mintrt 0.1.0

Security-featured runtime for lua.
//     <<*>> Revenge of snowflake.
//     -^v-  SASWE
//     @ This source code is licensed under a dual license model:
//       1. MPL-2.0 for non-commercial use only
//       2. Commercial License for commercial use
//       See LICENSE and LICENSE_COMMERCIAL files for details.
use serde::{Deserialize, Serialize};
use crate::security::env_modify::Modules_no_suffix;
use crate::security::{SAuthBasicCtrl, SDetailedAccessAllow};

pub const LUA_LOG_LENGTH_LIMIT: usize = 80;

pub const LUAC_PATH: &'static str = "src/security/lua_bin/luac.exe";
pub const ALLOW_DATA_AUTH : bool = true;

#[derive(Serialize, Deserialize, Debug)]
pub enum AppAuthority {
    Default,
    Su
}

pub enum RunMode {
    Thinker,
    Executor
}

/*
#[derive(Debug)]
pub enum Engine {
    Lua55,
    LuaJit2,
    Luau
}*/

#[derive(Serialize, Deserialize, Debug)]
pub struct entity_ro {
    pub nickname: String,//进程应当以nickname显示,这样可以明确是什么服务,避免误杀
    pub entire_id: String,//示例:auto.swe.timekeeper
    pub basic_authority: SAuthBasicCtrl,//V
    pub runtime_permission: AppAuthority,//由于为服务,所以不主动提权,而是直接报错退出
    pub thinker_script: String, // 不是real-time,绝对路径//V
    pub executor_script_or_compiled: String,//只能从中调用函数,路径末端为目录,文件名定死:executor.wing //V
    pub native_access_no_suffix: Modules_no_suffix,//lua自带的尝试加载dll或者lua模块的函数会被直接移除(hook之后) //V
    pub lua_access_no_suffix: Modules_no_suffix,//V
    pub pkg_path: String,//V
    pub command_allow: SDetailedAccessAllow,//先实现这个
    pub file_access_allow: SDetailedAccessAllow,
}

impl entity_ro {
    pub fn merge(mut self, usrdata: &entity_usr) -> Self {
        //先处理好处理的detailed_access_authority
        for keypair in usrdata.command_allow_extra.iter() {
            let key = keypair.0.clone();
            let value = keypair.1.clone();
            self.command_allow.insert(key, value);
        }
        for keypair in usrdata.file_access_allow_extra.iter() {
            let key = keypair.0.clone();
            let value = keypair.1.clone();
            self.file_access_allow.insert(key, value);
        }
        for basic_auth in usrdata.customize_authority.iter() {
            self.basic_authority.insert(basic_auth.0.clone(), basic_auth.1.clone());
        }
        //还需要把flags传给lua环境,到src/runtime.rs里去做吧 完成!
        self
    }
}

#[derive(Serialize, Deserialize, Debug)]
pub struct entity_usr {//启动器负责
    pub flags: Vec<String>,//通过自定义api传给lua
    pub customize_authority: SAuthBasicCtrl,//要merge到entity里
    pub command_allow_extra: SDetailedAccessAllow,
    pub file_access_allow_extra: SDetailedAccessAllow,
}

pub struct Dandelion {
    pub path: String,//生成源
    pub exe: String,//由于设计上的user-access script,设置conf目录没有意义
    pub cext: String,//只读,安装程序生成
    pub lext: String,//只读
    pub data: String,//程序自由读写空间
    pub log: String,//运行时日志,程序日志,但是程序日志的字数会被限制,且仅支持ascii可见字符
    pub meta: String,//ron格式,绝对路径
    pub man: String,//mdbook那种,软件会附带mdbook.exe进行编译
}

impl Dandelion {
    pub fn autofill(path: &str) -> Self {
        Dandelion {
            exe: format!("{}/{}", path, "exe".to_string()),
            cext: format!("{}/{}", path, "cext".to_string()),
            lext: format!("{}/{}", path, "lext".to_string()),
            data: format!("{}/{}", path, "data".to_string()),
            log: format!("{}/{}", path, "log".to_string()),
            meta: format!("{}/{}", path, "manifest.ron".to_string()),
            path: path.parse().unwrap(),
            man: "".to_string(),//本程序不需用到
        }
    }

}