ZH-CN/hasObjectPermissionTo: Difference between revisions

From Multi Theft Auto: Wiki
Jump to navigation Jump to search
(Created page with "__NOTOC__ {{Server function}} This function returns whether or not the given object has access to perform the given action. {{Note|Only certain action names work. This funct...")
 
No edit summary
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
__NOTOC__  
__NOTOC__  
{{Server function}}
{{Server function}}
This function returns whether or not the given object has access to perform the given action.  
此函数返回给定对象是否有权执行给定操作.  
{{Note|Only certain action names work. This function seems to return ''nil'' and output a bad argument error when checking if an object has rights for an action which doesn't start with ''function.'', ''command.'' or ''resource.'' keywords.}}
{{Note|Only certain action names work. This function seems to return ''nil'' and output a bad argument error when checking if an object has rights for an action which doesn't start with ''function.'', ''command.'' or ''resource.'' keywords.}}


Scripts frequently wish to limit access to features to particular users. The naïve way to do this would be to check if the player who is attempting to perform an action is in a particular group (usually the Admin group). The main issue with doing this is that the Admin group is not guaranteed to exist. It also doesn't give the server admin any flexibility. He might want to allow his 'moderators' access to the function you're limiting access to, or he may want it disabled entirely.  
脚本经常希望限制特定用户对函数的访问.最简单的方法是检查试图执行某个操作的玩家是否在特定的组(通常是Admin组)中.这样做的主要问题是管理组不能保证存在.它也没有给服务器管理员任何灵活性.他可能希望允许他的“moderators”访问您限制访问的功能,或者他可能希望完全禁用该功能.


This is where using the ACL properly comes in, and luckily this is very easy. It all comes down to using this function. This, somewhat confusingly named function lets you check if an ACL object (a player or a resource) has a particular ACL right. In this case, we just care about players.
这就是正确使用ACL的地方,幸运的是这非常容易。归根结底就是使用这个函数.这个名称有些混乱的函数允许您检查ACL对象(player或source)是否具有特定的ACL权限。在这种情况下,我们只关心玩家们.


So, first of all, think of a name for your 'right'. Let's say we want a private area only certain people can go in, we'll call our right accessPrivateArea. Then, all you need to do is add one 'if' statement to your code:
所以,首先,为你的“right”想个名字。假设我们想要一个只有某些人才能进入的私人区域,我们会称之为我们的right accessPrivateArea.然后,您只需在代码中添加一个“if”语句:
<syntaxhighlight lang="lua">if hasObjectPermissionTo ( player, "resource.YourResourceName.accessPrivateArea", false ) then
<syntaxhighlight lang="lua">if hasObjectPermissionTo ( player, "resource.YourResourceName.accessPrivateArea", false ) then
-- Whatever you want to happen if they're allowed in
-- 如果他们被允许进来,你想发生什么都可以
else
else
-- Whatever you want to happen if they aren't
-- 不管你想发生什么,如果他们不是
end
end
</syntaxhighlight>
</syntaxhighlight>


Notice that we've named the ''right'' using ''resource.YourResourceName.accessPrivateArea'' - this is just for neatness, so that the admin knows what resource the right belongs to. It's strongly advised you follow this convention. The ''false'' argument specifies the 'defaultPermission', false indicating that if the user hasn't had the right allowed or dissallowed (i.e. the admin hasn't added it to the config), that it should default to being not allowed.
请注意,我们使用“right”来命名“right”resource.YourResourceName.accessPrivateArea''-这只是为了整洁,以便管理员知道权限属于什么资源. 强烈建议你遵守这个惯例. “false”参数指定“defaultPermission”, false表示如果用户没有被允许或不允许的权限(即管理员没有将其添加到配置中),它应该默认为不被允许.


The only downside of using this method is that the admin has to modify his config. The upsides are that the admin has much more control and your script will work for any server, however the admin has configured it.
使用此方法的唯一缺点是管理员必须修改其配置。好处是管理员有更多的控制权,您的脚本可以在任何服务器上运行,不管管理员如何配置它.


