DAK Server Admin Mod

17810121327

Comments

  • TechnIckSTechnIckS Join Date: 2007-01-14 Member: 59616Members
    I'm already working on this lol. I'm hoping to have the php/mysql code ready by the end of the weekend. now let's hope xdragon can do the lua part :p
  • xDragonxDragon Join Date: 2012-04-04 Member: 149948Members, NS2 Playtester, Squad Five Gold, NS2 Map Tester, Reinforced - Shadow
    Adding bans read from a site similar to the admin list would be very easy, changing bans to be handled via a website however could be more problematic, mainly from a security standpoint also. I would suggest adding a 'key' that would need to be passed along with the ban information, to reduce the possibility of abuse.

    Overall it wouldnt take me long to add that kind of input.
  • TechnIckSTechnIckS Join Date: 2007-01-14 Member: 59616Members
    xDragon, i can easily implement a key, just add it as a variable in the settings in the DAK Admin Mod that can be set. The php script would check this key to make sure the request is legit and coming from the server. However, this is optional since the location of the script doesn't have to be made public and can be set to sdfjkhasdflk.php or something along that line, or in a hidden folder somewhere.

    I'm also planning on adding (in parallel, not required for operation) a feature that works together with my other mod that links admins to the forum (http://www.unknownworlds.com/ns2/forums/index.php?showtopic=125513). This can provide a web interface to submit bans based on player's forum permissions (i.e. if he belongs to the admin group, etc.) so bans can be submitted offline as well, not necessarily only from in-game.

    If anyone wants to suggest anything else, let me know, i'd be glad to add it in.
  • ZEROibisZEROibis Join Date: 2009-10-30 Member: 69176Members, Constellation
    I do know that we will want to record the reason for the ban and the admin who created the ban. This will also allow admin levels to look at unbans where as admins can only unban bans that they made or bans of an admin of lower levels.

    Yes the key is really the only way to be safe however you will still want to parse the inputs to prevent any sql injection.
  • TechnIckSTechnIckS Join Date: 2007-01-14 Member: 59616Members
    oh absolutely, I never allow queries to be parsed, all variables are filtered.

    I'll make it look at admin levels as well, that's a great idea!
  • minomino Join Date: 2005-02-24 Member: 42334Members, Constellation, Reinforced - Shadow, WC 2013 - Shadow
    edited December 2012
    Hi Guys,

    can anybody please post a valid format of ServerAdmin Web Response?

    This is the complete user.html i have:
    <!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1--><div id="username"> mino </div> <div id="steamid"> 3190900 </div> <div id="group"> admin_group </div>
    <!--c2--></div><!--ec2-->

    Is there any html boilerplate required like BODY or HTML tags arround it? The server checks that file but admin to this steam id will not be granted. I couldnt find any log file about DAKs mod or any NS2 related stuff, is there any?
  • xDragonxDragon Join Date: 2012-04-04 Member: 149948Members, NS2 Playtester, Squad Five Gold, NS2 Map Tester, Reinforced - Shadow
    it does look for the <body> tag to determine where to start looking for the corresponding data.
  • despairdespair Join Date: 2012-11-01 Member: 165746Members
    For the "pregame" command under the "MapVote' function, can you make it so that the server says "Pregame enabled for X seconds"?

    As of now there is no warning that it is a pregame. People will get confused when the round resets.
  • ZekZek Join Date: 2002-11-10 Member: 7962Members, NS1 Playtester, Constellation, Reinforced - Shadow
    Hey Dragon, would it be possible for you to add a simple plugin that prevents the game from starting until both teams have someone sitting in the CC/Hive(with a periodic text alert of that fact)? I know that would be a huge quality of life improvement for our server at least.
  • TechnIckSTechnIckS Join Date: 2007-01-14 Member: 59616Members
    <!--quoteo(post=2052640:date=Dec 29 2012, 03:23 AM:name=mino)--><div class='quotetop'>QUOTE (mino @ Dec 29 2012, 03:23 AM) <a href="index.php?act=findpost&pid=2052640"><{POST_SNAPBACK}></a></div><div class='quotemain'><!--quotec-->Hi Guys,

    can anybody please post a valid format of ServerAdmin Web Response?

