forked from jmug/stoatchat
feat(perms): consistently throw correct permissions
This commit is contained in:
@@ -26,14 +26,10 @@ pub async fn req(
|
||||
.map_err(|error| Error::FailedValidation { error })?;
|
||||
|
||||
let server = server.as_server(db).await?;
|
||||
if !perms(&user)
|
||||
perms(&user)
|
||||
.server(&server)
|
||||
.calc(db)
|
||||
.await
|
||||
.can_ban_members()
|
||||
{
|
||||
return Error::from_permission(Permission::BanMembers);
|
||||
}
|
||||
.throw_permission(db, Permission::BanMembers)
|
||||
.await?;
|
||||
|
||||
let member = target.as_member(db, &server.id).await?;
|
||||
// ! FIXME_PERMISSIONS
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
use revolt_quark::models::{File, ServerBan, User};
|
||||
use revolt_quark::{perms, Db, Error, Permission, Ref, Result};
|
||||
use revolt_quark::{perms, Db, Permission, Ref, Result};
|
||||
|
||||
use rocket::serde::json::Json;
|
||||
use serde::{Deserialize, Serialize};
|
||||
@@ -14,14 +14,10 @@ struct BannedUser {
|
||||
#[get("/<target>/bans")]
|
||||
pub async fn req(db: &Db, user: User, target: Ref) -> Result<Json<Vec<ServerBan>>> {
|
||||
let server = target.as_server(db).await?;
|
||||
if !perms(&user)
|
||||
perms(&user)
|
||||
.server(&server)
|
||||
.calc(db)
|
||||
.await
|
||||
.can_ban_members()
|
||||
{
|
||||
return Error::from_permission(Permission::BanMembers);
|
||||
}
|
||||
.throw_permission(db, Permission::BanMembers)
|
||||
.await?;
|
||||
|
||||
db.fetch_bans(&server.id).await.map(Json)
|
||||
}
|
||||
|
||||
@@ -1,16 +1,12 @@
|
||||
use revolt_quark::{models::User, perms, Db, EmptyResponse, Error, Permission, Ref, Result};
|
||||
use revolt_quark::{models::User, perms, Db, EmptyResponse, Permission, Ref, Result};
|
||||
|
||||
#[delete("/<server>/bans/<target>")]
|
||||
pub async fn req(db: &Db, user: User, server: Ref, target: Ref) -> Result<EmptyResponse> {
|
||||
let server = server.as_server(db).await?;
|
||||
if !perms(&user)
|
||||
perms(&user)
|
||||
.server(&server)
|
||||
.calc(db)
|
||||
.await
|
||||
.can_ban_members()
|
||||
{
|
||||
return Error::from_permission(Permission::BanMembers);
|
||||
}
|
||||
.throw_permission(db, Permission::BanMembers)
|
||||
.await?;
|
||||
|
||||
let ban = target.as_ban(db, &server.id).await?;
|
||||
db.delete_ban(&ban.id).await.map(|_| EmptyResponse)
|
||||
|
||||
@@ -41,14 +41,10 @@ pub async fn req(db: &Db, user: User, target: Ref, info: Json<Data>) -> Result<J
|
||||
.map_err(|error| Error::FailedValidation { error })?;
|
||||
|
||||
let mut server = target.as_server(db).await?;
|
||||
if !perms(&user)
|
||||
perms(&user)
|
||||
.server(&server)
|
||||
.calc(db)
|
||||
.await
|
||||
.can_manage_channel()
|
||||
{
|
||||
return Error::from_permission(Permission::ManageChannel);
|
||||
}
|
||||
.throw_permission(db, Permission::ManageChannel)
|
||||
.await?;
|
||||
|
||||
let id = Ulid::new().to_string();
|
||||
let mut channels = server.channels.clone();
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
use revolt_quark::{
|
||||
