55 lines
2.3 KiB
Plaintext
55 lines
2.3 KiB
Plaintext
require "lib/metaprogramming.nom"
|
|
require "lib/control_flow.nom"
|
|
require "lib/operators.nom"
|
|
require "lib/collections.nom"
|
|
|
|
# Permission functions
|
|
rule [standardize rules %rules] =:
|
|
if ((type of %rules) == "string"): %rules = [%rules]
|
|
%stubs = (nomsu "get_stubs" [%rules])
|
|
%result = []
|
|
for %stub in %stubs:
|
|
%def = ((nomsu's "defs")->%stub)
|
|
if %def:
|
|
%aliases = (%def's "aliases")
|
|
for all %aliases: add % to %result
|
|
..else: add %def to %result
|
|
unique %result
|
|
|
|
rule [restrict %rules to within %elite_rules] =:
|
|
%rules = (standardize rules %rules)
|
|
%elite_rules = (standardize rules %elite_rules)
|
|
for all (flatten [%elite_rules, %rules]):
|
|
assert ((nomsu's "defs") has key %) "Undefined function: \(%)"
|
|
for %rule in %rules:
|
|
assert (nomsu "check_permission" [%]) ".."
|
|
|You do not have permission to restrict permissions for function: \(%)
|
|
((nomsu) ->* ["defs",%rule,"whiteset"]) = (..)
|
|
dict ([%, yes] for all %elite_rules)
|
|
|
|
rule [allow %elite_rules to use %rules] =:
|
|
%rules = (standardize rules %rules)
|
|
%elite_rules = (standardize rules %elite_rules)
|
|
for all (flatten [%elite_rules, %rules]):
|
|
assert ((nomsu's "defs") has key %) "Undefined function: \(%)"
|
|
for %rule in %rules:
|
|
assert (nomsu "check_permission" [%rule]) ".."
|
|
|You do not have permission to grant permissions for function: \(%rule)
|
|
%whiteset = ((nomsu) ->* ["defs",%rule,"whiteset"])
|
|
if (not %whiteset): go to next %rule
|
|
for all %elite_rules: %whiteset -> % = (yes)
|
|
|
|
rule [forbid %pleb_rules to use %rules] =:
|
|
%rules = (standardize rules %rules)
|
|
%pleb_rules = (standardize rules %pleb_rules)
|
|
for all (flatten [%pleb_rules, %used]):
|
|
assert ((nomsu's "defs") has key %) "Undefined function: \(%)"
|
|
for all %rules:
|
|
assert (nomsu "check_permission" [%]) ".."
|
|
|You do not have permission to grant permissions for function: \(%)
|
|
%whiteset = ((nomsu) ->* ["defs",%,"whiteset"])
|
|
assert %whiteset ".."
|
|
|Cannot individually restrict permissions for \(%) because it is currently
|
|
|available to everyone. Perhaps you meant to use "restrict % to within %" instead?
|
|
for all %pleb_rules: %whiteset's % = (nil)
|