    This is the complete user.html i have:
    <!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1--><div id="username"> mino </div> <div id="steamid"> 3190900 </div> <div id="group"> admin_group </div>
    <!--c2--></div><!--ec2-->

    Is there any html boilerplate required like BODY or HTML tags arround it? The server checks that file but admin to this steam id will not be granted. I couldnt find any log file about DAKs mod or any NS2 related stuff, is there any?<!--QuoteEnd--></div><!--QuoteEEnd-->


    Take a look of how my forum to server php script generates the file. This is the requirement (view source): <a href="http://www.nationalgaming.org/management/admins.php" target="_blank">http://www.nationalgaming.org/management/admins.php</a>
    Script is located here if you are interested to see how it's being generated. Feel free to use the code as you wish :P <a href="http://www.unknownworlds.com/ns2/forums/index.php?showtopic=125513" target="_blank">http://www.unknownworlds.com/ns2/forums/in...howtopic=125513</a>
  • TechnIckSTechnIckS Join Date: 2007-01-14 Member: 59616Members
    edited December 2012
    xDragon,
    I want to make it use player badges, but it requires using MULTIPLE GROUPS in the admins file.
    I want to define them like this:

    <!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1--><div id="username"> User </div> <div id="steamid"> 999999 </div> <div id="group"> group1 group2 </div>
    <!--c2--></div><!--ec2-->

    basically it gives two groups in the group div, with a space in between. Optionally, i can add a delimiter between the two groups, such as a simple comma, or a | or / or whatever you want me to add as a separator as needed.

    xDragon, take a look here to see what it needs to look like when translated:

    <a href="http://i.imgur.com/ROrC8.png" target="_blank">http://i.imgur.com/ROrC8.png</a>

    Basically its the part 2, add user to group, we must make sure that the admin groups are both listed, like "groups": [ "group1", "group2" ], however, the group 2 variable must NOT be mandatory, as some people don't use the badges mod.
  • TechnIckSTechnIckS Join Date: 2007-01-14 Member: 59616Members
    edited December 2012
    i just finished the setup portion of the bans script. It generates a table inside a database that already exists, and it adds the following information:

    ns2id of banned person
    ns2id of person sending the ban
    time of ban
    reason
    length of ban


    If you are using my existing script, it lets you assign what admins are able to ban (based on rank) or if you don't use my forum-server script it also adds a 2nd table with admins that are allowed to add bans, name and a few other things.

    Finally, last table defines admin ranks, capabilities and permissions.

    Some of the functions are already done:
    Displaying admins
    Adding admins
    Removing admins
    Editing admins
    viewing bans
    adding manual bans
    removing bans (if permitted to do so based on rank)
    removing bans using the server (this will be another link that xDragon can call when using sv_unban **args** - it returns literally the word TRUE - all capital letters - if ban has been successful, FALSE if it has not)

    Turns out it's significantly more coding than expected, so bare with me a few more days until it's done :)

    I also added a $key variable that will have to be defined in DAK Admin Mod in order for the server to authenticate with the php script. This should prevent unauthorised use of the system.
  • TechnIckSTechnIckS Join Date: 2007-01-14 Member: 59616Members
    edited January 2013
    Allright, so i came up with more ideas, and put them in the table structure.
    For example, i created a users table where the admins can be created, i added a rank, username and permissions (add/remove/edit/approve).
    I also made an optional approval system where bans only are active for X time until an admin with permissions to approve the ban sets the bans to approved. This should prevent new or trial admins from permanently banning people, unless a master admin approves the ban.
    All this is driven by user's groups and group permissions. There are no individual permissions.