models::{Invite, User},
|
||||
perms, Db, Error, Permission, Ref, Result,
|
||||
perms, Db, Permission, Ref, Result,
|
||||
};
|
||||
|
||||
use rocket::serde::json::Json;
|
||||
@@ -17,14 +17,10 @@ pub struct ServerInvite {
|
||||
#[get("/<target>/invites")]
|
||||
pub async fn req(db: &Db, user: User, target: Ref) -> Result<Json<Vec<Invite>>> {
|
||||
let server = target.as_server(db).await?;
|
||||
if !perms(&user)
|
||||
perms(&user)
|
||||
.server(&server)
|
||||
.calc(db)
|
||||
.await
|
||||
.can_manage_server()
|
||||
{
|
||||
return Error::from_permission(Permission::ManageServer);
|
||||
}
|
||||
.throw_permission(db, Permission::ManageServer)
|
||||
.await?;
|
||||
|
||||
db.fetch_invites_for_server(&server.id).await.map(Json)
|
||||
}
|
||||
|
||||
@@ -33,10 +33,7 @@ pub async fn req(
|
||||
.map_err(|error| Error::FailedValidation { error })?;
|
||||
|
||||
let server = server.as_server(db).await?;
|
||||
let permissions = perms(&user).server(&server).calc(db).await;
|
||||
if !permissions.can_view_channel() {
|
||||
return Err(Error::NotFound);
|
||||
}
|
||||
perms(&user).server(&server).calc(db).await?;
|
||||
|
||||
let mut member = target.as_member(db, &server.id).await?;
|
||||
|
||||
|
||||
@@ -1,20 +1,13 @@
|
||||
use revolt_quark::{
|
||||
models::{Member, User},
|
||||
perms, Db, Error, Ref, Result,
|
||||
perms, Db, Ref, Result,
|
||||
};
|
||||
use rocket::serde::json::Json;
|
||||
|
||||
#[get("/<target>/members/<member>")]
|
||||
pub async fn req(db: &Db, user: User, target: Ref, member: Ref) -> Result<Json<Member>> {
|
||||
let server = target.as_server(db).await?;
|
||||
if !perms(&user)
|
||||
.server(&server)
|
||||
.calc(db)
|
||||
.await
|
||||
.can_view_channel()
|
||||
{
|
||||
return Err(Error::NotFound);
|
||||
}
|
||||
perms(&user).server(&server).calc(db).await?;
|
||||
|
||||
member.as_member(db, &server.id).await.map(Json)
|
||||
}
|
||||
|
||||
@@ -1,18 +1,11 @@
|
||||
use revolt_quark::{models::User, perms, presence::presence_filter_online, Db, Error, Ref, Result};
|
||||
use revolt_quark::{models::User, perms, presence::presence_filter_online, Db, Ref, Result};
|
||||
|
||||
use rocket::serde::json::Value;
|
||||
|
||||
#[get("/<target>/members")]
|
||||
pub async fn req(db: &Db, user: User, target: Ref) -> Result<Value> {
|
||||
let server = target.as_server(db).await?;
|
||||
if !perms(&user)
|
||||
.server(&server)
|
||||
.calc(db)
|
||||
.await
|
||||
.can_view_channel()
|
||||
{
|
||||
return Err(Error::NotFound);
|
||||
}
|
||||
perms(&user).server(&server).calc(db).await?;
|
||||
|
||||
let members = db.fetch_all_members(&server.id).await?;
|
||||
|
||||
|
||||
@@ -1,16 +1,12 @@
|
||||
use revolt_quark::{models::User, perms, Db, EmptyResponse, Error, Permission, Ref, Result};
|
||||
use revolt_quark::{models::User, perms, Db, EmptyResponse, Permission, Ref, Result};
|
||||
|
||||
#[delete("/<target>/members/<member>")]
|
||||
pub async fn req(db: &Db, user: User, target: Ref, member: Ref) -> Result<EmptyResponse> {
|
||||
