Added new jsp command so non-ops can safely running javascript functions approved by operators
This commit is contained in:
walterhiggins
parent
03e9f1f101
commit
2e121ccbd5
3 changed files with 87 additions and 15 deletions
|
|
@ -5,5 +5,23 @@ commands:
|
||||||
js:
|
js:
|
||||||
description: Evaluate javascript.
|
description: Evaluate javascript.
|
||||||
usage: /<command> Javascript code
|
usage: /<command> Javascript code
|
||||||
permission: ScriptCraftPlugin.evaluate
|
permission: scriptcraft.evaluate
|
||||||
permission-message: You don't have <permission> permission. This permission is only available to operators.
|
permission-message: You don't have <permission> permission.
|
||||||
|
jsp:
|
||||||
|
description: run a javascript plugin command.
|
||||||
|
usage: /<command> command-name command-parameters
|
||||||
|
permission: scriptcraft.proxy
|
||||||
|
permission-message: You don't have <permission> permission.
|
||||||
|
|
||||||
|
permissions:
|
||||||
|
scriptcraft.*:
|
||||||
|
description: Gives access to all scriptcraft comands
|
||||||
|
children:
|
||||||
|
scriptcraft.evaluate: true
|
||||||
|
scriptcraft.proxy: true
|
||||||
|
scriptcraft.evaluate:
|
||||||
|
description: Allows you to evaluate javascript code
|
||||||
|
default: op
|
||||||
|
scriptcraft.proxy:
|
||||||
|
description: Allows you to run a javascript command blessed by the operator
|
||||||
|
default: true
|
||||||
|
|
|
||||||
|
|
@ -115,31 +115,37 @@ public class ScriptCraftPlugin extends JavaPlugin
|
||||||
|
|
||||||
public boolean onCommand(CommandSender sender, Command cmd, String label, String[] args)
|
public boolean onCommand(CommandSender sender, Command cmd, String label, String[] args)
|
||||||
{
|
{
|
||||||
if(cmd.getName().equalsIgnoreCase("js"))
|
boolean result = false;
|
||||||
{
|
String javascriptCode = "";
|
||||||
this.engine.put("__self",sender);
|
|
||||||
String javascriptCode = "";
|
if(cmd.getName().equalsIgnoreCase("js")){
|
||||||
for (int i = 0;i < args.length; i++){
|
for (int i = 0;i < args.length; i++){
|
||||||
javascriptCode = javascriptCode + args[i] + " ";
|
javascriptCode = javascriptCode + args[i] + " ";
|
||||||
}
|
}
|
||||||
|
result = true;
|
||||||
|
} else if (cmd.getName().equalsIgnoreCase("jsp")){
|
||||||
|
javascriptCode = "command.invoke()";
|
||||||
|
this.engine.put("__cmdArgs",args);
|
||||||
|
result = true;
|
||||||
|
}
|
||||||
|
if (result){
|
||||||
|
this.engine.put("__self",sender);
|
||||||
try{
|
try{
|
||||||
Object result = this.engine.eval(javascriptCode);
|
Object resultObj = this.engine.eval(javascriptCode);
|
||||||
if (result != null){
|
if (resultObj != null){
|
||||||
if (result instanceof java.util.Collection){
|
if (resultObj instanceof java.util.Collection){
|
||||||
java.util.Collection collection = (java.util.Collection)result;
|
java.util.Collection collection = (java.util.Collection)resultObj;
|
||||||
sender.sendMessage(Arrays.toString(collection.toArray()));
|
sender.sendMessage(Arrays.toString(collection.toArray()));
|
||||||
}else{
|
}else{
|
||||||
sender.sendMessage(result.toString());
|
sender.sendMessage(resultObj.toString());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return true;
|
|
||||||
}catch (Exception e){
|
}catch (Exception e){
|
||||||
sender.sendMessage(e.getMessage());
|
sender.sendMessage(e.getMessage());
|
||||||
e.printStackTrace();
|
e.printStackTrace();
|
||||||
}
|
}
|
||||||
return true;
|
|
||||||
}
|
}
|
||||||
return false;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
48
js-plugins/core/cmd.js
Normal file
48
js-plugins/core/cmd.js
Normal file
|
|
@ -0,0 +1,48 @@
|
||||||
|
var rootDir = __folder;
|
||||||
|
/*
|
||||||
|
This module is responsible for managing commands which can be used by non-operator.
|
||||||
|
Since by default the /js command is op-only , there needs to be a way to expose javascript
|
||||||
|
functions/plugins to non-ops in a safe controlled way.
|
||||||
|
|
||||||
|
This is where the 'command' module comes in. It allows javascript plugin authors to expose
|
||||||
|
javascript functions for use by non-operators. For example, ordinarily, non-ops don't have
|
||||||
|
permission to use the `/time set 0` command but this functionality can be exposed like this.
|
||||||
|
|
||||||
|
1. Operator / plugin-author creates a javascript function called 'day'
|
||||||
|
|
||||||
|
var time_set = function(params){ __plugin.server.worlds.get(0).time = params[0]; };
|
||||||
|
command.register('time_set');
|
||||||
|
|
||||||
|
2. The non-operator can now change the time to day...
|
||||||
|
/jsp time_set 0
|
||||||
|
|
||||||
|
TODO: Figure out how to persist the 'command' module's configuration so it can be saved/restored
|
||||||
|
on server shutdown/startup. THis should be done in a generic way so other modules can use it.
|
||||||
|
|
||||||
|
*/
|
||||||
|
var command = command || {
|
||||||
|
|
||||||
|
register: function(/* String */ namedFunction){
|
||||||
|
//
|
||||||
|
// namedFunction must be in the global namespace for this to work
|
||||||
|
// JSON cannot persist functions.
|
||||||
|
//
|
||||||
|
if (typeof namedFunction !== "string")
|
||||||
|
throw new Error("Usage: command.register(/* String */ namedFunction)");
|
||||||
|
|
||||||
|
command.data[namedFunction] = true;
|
||||||
|
},
|
||||||
|
invoke: function(){
|
||||||
|
if (__cmdArgs.length === 0)
|
||||||
|
throw new Error("Usage: jsp command-name command-parameters");
|
||||||
|
var cmdName = __cmdArgs[0];
|
||||||
|
if (typeof command.data[cmdName] === "undefined")
|
||||||
|
throw new Error("Command '" + cmdName + "' does not exist.");
|
||||||
|
var params = [];
|
||||||
|
for (var i =1; i < __cmdArgs.length;i++){
|
||||||
|
params.push("" + __cmdArgs[i]);
|
||||||
|
}
|
||||||
|
global[cmdName](params);
|
||||||
|
},
|
||||||
|
data: {},
|
||||||
|
};
|
||||||
Reference in a new issue