    Ok so here's the table structure so far:

    Bans table:
    banid (auto-increment ban ID)
    ns2id (ns2 steam id)
    userid (user that entered the ban)
    banlength (when does ban expire)
    reason (text field for reason)
    serverip (logs server ip that was banned on, xDragon must implement this variable to be submitted)
    offense_type (optional, when doing manual bans or editing a ban this can be set to various types, such as hacking, behaviour, etc.)
    approved (if enabled, master admins can approve bans. unapproved band get auto-removed in X time, where x can be user-defined)

    Group table:
    groupid (auto-increment group ID)
    rank (0-99)
    can_add
    can_remove (own bans of those belonging to admins in a lower rank group)
    can_edit (own bans of those belonging to admins in a lower rank group)
    can_approve (if admin's group has permission, bans can be approved - this is INDEPENDENT of rank)
    can_edit_groups (if allowed, can only edit lower rank groups)
    can_add_groups (if allowed, can only add lower rank groups)
    can_remove_groups (if allowed, can only remove lower rank groups)
    can_edit_users (if allowed, can only edit users in lower permission groups)
    can_add_users (if allowed, can only add users in lower permission groups)
    can_remove_users (if allowed, can only remove users in lower permission groups)

    Note: In the settings table, checking rank for various actions may be enabled or disabled.

    Users Table:
    userid (auto-increment user ID)
    ns2id
    groupid
    username
    password
    is_master (if this is set to yes, user may freely change any settings - basically this is the owner or head admin, unrestricted in any action)

    Settings Table:
    settingid
    setting
    value1
    value2
    value3

    Basically there will be certain settings here - i set it up this way so more settings can be added freely as we go.
    Some rows will have values like: "setting - enable_rank_check, value1 = 1, value2 = 1, value3 = 0" where value1 can stand for "enable rank check for editing members", value2 can stand for "enable rank check for editing bans" and value3 can stand for "enable rank check for editing groups" and so on.
    Another setting could be "require_approval" value1 set to 1 if ban approval system is enabled, and value2 may represent the time a ban expires if a ban is not approved.


    Let me know if there are any other ideas i should throw in. Keep in mind most of the functions are done, but i can still freely edit the code before release.
  • TechnIckSTechnIckS Join Date: 2007-01-14 Member: 59616Members
    edited January 2013
    BTW, some commands are still broken, i fixed them manually like this (Note: only tested kick for now, but it works):

    Here's the initial error:
    <!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1-->[Server] Script Error #1: lua/DAKLoader_ServerAdmin.lua:143: None of the overloads for Server.GetOwner match the supplied arguments:
      Server.GetOwner(ServerClient)
    Overloads:
      Server.GetOwner(Entity player)
        Call stack:
        #1: GetOwner [C]:-1
        #2: GetObjectLevel lua/DAKLoader_ServerAdmin.lua:143
            target = ServerClient { }
        #3: DAKGetLevelSufficient lua/DAKLoader_ServerAdmin.lua:154
            client = ServerClient { }
            targetclient = ReadyRoomPlayer-1890 { }
        #4: lua/plugins/plugin_baseadmincommands.lua:249
            client = ServerClient { }
            playerId = "1"
            player = ReadyRoomPlayer-1890 { }
        #5:  (tail call):-1<!--c2--></div><!--ec2-->

    I changed the following code from DAKLoader_serveradmin.lua:

    <!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1-->    local function GetClientLevel(client)
            local steamId = client:GetUserId()
            if steamId == nil then return 0 end
            return DAKGetSteamIDLevel(steamId)
        end
        
        local function GetPlayerLevel(player)
            local client = Server.GetOwner(player)
            local steamId = client:GetUserId()
            if steamId == nil then return 0 end
            return DAKGetSteamIDLevel(steamId)
        end
        
        local function GetObjectLevel(target)
            if tonumber(target) ~= nil then
                return DAKGetSteamIDLevel(tonumber(target))
            elseif Server.GetOwner(target) ~= nil then
                return GetPlayerLevel(target)
            elseif VerifyClient(target) ~= nil then
                return GetClientLevel(target)
            end
            return 0
        end
        
        function DAKGetLevelSufficient(client, targetclient)
            if client == nil then return true end
            if targetclient == nil then return false end
            return GetObjectLevel(client) >= GetObjectLevel(targetclient)
        end<!--c2--></div><!--ec2-->




