Update README.md#2
Open
Equalsthr33 wants to merge 1 commit intocaffeineaddiction:mainfrom
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Sudo
DOWNLOADING SUDO
When downloading Sudo be sure to rename the folder in your "Inferface/AddOns" to just "Sudo" and not "Sudo-main"
A framework for allowing / denying a WeakAuras request to specific API calls that have been previously blocked by default.
This is like unlocking Developer Mode in Android, it can allow you to do exactly what you want ... but it also allows you to pwn yourself if you don't read the code of the weakauras you import.
The following functions are available:
sudo.add(API_NAME, _G)API_NAME (string) is any World of Warcraft API (see: World_of_Warcraft_API)
_G (table) is the restricted
globalobject made available within weakauras custom code sandbox, more info can be found here, but in most cases this will simply be_GThis function will prompt the user, and if allowed will add the specified api to the
globalobject within the weakauras sandbox. It would be nice to be able to pick and choose which weakauras could get access to which api, but currently theglobalobject is shared between all weakauras and thus it is not possible to determine which weakaura is callingsudo.addor restrict which weakaura has access to the enabled API within theglobalobject. You could instead pass locally scoped objects rather than theglobalobject to restrict access to just your weakaura, but that is up to the individual weakaura dev to decide.sudo.su(_G)_G (table) is the restricted
globalobject made available within weakauras custom code sandbox, more info can be found here, but in most cases this will simply be_GThis function will prompt the user, and if allowed will replace the restricted
globalobject with a direct reference to the real_Gglobal object that was accessible to the sudo addon at load time. This is more of a sledge hammer approach, but is made available all the same.Settings can be saved per Account or per Character by running the following commands:
Default
sudo.suto always approved for entire account:/script sudoSavedAccount["Remove WeakAura Safety Features for the Blizzard API: 'ALL THE THINGS'?"] = trueDefault
sudo.suto always denied for entire account:/script sudoSavedAccount["Remove WeakAura Safety Features for the Blizzard API: 'ALL THE THINGS'?"] = falseDefault
sudo.suto always prompt for entire account:/script sudoSavedAccount["Remove WeakAura Safety Features for the Blizzard API: 'ALL THE THINGS'?"] = nilDefault
sudo.addof a specific API to approved for entire account:/script sudoSavedAccount["Remove WeakAura Safety Features for the Blizzard API: 'DeleteCursorItem'?"] = trueDefault
sudo.suto always approved for specific character:/script sudoSavedChar["Remove WeakAura Safety Features for the Blizzard API: 'ALL THE THINGS'?"] = trueDefault
sudo.addof a specific API to approved for a specific character:/script sudoSavedChar["Remove WeakAura Safety Features for the Blizzard API: 'DeleteCursorItem'?"] = trueBy default everything is set to prompt, Character settings take priority over Account settings.
A note about wow addon security
All api commands that this addon exposes are published and approved by Blizzard. Weakauras has taken it upon themselves to block some of this API to protect users from themselves. Some users need to be protected from themselves, while others can be trusted to know what they are doing and/or take ownership for screwing up if they don't. Every weakaura you install has the potential of doing nasty stuff, just like every addon you install has the potential of doing nasty stuff. The protections imposed by the weakaura dev team, while a valiant effort on their part are flimsy at best and a false sense of security at worst. As this project clearly demonstrates, those security measures can be bypassed via another addon or in some cases by clever use of a weakaura itself (though I will not publish how).
If some weakaura told you that you need to download this addon, you should be extremely skeptical of that weakaura and its author(s) unless you know EXACTLY why it's needed. That is not to say that the project that directed you here is necessary evil, just that it has a higher likelihood of being evil ... here be dragons, beware.