let server = target.as_server(db).await?;
|
||||
if !perms(&user)
|
||||
perms(&user)
|
||||
.server(&server)
|
||||
.calc(db)
|
||||
.await
|
||||
.can_kick_members()
|
||||
{
|
||||
return Error::from_permission(Permission::KickMembers);
|
||||
}
|
||||
.throw_permission(db, Permission::KickMembers)
|
||||
.await?;
|
||||
|
||||
let member = member.as_member(db, &server.id).await?;
|
||||
// ! FIXME_PERMISSIONS
|
||||
|
||||
@@ -3,7 +3,7 @@ use serde::{Deserialize, Serialize};
|
||||
|
||||
use revolt_quark::{
|
||||
models::{Server, User},
|
||||
perms, Db, Error, Ref, Result,
|
||||
perms, Db, Permission, Ref, Result,
|
||||
};
|
||||
|
||||
#[derive(Serialize, Deserialize)]
|
||||
@@ -26,16 +26,12 @@ pub async fn req(
|
||||
data: Json<Data>,
|
||||
) -> Result<Json<Server>> {
|
||||
let mut server = target.as_server(db).await?;
|
||||
if !perms(&user)
|
||||
perms(&user)
|
||||
.server(&server)
|
||||
.calc(db)
|
||||
.await
|
||||
.can_manage_permissions()
|
||||
{
|
||||
return Err(Error::NotFound);
|
||||
}
|
||||
.throw_permission(db, Permission::ManagePermissions)
|
||||
.await?;
|
||||
|
||||
// ! FIXME: calculate permission against role
|
||||
// ! FIXME_PERMISSIONS
|
||||
|
||||
server
|
||||
.set_role_permission(
|
||||
|
||||
@@ -3,7 +3,7 @@ use serde::{Deserialize, Serialize};
|
||||
|
||||
use revolt_quark::{
|
||||
models::{server::PartialServer, Server, User},
|
||||
perms, Db, Error, Ref, Result,
|
||||
perms, Db, Permission, Ref, Result,
|
||||
};
|
||||
|
||||
#[derive(Serialize, Deserialize)]
|
||||
@@ -22,14 +22,12 @@ pub async fn req(db: &Db, user: User, target: Ref, data: Json<Data>) -> Result<J
|
||||
let data = data.into_inner();
|
||||
|
||||
let mut server = target.as_server(db).await?;
|
||||
if !perms(&user)
|
||||
perms(&user)
|
||||
.server(&server)
|
||||
.calc(db)
|
||||
.await
|
||||
.can_manage_permissions()
|
||||
{
|
||||
return Err(Error::NotFound);
|
||||
}
|
||||
.throw_permission(db, Permission::ManagePermissions)
|
||||
.await?;
|
||||
|
||||
// ! FIXME_PERMISSIONS
|
||||
|
||||
server
|
||||
.update(
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
use revolt_quark::{
|
||||
models::{server::Role, User},
|
||||
perms, Db, Error, Ref, Result,
|
||||
perms, Db, Error, Permission, Ref, Result,
|
||||
};
|
||||
|
||||
use rocket::serde::json::{Json, Value};
|
||||
@@ -20,14 +20,10 @@ pub async fn req(db: &Db, user: User, target: Ref, data: Json<Data>) -> Result<V
|
||||
.map_err(|error| Error::FailedValidation { error })?;
|
||||
|
||||
let server = target.as_server(db).await?;
|
||||
if !perms(&user)
|
||||
perms(&user)
|
||||
.server(&server)
|
||||
.calc(db)
|
||||
.await
|
||||
.can_manage_roles()
|
||||
{
|
||||
return Err(Error::NotFound);
|
||||
}
|
||||
.throw_permission(db, Permission::ManageRole)
|
||||
.await?;
|
||||
|
||||
let role = Role {
|
||||
name: data.name,
|
||||
|
||||
@@ -1,16 +1,12 @@
|
||||
use revolt_quark::{models::User, perms, Db, EmptyResponse, Error, Ref, Result};
|
||||