    Changed to:
    (minor changes, removed some old remnants of "DAK" in GetClientLevel, GetPlayerLevel and GetObjectLevel and replaced GetObjectLevel(client) >= GetObjectLevel(targetclient) with GetClientLevel(client) >= GetSteamIDLevel(targetclient) since it was failing at GetObjectLevel.)

    <!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1-->local function GetClientLevel(client)
            local steamId = client:GetUserId()
            if steamId == nil then return 0 end
            return GetSteamIDLevel(steamId)
        end
        
        local function GetPlayerLevel(player)
            local client = Server.GetOwner(player)
            local steamId = client:GetUserId()
            if steamId == nil then return 0 end
            return GetSteamIDLevel(steamId)
        end
        
        local function GetObjectLevel(target)
            if tonumber(target) ~= nil then
                return GetSteamIDLevel(tonumber(target))
            elseif Server.GetOwner(target) ~= nil then
                return GetPlayerLevel(target)
            elseif VerifyClient(target) ~= nil then
                return GetClientLevel(target)
            end
            return 0
        end
        
        function DAKGetLevelSufficient(client, targetclient)
            if client == nil then return true end
            if targetclient == nil then return false end
            return GetClientLevel(client) >= GetSteamIDLevel(targetclient)
        end<!--c2--></div><!--ec2-->
  • xDragonxDragon Join Date: 2012-04-04 Member: 149948Members, NS2 Playtester, Squad Five Gold, NS2 Map Tester, Reinforced - Shadow
    edited January 2013
    There was a couple checks out of order that was causing that assert, which should be fixed now.

    And yea i was calling the old name of GetSteamIDLevel, which is what they are all supposed to filter down to - that should all be fixed on github.

    I also fixed the extend mapvote not working, and added caching to the admin query - it will create a ServerAdminWeb.json file with the details.

    Regarding multiple groups, that is doable but i may just be easier to setup the generate page to mirror the file then, for an example look at the server's web admin page without index.htm at the end - IE YOURSERVERADDRESS:8080 - see below as an example. Then I can just read this just like the admin files and it allows for greater flexibility/more consistency.

    <!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1-->{ "map": "ns2_veil", "cheats": "false", "marines": 0, "aliens": 0, "player_list": [  ], "frame_rate": 29.999166488647, "devmode": "false", "marine_res": 100, "uptime": 1916, "server_name": "NS2:C Classic Mod #1 [MODDED]", "alien_res": 0, "webport": "8080", "players_online": 0, "webdomain": "ns2cmod.com" }<!--c2--></div><!--ec2-->
  • despairdespair Join Date: 2012-11-01 Member: 165746Members
    <!--quoteo(post=2053208:date=Dec 29 2012, 11:05 PM:name=despair)--><div class='quotetop'>QUOTE (despair @ Dec 29 2012, 11:05 PM) <a href="index.php?act=findpost&pid=2053208"><{POST_SNAPBACK}></a></div><div class='quotemain'><!--quotec-->For the "pregame" command under the "MapVote' function, can you make it so that the server says "Pregame enabled for X seconds"?

    As of now there is no warning that it is a pregame. People will get confused when the round resets.<!--QuoteEnd--></div><!--QuoteEEnd-->
  • xDragonxDragon Join Date: 2012-04-04 Member: 149948Members, NS2 Playtester, Squad Five Gold, NS2 Map Tester, Reinforced - Shadow
    Quick update to the github to fix a null exception with the query caching, and also to prevent it from loading the cache if your not using the query url.