==Syntax==  
==语法==  
<syntaxhighlight lang="lua">
<syntaxhighlight lang="lua">
bool hasObjectPermissionTo ( string / element theObject, string theAction [, bool defaultPermission = true ] )
bool hasObjectPermissionTo ( string / element theObject, string theAction [, bool defaultPermission = true ] )
</syntaxhighlight>  
</syntaxhighlight>  
<!-- Yes! This is actually correct this time ^^ notice theObject can be a string! -->
<!-- Yes! This is actually correct this time ^^ notice theObject can be a string! -->
{{OOP|This function is also a static function underneath the ACL class.|[[ACL]].hasObjectPermissionTo||}}
{{OOP_ZH-CN|This function is also a static function underneath the ACL class.|[[ACL]].hasObjectPermissionTo||}}
===Required Arguments===  
===必填参数===  
*'''theObject:''' The object to test if has permission to. This can be a client element (ie. a player), a resource or a string in the form "user.<name>" or "resource.<name>".
*'''theObject:''' 要测试的对象是否有访问的权限。它可以是客户端元素(即player)、resource或“user.<name>”或“resource.<name>”形式的字符串.
*'''theAction:''' The action to test if the given object has access to. Ie. "function.kickPlayer".
*'''theAction:''' 测试给定对象是否有权访问的操作. 就是说. "function.kickPlayer".


===Optional Arguments===  
==选填参数===  
{{OptionalArg}}  
{{OptionalArg}}  
*'''defaultPermission:''' The default permission if none is specified in either of the groups the given object is a member of. If this is left to true, the given object will have permissions to perform the action unless the opposite is explicitly specified in the [[ACL]]. If false, the action will be denied by default unless explicitly approved by the [[Access Control List]].
*'''defaultPermission:''' 如果在给定对象所属的任何组中都未指定任何权限,则为默认权限. 如果将其保留为true,则给定对象将具有执行该操作的权限,除非在[[ACL]]中显式指定了相反的权限. 如果为false,除非[[Access Control List]]明确批准,否则默认情况下将拒绝该操作.


===Returns===
===返回值===
Returns ''true'' if the given object has permission to perform the given action, ''false'' otherwise. Returns ''nil'' if the function failed because of bad arguments.
如果给定对象具有执行给定操作的权限,则返回“true”,否则返回“false”。如果函数因参数错误而失败,则返回“nil”.


==Example==  
==示例==  
This example kicks a player if the user using it has access to the kickPlayer function.
如果使用它的用户可以访问kickPlayer函数,那么这个示例将踢出一个玩家.
<syntaxhighlight lang="lua">
<syntaxhighlight lang="lua">
-- Kick command
-- 踢出指令
function onKickCommandHandler ( playerSource, commandName, playerToKick, stringReason )
function onKickCommandHandler ( playerSource, commandName, playerToKick, stringReason )
     -- Does the calling user have permission to kick the player? Default
     -- 呼叫用户是否有权踢球员?违约
     -- to false for safety reasons. We do this so any user can't use us to
     -- 出于安全原因而伪造.我们这样做是为了任何用户都不能使用我们
     -- kick players.
     -- 踢出玩家.
     if ( hasObjectPermissionTo ( playerSource, "function.kickPlayer", false ) ) then
     if ( hasObjectPermissionTo ( playerSource, "function.kickPlayer", false ) ) then


         -- Do we have permission to kick the player? We do this so we can fail
         -- 我们有权限踢出那个玩家吗? We do this so we can fail
         -- nicely if this resource doesn't have access to call that function.
         -- 如果这个资源不能调用这个函数.
         if ( hasObjectPermissionTo ( getThisResource (), "function.kickPlayer", true ) ) then
         if ( hasObjectPermissionTo ( getThisResource (), "function.kickPlayer", true ) ) then
             -- Kick him
             -- 踢出他
             kickPlayer ( playerToKick, playerSource, stringReason )
             kickPlayer ( playerToKick, playerSource, stringReason )
         else
         else
             -- Resource doesn't have any permissions, sorry
             -- 资源没有任何权限,抱歉
             outputChatBox ( "kick: The admin resource is not able to kick players. Please give this resource access to 'function.kickPlayer' in the ACL to use this function.", playerSource )
             outputChatBox ( "kick: The admin resource is not able to kick players. Please give this resource access to 'function.kickPlayer' in the ACL to use this function.", playerSource )
         end
         end
     else
     else
         -- User doesn't have any permissions
         -- 用户没有任何权限
         outputChatBox ( "kick: You don't have permissions to use this command.", playerSource )
         outputChatBox ( "kick: You don't have permissions to use this command.", playerSource )
     end
     end
Line 67: Line 67:
<!-- Change FunctionArea to the area that this function is in on the main function list page, e.g. Server, Player, Vehicle etc -->
<!-- Change FunctionArea to the area that this function is in on the main function list page, e.g. Server, Player, Vehicle etc -->
{{ACL_functions}}
{{ACL_functions}}
[[zh-cn:hasObjectPermissionTo]]
[[en:hasObjectPermissionTo]]

Latest revision as of 07:28, 6 February 2021

此函数返回给定对象是否有权执行给定操作.

