Allow bots to use admin endpoints
This commit is contained in:
parent
c7f3cb3441
commit
1ab7dd0626
3 changed files with 58 additions and 29 deletions
|
@ -53,8 +53,8 @@ public static class AdminRoutes
|
|||
}, Utilities.JsonSerializerOptions);
|
||||
}
|
||||
// Check token
|
||||
var session = await Program.Database.GetSession(payload.session);
|
||||
if (session == null || Utilities.IsSessionExpired(session))
|
||||
var user = await Utilities.GetStaffByToken(payload.session);
|
||||
if (user == null)
|
||||
{
|
||||
context.Response.StatusCode = 400;
|
||||
return Results.Json(new IPBanResponse
|
||||
|
@ -64,8 +64,6 @@ public static class AdminRoutes
|
|||
}, Utilities.JsonSerializerOptions);
|
||||
}
|
||||
// Check rank
|
||||
var user = await Program.Database.GetUser(session.Username)
|
||||
?? throw new Exception("Could not lookup user from session");
|
||||
if (user.Rank != Rank.Admin && user.Rank != Rank.Moderator)
|
||||
{
|
||||
context.Response.StatusCode = 403;
|
||||
|
@ -127,23 +125,21 @@ public static class AdminRoutes
|
|||
}, Utilities.JsonSerializerOptions);
|
||||
}
|
||||
// Check token
|
||||
var session = await Program.Database.GetSession(payload.token);
|
||||
if (session == null || Utilities.IsSessionExpired(session))
|
||||
var user = await Utilities.GetStaffByToken(payload.token);
|
||||
if (user == null)
|
||||
{
|
||||
context.Response.StatusCode = 400;
|
||||
return Results.Json(new BanUserResponse
|
||||
return Results.Json(new IPBanResponse
|
||||
{
|
||||
success = false,
|
||||
error = "Invalid session"
|
||||
}, Utilities.JsonSerializerOptions);
|
||||
}
|
||||
// Check rank
|
||||
var user = await Program.Database.GetUser(session.Username)
|
||||
?? throw new Exception("Could not lookup user from session");
|
||||
if (user.Rank != Rank.Admin && user.Rank != Rank.Moderator)
|
||||
{
|
||||
context.Response.StatusCode = 403;
|
||||
return Results.Json(new BanUserResponse
|
||||
return Results.Json(new IPBanResponse
|
||||
{
|
||||
success = false,
|
||||
error = "Insufficient permissions"
|
||||
|
@ -205,23 +201,21 @@ public static class AdminRoutes
|
|||
}, Utilities.JsonSerializerOptions);
|
||||
}
|
||||
// Check token
|
||||
var session = await Program.Database.GetSession(payload.token);
|
||||
if (session == null || Utilities.IsSessionExpired(session))
|
||||
var user = await Utilities.GetStaffByToken(payload.token);
|
||||
if (user == null)
|
||||
{
|
||||
context.Response.StatusCode = 400;
|
||||
return Results.Json(new AdminUpdateBotResponse
|
||||
return Results.Json(new IPBanResponse
|
||||
{
|
||||
success = false,
|
||||
error = "Invalid session"
|
||||
}, Utilities.JsonSerializerOptions);
|
||||
}
|
||||
// Check rank
|
||||
var user = await Program.Database.GetUser(session.Username)
|
||||
?? throw new Exception("Could not lookup user from session");
|
||||
if (user.Rank != Rank.Admin && user.Rank != Rank.Moderator)
|
||||
{
|
||||
context.Response.StatusCode = 403;
|
||||
return Results.Json(new AdminUsersResponse
|
||||
return Results.Json(new IPBanResponse
|
||||
{
|
||||
success = false,
|
||||
error = "Insufficient permissions"
|
||||
|
@ -323,23 +317,21 @@ public static class AdminRoutes
|
|||
}, Utilities.JsonSerializerOptions);
|
||||
}
|
||||
// Check token
|
||||
var session = await Program.Database.GetSession(payload.token);