    Also added a message during pregame that is configurable, and updated readme a little.
  • ZEROibisZEROibis Join Date: 2009-10-30 Member: 69176Members, Constellation
    Would any of the following be possible:

    1. Have user load a webpage from ingame.

    2. Have server rotate map when time runs out and server is empty

    3. Ability to filter map cycle by player count so that some maps are only available when player count is >x
  • xDragonxDragon Join Date: 2012-04-04 Member: 149948Members, NS2 Playtester, Squad Five Gold, NS2 Map Tester, Reinforced - Shadow
    User loading a webpage would require a client side portion of the mod. While this does somewhat exist currently its far from complete, and hasnt been a focus as many people run the mod in a way where this would never get loaded.

    Server rotating maps based soley on time is supported under the automapcycle plugin, with a configurable player limit and time, and also the ability to specify certain maps.

    Map cycle having options for player counts is something that should be reasonably easy.
  • minomino Join Date: 2005-02-24 Member: 42334Members, Constellation, Reinforced - Shadow, WC 2013 - Shadow
    edited January 2013
    <!--quoteo(post=2053947:date=Jan 1 2013, 02:07 AM:name=wireaudio)--><div class='quotetop'>QUOTE (wireaudio @ Jan 1 2013, 02:07 AM) <a href="index.php?act=findpost&pid=2053947"><{POST_SNAPBACK}></a></div><div class='quotemain'><!--quotec-->Take a look of how my forum to server php script generates the file. This is the requirement (view source): <a href="http://www.nationalgaming.org/management/admins.php" target="_blank">http://www.nationalgaming.org/management/admins.php</a>
    Script is located here if you are interested to see how it's being generated. Feel free to use the code as you wish :P <a href="http://www.unknownworlds.com/ns2/forums/index.php?showtopic=125513" target="_blank">http://www.unknownworlds.com/ns2/forums/in...howtopic=125513</a><!--QuoteEnd--></div><!--QuoteEEnd-->

    I cant get it to work. Here is my configuration:

    <a href="http://pastebin.com/raw.php?i=dmdWueV4" target="_blank">http://pastebin.com/raw.php?i=dmdWueV4</a>

    Also the reserved slot plugin is active but still all 20 slots on the server are occupied by players which have no reserved slot and i must kick somebody to get on it. Is there any logging i can turn on? I tried reserved bug, but i dunno what means 19 players on the server, 20s cached.

    Any advice/help would be great :)
  • xDragonxDragon Join Date: 2012-04-04 Member: 149948Members, NS2 Playtester, Squad Five Gold, NS2 Map Tester, Reinforced - Shadow
    There is a console command to print the debug messages for the reserveslot plugin, sv_reservedebug.

    If you post that up here I can better gauge whats going on.
  • jfmherokillerjfmherokiller Join Date: 2012-12-18 Member: 175408Members
    edited January 2013
    is it possible to have the commands check part of the name instead of the full name? because some people have obnoxiously long names or they have weird characters in their name from clan tags and such. Instead of temporarily modifying their names or requiring them to remove their clan tag I hope to just have to type the unique part of their name in the command for it to work.
  • minomino Join Date: 2005-02-24 Member: 42334Members, Constellation, Reinforced - Shadow, WC 2013 - Shadow
    <!--quoteo(post=2054880:date=Jan 2 2013, 09:37 PM:name=mino)--><div class='quotetop'>QUOTE (mino @ Jan 2 2013, 09:37 PM) <a href="index.php?act=findpost&pid=2054880"><{POST_SNAPBACK}></a></div><div class='quotemain'><!--quotec-->I cant get it to work. Here is my configuration:<!--QuoteEnd--></div><!--QuoteEEnd-->

    The remote user administration now works as expected. In the ServerAdmin.json you definetly need a "users" section, which could be empty, but must be there. Otherwise it will not work.
  • minomino Join Date: 2005-02-24 Member: 42334Members, Constellation, Reinforced - Shadow, WC 2013 - Shadow
    <!--quoteo(post=2054939:date=Jan 2 2013, 11:04 PM:name=xDragon)--><div class='quotetop'>QUOTE (xDragon @ Jan 2 2013, 11:04 PM) <a href="index.php?act=findpost&pid=2054939"><{POST_SNAPBACK}></a></div><div class='quotemain'><!--quotec-->There is a console command to print the debug messages for the reserveslot plugin, sv_reservedebug.

