access_control
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
access_control [2016/03/22 09:09] – created g00r00 | access_control [2024/03/03 03:20] (current) – [ACS Function Reference] added O5 ACS avon | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Access Control Strings ====== | ====== Access Control Strings ====== | ||
+ | |||
+ | Access Control Strings (or ACS) are found all over Mystic BBS and are used to control the who, what, and when of security access to various parts of your BBS. Every menu, menu command, any many other functions in the BBS have an associated ACS definition which the SysOp can use to create and apply find-grained access control to all elements of the BBS. | ||
+ | |||
+ | The ACS system is designed to allow for the most intricate security controls without requiring programming, | ||
+ | |||
+ | Each ACS function is nothing more than a single character, most often followed by a parameter afterwards that supplements the function. | ||
+ | |||
+ | In addition to this basic function and parameter system, ACS can use parenthesis to force an order of evaluation, and also offers the typical Boolean operators AND OR NOT. Let's look at one example of a more complex ACS before we move on: | ||
+ | |||
+ | | ||
+ | |||
+ | The above ACS says that the user must have ANY one of the following things to have access: | ||
+ | |||
+ | < | ||
+ | User must have a security level of at least 20 but NOT 21 or higher | ||
+ | | ||
+ | |||
+ | OR | ||
+ | |||
+ | User must be user ID #10 who may be a specific person you may want | ||
+ | to have access regardless of any other parameters | ||
+ | |||
+ | OR | ||
+ | |||
+ | The user must be accessing the command between 10pm and 11pm. | ||
+ | </ | ||
+ | |||
+ | For most System Operators just basic ACS functions will be used, so its typically not nearly as complex as the example shown above. | ||
+ | ===== ACS Function Reference ===== | ||
+ | |||
+ | |||
+ | Ax - This command is used to check the user's age. Where X is | ||
+ | the age the user must be in order to pass. | ||
+ | |||
+ | Dx - This command is used to check if a user has a certain flag | ||
+ | | ||
+ | flag which the user must have in order to pass. For | ||
+ | | ||
+ | D in flag set 2 in order to pass. | ||
+ | |||
+ | Ex - This command is used to check the user's current graphics | ||
+ | | ||
+ | |||
+ | 1 - User must have ANSI graphics | ||
+ | 0 - User must have ASCII (none) graphics | ||
+ | |||
+ | Fx - This command is used to check if a user has a certain flag | ||
+ | | ||
+ | flag which the user must have in order to pass. For | ||
+ | | ||
+ | A in flag set 1 in order to pass. | ||
+ | |||
+ | Gx - This command is used to check if a user is in a certain | ||
+ | | ||
+ | in the message group editor. | ||
+ | the user to be in message group #1 in order to pass. | ||
+ | |||
+ | Hx - This command is used to check if a user is accessing | ||
+ | a command at a certain hour. Where X is the hour in the | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | Mx - This command is used to check if a user is access a | ||
+ | | ||
+ | the 00-59 range. | ||
+ | be quarter past the hour or later. | ||
+ | |||
+ | Nx - This command is used to check if a user is online a | ||
+ | | ||
+ | the user is currently logged in on Node 1 in order to | ||
+ | pass. | ||
+ | |||
+ | OA - This command is used to check the status of the user's | ||
+ | node message availability. | ||
+ | | ||
+ | they are not available. | ||
+ | |||
+ | OC - This command is used to check if it is the user's first | ||
+ | call into the BBS. OC will return true if it is the | ||
+ | first call. | ||
+ | |||
+ | OF - This command returns TRUE if its the user's first call today | ||
+ | |||
+ | OI - This command is used to check if a user's node status | ||
+ | is invisible to other nodes. | ||
+ | the user is invisible, false if not. | ||
+ | |||
+ | OF - This command is used to check if its the user's first | ||
+ | | ||
+ | the current connection is their first of the day. | ||
+ | |||
+ | OK - This command is used to check the result of the last | ||
+ | | ||
+ | the menu commands: -P, -Y, and -N. | ||
+ | |||
+ | OM - This command is used to check if the user has System | ||
+ | | ||
+ | the owner of the current message when reading messages | ||
+ | in the Message bases (and therefore has Sysop-equivalent | ||
+ | | ||
+ | |||
+ | ON - This command is True if the last message new scan had | ||
+ | new messages read by the user. | ||
+ | |||
+ | OP - This command is used to check the status of the user's | ||
+ | post / call ratio. | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | OS - This command is true when the user is connected via a | ||
+ | | ||
+ | |||
+ | OV - This command returns True if the user has validated their | ||
+ | | ||
+ | |||
+ | OY - This command returns True if the last new message scan had | ||
+ | new personal messages from the user. | ||
+ | |||
+ | O1 - This command returns True if the user posted during this call | ||
+ | |||
+ | O2 - This command returns True if user sent local e-mail during this call | ||
+ | |||
+ | O3 - This command returns True if user uploaded a file during this call | ||
+ | |||
+ | O4 - This command returns True if the user downloaded during this call | ||
+ | |||
+ | O5 - This command returns True if user opened a door during this call | ||
+ | |||
+ | Sx - This command is used to check if a user meets a certain | ||
+ | | ||
+ | to have a security level of 20 or higher in order to | ||
+ | pass. | ||
+ | |||
+ | Tx - This command is used to check if a user has at least | ||
+ | X minutes remaining in online time. For example: T10 | ||
+ | would require the user to have a least 10 minutes of | ||
+ | | ||
+ | |||
+ | Ux - This command is used to check a user's permanent user | ||
+ | | ||
+ | user must match. | ||
+ | to have the permanent user index of 1. Each user's | ||
+ | | ||
+ | users will ever have the same permanent index number. | ||
+ | |||
+ | Wx - This command is used to check the day of the week, where X | ||
+ | is the day number (0 being Sunday and 6 being Saturday) | ||
+ | |||
+ | X# - This command is used to check the columns of a user's terminal | ||
+ | size, where # is the number of columns. | ||
+ | if the user has a terminal size of 132 columns or higher. | ||
+ | |||
+ | Zx - This command is used to check if a user is in a certain | ||
+ | File Group. | ||
+ | in the File Group editor. | ||
+ | the user to be in File Group #1 in order to pass the ACS | ||
+ | | ||
+ | |||
+ | ===== Examples ===== | ||
+ | |||
+ | Any of the above commands can be used together to create an ACS string used by Mystic BBS. Below are some examples of how they can be used: | ||
+ | |||
+ | s255 - User must have security of 255 or higher. | ||
+ | s255n1fA - User must have a security level of 255 or higher, be | ||
+ | | ||
+ | | ||
+ | s10z1h12 - User must have a security level of 10 or higher, | ||
+ | be currently in File Group #1, and be accessing this | ||
+ | | ||
+ | ACS string. | ||
+ | |||
+ | For added flexibility, | ||
+ | |||
+ | & = Logical AND | ||
+ | | = Logical OR | ||
+ | ! = Logical NOT | ||
+ | ^ = Always TRUE | ||
+ | % = Always FALSE | ||
+ | |||
+ | In addition to the operators, Mystic BBS also allows parenthesis in ACS strings to allow evaluation of grouped ACS commands. | ||
+ | |||
+ | ^ | ||
+ | % | ||
+ | not even the SysOp. | ||
+ | s10!s20 | ||
+ | 10 but NOT 20 or greater. | ||
+ | t20|s255 | ||
+ | have a security level of 255. | ||
+ | !(s255|fa) | ||
+ | A toggled on. | ||
+ | (s20fa)|(s255) | ||
+ | toggled on, *OR* have a security level of 255 or | ||
+ | higher. | ||
access_control.1458655761.txt.gz · Last modified: 2016/03/22 09:09 by g00r00