-- For Licence terms, see COPYING
--
local builtin = {}
local engine = require "lace.engine"
local function compiler()
return require "lace.compiler"
end
local function run_conditions(exec_context, cond)
for i = 1, #cond do
local name = cond[i]
local invert = false
if name:sub(1,1) == "!" then
invert = true
name = name:sub(2)
end
local res, msg = engine.test(exec_context, name)
if res == nil then
return nil, msg
end
if invert then
res = not res
end
if not res then
-- condition failed
return false
end
end
-- conditions passed
return true
end
--[ Allow and Deny ]------------------------------------------------
local unconditional_result, last_result
local function get_set_last_unconditional_result(newv)
local ret = unconditional_result
unconditional_result = newv
return ret
end
local function get_set_last_result(newv)
local ret = last_result
last_result = newv
return ret
end
local function _do_return(exec_context, result, reason, cond)
local pass, msg = run_conditions(exec_context, cond)
if pass == nil then
-- Pass errors
return nil, msg
elseif pass == false then
-- Conditions failed, return true to continue execution
return true
end
return result, reason
end
local function _return(compcontext, result, reason, ...)
if result ~= "allow" and result ~= "deny" then
return compiler().error("Unknown result: " .. result, {1})
end
if type(reason) ~= "string" then
return compiler().error("Expected reason, got nothing")
end
local cond = {...}
if #cond == 0 then
unconditional_result = result
end
last_result = result
return {
fn = _do_return,
args = { result, reason, cond }
}
end
builtin.allow = _return
builtin.deny = _return
--[ Default for Allow and Deny ]------------------------------------
function builtin.default(compcontext, def, result, reason, unwanted)
assert(def == "default", "Somehow, builtin.default got something odd")
if type(result) ~= "string" then
return compiler().error("Expected result, got nothing")
end
if result ~= "allow" and result ~= "deny" then
return compiler().error("Result wasn't allow or deny", {2})
end
if type(reason) ~= "string" then
reason = "Default behaviour"
end
if unwanted ~= nil then
return compiler().error("Unexpected additional content", {4})
end
if compcontext[".lace"].default then
return compiler().error("Cannot change the default")
end
local uncond, last = unconditional_result, last_result
compcontext[".lace"].default = _return(compcontext, result, reason)
unconditional_result, last_result = uncond, last
return {
fn = function() return true end,
args = {}
}
end
--[ Definitions ]----------------------------------------------------
local function _controlfn(ctx, name)
local ctt = ctx[".lace"].controltype or {}
return ctt[name]
end
function builtin.define(compcontext, define, name, controltype, ...)
if type(name) ~= "string" then
return compiler().error("Expected name, got nothing")
end
if name == "" or name:sub(1,1) == "!" then
return compiler().error("Bad name for definition", {2})
end
if type(controltype) ~= "string" then
return compiler().error("Expected control type, got nothing")
end
local controlfn = _controlfn(compcontext, controltype)
if not controlfn then
return compiler().error("Unknown control type", {3})
end
local ctrltab, msg = controlfn(compcontext, controltype, ...)
if type(ctrltab) ~= "table" then
-- offset all the words in the error by 2 (for define and name)
if msg.words then
for i = 1, #msg.words do
msg.words[i] = msg.words[i] + 2
end
end
return false, msg
end
-- Successfully created a control table, return a rule for it
return {
fn = engine.define,
args = { name, ctrltab }
}
end
builtin.def = builtin.define
--[ Inclusion of rulesets ]-------------------------------------------
local function _do_include(exec_context, ruleset, conds)
local pass, msg = run_conditions(exec_context, conds)
if pass == nil then
-- Pass errors
return nil, msg
elseif pass == false then
-- Conditions failed, return true to continue execution
return true
end
-- Essentially we run the ruleset and return its values
local result, msg = engine.internal_run(ruleset, exec_context)
if result == "" then
return true
end
return result, msg
end
function builtin.include(comp_context, cmd, file, ...)
local safe_if_not_present = cmd:sub(-1) == "?"
local conds = {...}
if type(file) ~= "string" then
return compiler().error("No file named for inclusion")
end
local loader = compiler().internal_loader(comp_context)
local real, content = loader(comp_context, file)
if not real then
-- Could not find the file
if safe_if_not_present then
-- Include file was not present, just return an empty command
return {
fn = function() return true end,
args = {}
}
end
-- Otherwise, propagate the error
return real, content
end
-- Okay, the file is present, let's parse it.
local ruleset, msg = compiler().internal_compile(comp_context, real, content, true)
if type(ruleset) ~= "table" then
return compiler().error(msg)
end
-- Okay, we parsed, so build the runtime
return {
fn = _do_include,
args = { ruleset, conds }
}
end
return {
commands = builtin,
get_set_last_unconditional_result = get_set_last_unconditional_result,
get_set_last_result = get_set_last_result,
}
|