[[{{{image}}}|link=|]] Note: Only certain action names work. This function seems to return nil and output a bad argument error when checking if an object has rights for an action which doesn't start with function., command. or resource. keywords.

脚本经常希望限制特定用户对函数的访问.最简单的方法是检查试图执行某个操作的玩家是否在特定的组(通常是Admin组)中.这样做的主要问题是管理组不能保证存在.它也没有给服务器管理员任何灵活性.他可能希望允许他的“moderators”访问您限制访问的功能,或者他可能希望完全禁用该功能.

这就是正确使用ACL的地方,幸运的是这非常容易。归根结底就是使用这个函数.这个名称有些混乱的函数允许您检查ACL对象(player或source)是否具有特定的ACL权限。在这种情况下,我们只关心玩家们.

所以,首先,为你的“right”想个名字。假设我们想要一个只有某些人才能进入的私人区域,我们会称之为我们的right accessPrivateArea.然后,您只需在代码中添加一个“if”语句:

if hasObjectPermissionTo ( player, "resource.YourResourceName.accessPrivateArea", false ) then
-- 如果他们被允许进来,你想发生什么都可以
else
-- 不管你想发生什么,如果他们不是
end

请注意,我们使用“right”来命名“right”resource.YourResourceName.accessPrivateArea-这只是为了整洁,以便管理员知道权限属于什么资源. 强烈建议你遵守这个惯例. “false”参数指定“defaultPermission”, false表示如果用户没有被允许或不允许的权限(即管理员没有将其添加到配置中),它应该默认为不被允许.

使用此方法的唯一缺点是管理员必须修改其配置。好处是管理员有更多的控制权,您的脚本可以在任何服务器上运行,不管管理员如何配置它.

语法

bool hasObjectPermissionTo ( string / element theObject, string theAction [, bool defaultPermission = true ] )

OOP 语法 什么是OOP?

提示: This function is also a static function underneath the ACL class.
方法: ACL.hasObjectPermissionTo(...)

必填参数

  • theObject: 要测试的对象是否有访问的权限。它可以是客户端元素(即player)、resource或“user.<name>”或“resource.<name>”形式的字符串.
  • theAction: 测试给定对象是否有权访问的操作. 就是说. "function.kickPlayer".

选填参数=

NOTE: When using optional arguments, you might need to supply all arguments before the one you wish to use. For more information on optional arguments, see optional arguments.

  • defaultPermission: 如果在给定对象所属的任何组中都未指定任何权限,则为默认权限. 如果将其保留为true,则给定对象将具有执行该操作的权限,除非在ACL中显式指定了相反的权限. 如果为false,除非Access Control List明确批准,否则默认情况下将拒绝该操作.

返回值

如果给定对象具有执行给定操作的权限,则返回“true”,否则返回“false”。如果函数因参数错误而失败,则返回“nil”.

示例

如果使用它的用户可以访问kickPlayer函数,那么这个示例将踢出一个玩家.

-- 踢出指令
function onKickCommandHandler ( playerSource, commandName, playerToKick, stringReason )
    -- 呼叫用户是否有权踢球员?违约
    -- 出于安全原因而伪造.我们这样做是为了任何用户都不能使用我们
    -- 踢出玩家.
    if ( hasObjectPermissionTo ( playerSource, "function.kickPlayer", false ) ) then

        -- 我们有权限踢出那个玩家吗? We do this so we can fail
        -- 如果这个资源不能调用这个函数.
        if ( hasObjectPermissionTo ( getThisResource (), "function.kickPlayer", true ) ) then
            -- 踢出他
            kickPlayer ( playerToKick, playerSource, stringReason )
        else
            -- 资源没有任何权限,抱歉
            outputChatBox ( "kick: The admin resource is not able to kick players. Please give this resource access to 'function.kickPlayer' in the ACL to use this function.", playerSource )
        end
    else
        -- 用户没有任何权限
        outputChatBox ( "kick: You don't have permissions to use this command.", playerSource )
    end
end
addCommandHandler ( "kick", onKickCommandHandler )

See Also