    If you post that up here I can better gauge whats going on.<!--QuoteEnd--></div><!--QuoteEEnd-->

    I restarted the server last night and the reserved slot behaviour was as expected. Maybe some race condition or side effect which caused this behaviour. I saw now that the sv_reservedebug also prints messages about the kicked players and so on. This is quite handy :)
  • minomino Join Date: 2005-02-24 Member: 42334Members, Constellation, Reinforced - Shadow, WC 2013 - Shadow
    Okay now to something completly different. I posted already in the NS2Stats thread that i cannot run sv_verify_server on my servers. This command will not show up in the sv_help reply. Neither do any NS2Stats specific commands, but the mod is loaded and besides the commands everything of this mod is working. I figured out that it only happens when DAK is running. DAK seems to overwrite the whole sv_* commands. Even a sv_slay, which was showing up in the sv_help reply, was not working. If i run sv_rcon sv_slay <playerid> it worked as expected. Without sv_rcon the commands sv_randomall worked, sv_kick not, sv_listbans worked. Could you please test with a mod like NS2Stats which comes with his own commands and try to figure out why its not working?

    Thansk for your help so far.
  • xDragonxDragon Join Date: 2012-04-04 Member: 149948Members, NS2 Playtester, Squad Five Gold, NS2 Map Tester, Reinforced - Shadow
    edited January 2013
    Most likely that issue is because of the way the mods interact, and something that I would need to fix (not an NS2Stats issue). I have a couple functions which work in wierd ways to insure that all the base commands get blanked to not cause duplicate commands being issued.

    Regarding some of the commands not working are you using the current build from steam workshop? I think that might be bugged atm (oops). Ill publish an update later today to fix this.

    Its possible if there was issues loading the serveradmins that it would affect the reserve slot functionality as there are some checks in there for admin command level access. And yes reservedebug will output log messages about actions taken with regards to kicking any players, which can be useful if there is some odd behavior.

    Regarding names there is GameIDs in DAK that can be used for commands like sv_kick and such, you will see the gameID when typing sv_status.

    As a interim for the groups, if you seperate them with \, it will work. So like root_group\,admin_group.
  • xDragonxDragon Join Date: 2012-04-04 Member: 149948Members, NS2 Playtester, Squad Five Gold, NS2 Map Tester, Reinforced - Shadow
    Updated the github and workshop builds, now admin commands will work from other mods (and work with the expanded serveradmin system from DAK like admins queried from the web).

    Min and Max players can be defined per map in mapcycle, see below example:
    <!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1-->{ "map": "ns2_co_Core", "mods": [ "57f5f9a" ], "minPlayers": 5, "maxPlayers": 10 }<!--c2--></div><!--ec2-->

    I also setup most of the code for the shared bans system, and also fixed a couple logic issues with how queries are cached/merged in with standard systems. As a note, on temporary bans will the system automatically expire them? Or should DAK also trigger an 'unban' update to the DB when that case is encountered?
  • SeeVeeSeeVee Join Date: 2012-10-31 Member: 165206Members
    I have the mod loading from server.lua and I know it's working because I see the MOTD.

    My question is regarding the AFK kick... is it active only when the round starts or is it always active?
  • xDragonxDragon Join Date: 2012-04-04 Member: 149948Members, NS2 Playtester, Squad Five Gold, NS2 Map Tester, Reinforced - Shadow
    Always active, but there is a minimum player count before it becomes active, its a configurable amount in DAKConfig.json, kAFKKickMinimumPlayers = 5.
  • SeeVeeSeeVee Join Date: 2012-10-31 Member: 165206Members
    Ahhhhhh! Thanks for the information.

    Love the features this admin mod has, you've done great work with it!
Sign In or Register to comment.