|
||||
if (session == null || Utilities.IsSessionExpired(session))
|
||||
var user = await Utilities.GetStaffByToken(payload.token);
|
||||
if (user == null)
|
||||
{
|
||||
context.Response.StatusCode = 400;
|
||||
return Results.Json(new AdminUpdateUserResponse
|
||||
return Results.Json(new IPBanResponse
|
||||
{
|
||||
success = false,
|
||||
error = "Invalid session"
|
||||
}, Utilities.JsonSerializerOptions);
|
||||
}
|
||||
// Check rank
|
||||
var user = await Program.Database.GetUser(session.Username)
|
||||
?? throw new Exception("Could not lookup user from session");
|
||||
if (user.Rank != Rank.Admin)
|
||||
if (user.Rank != Rank.Admin && user.Rank != Rank.Moderator)
|
||||
{
|
||||
context.Response.StatusCode = 403;
|
||||
return Results.Json(new AdminUsersResponse
|
||||
return Results.Json(new IPBanResponse
|
||||
{
|
||||
success = false,
|
||||
error = "Insufficient permissions"
|
||||
|
@ -428,23 +420,21 @@ public static class AdminRoutes
|
|||
}, Utilities.JsonSerializerOptions);
|
||||
}
|
||||
// Check token
|
||||
var session = await Program.Database.GetSession(payload.token);
|
||||
if (session == null || Utilities.IsSessionExpired(session))
|
||||
var user = await Utilities.GetStaffByToken(payload.token);
|
||||
if (user == null)
|
||||
{
|
||||
context.Response.StatusCode = 400;
|
||||
return Results.Json(new AdminUsersResponse
|
||||
return Results.Json(new IPBanResponse
|
||||
{
|
||||
success = false,
|
||||
error = "Invalid session"
|
||||
}, Utilities.JsonSerializerOptions);
|
||||
}
|
||||
// Check rank
|
||||
var user = await Program.Database.GetUser(session.Username)
|
||||
?? throw new Exception("Could not lookup user from session");
|
||||
if (user.Rank != Rank.Admin && user.Rank != Rank.Moderator)
|
||||
{
|
||||
context.Response.StatusCode = 403;
|
||||
return Results.Json(new AdminUsersResponse
|
||||
return Results.Json(new IPBanResponse
|
||||
{
|
||||
success = false,
|
||||
error = "Insufficient permissions"
|
||||
|
|
7
CollabVMAuthServer/StaffMember.cs
Normal file
7
CollabVMAuthServer/StaffMember.cs
Normal file
|
@ -0,0 +1,7 @@
|
|||
namespace Computernewb.CollabVMAuthServer;
|
||||
|
||||
public class StaffMember
|
||||
{
|
||||
public string Username { get; set; }
|
||||
public Rank Rank { get; set; }
|
||||
}
|
|
@ -125,4 +125,36 @@ public static class Utilities
|
|||
{
|
||||
return DateTime.Now > session.LastUsed.AddDays(Program.Config.Accounts.SessionExpiryDays);
|
||||
}
|
||||
|
||||
public static async Task<StaffMember?> GetStaffByToken(string token)
|
||||
{
|
||||
if (token.Length == 32)
|
||||
{
|
||||
// User
|
||||
var session = await Program.Database.GetSession(token);
|
||||
if (session == null || Utilities.IsSessionExpired(session)) return null;
|
||||
var user = await Program.Database.GetUser(session.Username);
|
||||
if (user == null) return null;
|
||||
return new StaffMember
|
||||
{
|
||||
Username = user.Username,
|
||||
Rank = user.Rank
|
||||
};
|
||||
}
|
||||
else if (token.Length == 64)
|
||||
{
|
||||
// Bot
|
||||
var bot = await Program.Database.GetBot(token: token);
|
||||
if (bot == null) return null;
|
||||
return new StaffMember
|
||||
{
|
||||
Username = bot.Username,
|
||||
Rank = bot.Rank
|
||||
};
|
||||
}
|
||||
else
|
||||
{
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue