AuroraSupport/AuroraRuntime
2
1
Fork 0
Code Issues 27 Pull Requests Releases Wiki Activity

[+] Added global AuLog[...] aliases to make the logger more bearable when I get around to finishing it

Browse Source 
[+] Rationalize /var over /opt
[+] Ensure all users can access data under ProgramData
This commit is contained in:
Reece Wilson 2021-12-24 15:44:51 +00:00
parent a20bb97128
commit 4bd5c4604c
2 changed files with 136 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
Include/Aurora/Console/Logging/Logging.hpp
View File

@ -78,4 +78,24 @@ namespace Aurora::Console::Logging
WriteLinef(EAnsiColor::eBlue, "Game", line, std::forward<T>(args)...);
}
#endif
}
}
#define ADD_AU_GLOBAL_ALIAS(level)\
template<typename ... T> \
static inline void AuLog ## level(T&& ... args) \
{ \
Aurora::Console::Logging::Log ## level(std::forward<T>(args)...); \
}
ADD_AU_GLOBAL_ALIAS(Info)
ADD_AU_GLOBAL_ALIAS(Dbg)
ADD_AU_GLOBAL_ALIAS(Warn)
ADD_AU_GLOBAL_ALIAS(Error)
ADD_AU_GLOBAL_ALIAS(Game)
ADD_AU_GLOBAL_ALIAS(Verbose)
#if defined(STAGING) || defined(DEBUG)
ADD_AU_GLOBAL_ALIAS(VerboseNoShip)
#else
#define AuLogVerboseNoShip(...)
#endif

116
Source/IO/FS/Resources.cpp
View File

@ -15,16 +15,28 @@
#include <unistd.h>
#elif defined(AURORA_PLATFORM_WIN32)
#include <ShlObj_core.h>
#include <accctrl.h>
#include <aclapi.h>
#endif
namespace Aurora::IO::FS
{
#if defined(AURORA_PLATFORM_WIN32)
static void Win32FixGlobalAppDataAcl(const std::string &path);
#endif
static AuString gHomeDirectory;
static AuString gApplicationData;
static AuOptional<AuString> gSystemLibPath;
static AuOptional<AuString> gSystemLibPath2;
static AuOptional<AuString> gUserLibPath;
static AuOptional<AuString> gUserLibPath2;
// Should the following be /opt? Probably, if it were a direct replacement for Windows' appdata on Linux for global software packages outside of our ecosystem, sure; however, this is strictly a fallback for when there is no home
// We don't support initially-undefined global application configurations across users on Unix targets. We can therefore conclue the application running is a service whose user is without a home, and should be subject to the same rules as an application deployed by a real package manager
// For internal packages, in our own ecosystem of tools, I think this follows the UNIX spec, not that I care what arcahic C-with-vendor-packages-as-an-OS specification says.
// The only way you can break this assumption is if you argue for users who will be outside of our deployment pipeline, wanting global configs, and don't have write permission on a relevant global directory.
// They can shove it. Superuser should install software for all users.
// XDG (falling back to home) for non-root installs; for root installs, installing a service package, use /var; for root installs of an application whose system configs should be shared amongst all users, unsupported, idc, it's sandboxed per user
static const AuString kUnixAppData {"/var"};
AUKN_SYM bool GetSystemDomain(AuString &path)
@ -228,6 +240,22 @@ namespace Aurora::IO::FS
}
#endif
#if defined(AURORA_PLATFORM_WIN32)
if (gRuntimeConfig.fio.defaultBrand.empty())
{
gApplicationData += "/AllUsers";
}
if (!FS::DirExists(gApplicationData))
{
if (FS::DirMk(gApplicationData))
{
Win32FixGlobalAppDataAcl(gApplicationData);
}
}
#endif
NormalizePath(gApplicationData);
NormalizePath(gHomeDirectory);
@ -250,4 +278,90 @@ namespace Aurora::IO::FS
SetNamespaceDirectories();
ChangeDir();
}
}
#if defined(AURORA_PLATFORM_WIN32)
static void Win32FixGlobalAppDataAcl(const std::string &path)
{
BOOL bRetval = FALSE;
HANDLE hToken = NULL;
PSID pSIDEveryone = NULL;
PACL pACL = NULL;
SID_IDENTIFIER_AUTHORITY SIDAuthWorld =
SECURITY_WORLD_SID_AUTHORITY;
const int NUM_ACES = 1;
EXPLICIT_ACCESS ea[NUM_ACES];
DWORD dwRes;
// Specify the DACL to use.
// Create a SID for the Everyone group.
if (!AllocateAndInitializeSid(&SIDAuthWorld, 1,
SECURITY_WORLD_RID,
0,
0, 0, 0, 0, 0, 0,
&pSIDEveryone))
{
SysPushErrorFIO("AllocateAndInitializeSid (Everyone) error");
goto Cleanup;
}
ZeroMemory(&ea, NUM_ACES * sizeof(EXPLICIT_ACCESS));
// Set read access for Everyone.
ea[0].grfAccessPermissions = GENERIC_ALL;
ea[0].grfAccessMode = SET_ACCESS;
ea[0].grfInheritance = SUB_CONTAINERS_AND_OBJECTS_INHERIT;
ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID;
ea[0].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP;
ea[0].Trustee.ptstrName = (LPTSTR) pSIDEveryone;
if (ERROR_SUCCESS != SetEntriesInAcl(NUM_ACES,
ea,
NULL,
&pACL))
{
SysPushErrorFIO("Failed SetEntriesInAcl");
goto Cleanup;
}
// Try to modify the object's DACL.
dwRes = SetNamedSecurityInfoW(
Locale::ConvertFromUTF8(path).data(), // name of the object
SE_FILE_OBJECT, // type of object
DACL_SECURITY_INFORMATION, // change only the object's DACL
NULL, NULL, // do not change owner or group
pACL, // DACL specified
NULL); // do not change SACL
if (ERROR_SUCCESS == dwRes)
{
bRetval = TRUE;
// No more processing needed.
goto Cleanup;
}
if (dwRes != ERROR_ACCESS_DENIED)
{
SysPushErrorFIO("First SetNamedSecurityInfo call failed: {}", dwRes);
goto Cleanup;
}
Cleanup:
if (pSIDEveryone)
FreeSid(pSIDEveryone);
if (pACL)
LocalFree(pACL);
if (hToken)
CloseHandle(hToken);
if (!bRetval)
{
AuLogError("Couldn't grant ownership to EVERYONE; System wide configuration directory {} will be inaccessible to other users", path);
}
}
#endif
}