use revolt_quark::{models::User, perms, Db, EmptyResponse, Error, Permission, Ref, Result};
|
||||
|
||||
#[delete("/<target>/roles/<role_id>")]
|
||||
pub async fn req(db: &Db, user: User, target: Ref, role_id: String) -> Result<EmptyResponse> {
|
||||
let mut server = target.as_server(db).await?;
|
||||
if !perms(&user)
|
||||
perms(&user)
|
||||
.server(&server)
|
||||
.calc(db)
|
||||
.await
|
||||
.can_manage_roles()
|
||||
{
|
||||
return Err(Error::NotFound);
|
||||
}
|
||||
.throw_permission(db, Permission::ManageRole)
|
||||
.await?;
|
||||
|
||||
// ! FIXME_PERMISSIONS
|
||||
|
||||
|
||||
@@ -3,7 +3,7 @@ use revolt_quark::{
|
||||
server::{FieldsRole, PartialRole, Role},
|
||||
User,
|
||||
},
|
||||
perms, Db, Error, Ref, Result,
|
||||
perms, Db, Error, Permission, Ref, Result,
|
||||
};
|
||||
|
||||
use rocket::serde::json::Json;
|
||||
@@ -35,14 +35,10 @@ pub async fn req(
|
||||
.map_err(|error| Error::FailedValidation { error })?;
|
||||
|
||||
let mut server = target.as_server(db).await?;
|
||||
if !perms(&user)
|
||||
perms(&user)
|
||||
.server(&server)
|
||||
.calc(db)
|
||||
.await
|
||||
.can_manage_roles()
|
||||
{
|
||||
return Err(Error::NotFound);
|
||||
}
|
||||
.throw_permission(db, Permission::ManageRole)
|
||||
.await?;
|
||||
|
||||
if let Some(mut role) = server.roles.remove(&role_id) {
|
||||
let Data {
|
||||
|
||||
@@ -1,16 +1,9 @@
|
||||
use revolt_quark::{models::User, perms, Db, EmptyResponse, Error, Ref, Result};
|
||||
use revolt_quark::{models::User, perms, Db, EmptyResponse, Ref, Result};
|
||||
|
||||
#[put("/<target>/ack")]
|
||||
pub async fn req(db: &Db, user: User, target: Ref) -> Result<EmptyResponse> {
|
||||
let server = target.as_server(db).await?;
|
||||
if !perms(&user)
|
||||
.server(&server)
|
||||
.calc(db)
|
||||
.await
|
||||
.can_view_channel()
|
||||
{
|
||||
return Err(Error::NotFound);
|
||||
}
|
||||
perms(&user).server(&server).calc(db).await?;
|
||||
|
||||
db.acknowledge_channels(&user.id, &server.channels)
|
||||
.await
|
||||
|
||||
@@ -38,7 +38,7 @@ pub async fn req(db: &Db, user: User, target: Ref, data: Json<Data>) -> Result<J
|
||||
.map_err(|error| Error::FailedValidation { error })?;
|
||||
|
||||
let mut server = target.as_server(db).await?;
|
||||
let permissions = perms(&user).server(&server).calc(db).await;
|
||||
let permissions = perms(&user).server(&server).calc(db).await?;
|
||||
if !permissions.can_view_channel() {
|
||||
return Err(Error::NotFound);
|
||||
}
|
||||
|
||||
@@ -1,20 +1,13 @@
|
||||
use revolt_quark::{
|
||||
models::{Server, User},
|
||||
perms, Db, Error, Ref, Result,
|
||||
perms, Db, Ref, Result,
|
||||
};
|
||||
use rocket::serde::json::Json;
|
||||
|
||||
#[get("/<target>")]
|
||||
pub async fn req(db: &Db, user: User, target: Ref) -> Result<Json<Server>> {
|
||||
let server = target.as_server(db).await?;
|
||||
if !perms(&user)
|
||||
.server(&server)
|
||||
.calc(db)
|
||||
.await
|
||||
.can_view_channel()
|
||||
{
|
||||
return Err(Error::NotFound);
|
||||
}
|
||||
perms(&user).server(&server).calc(db).await?;
|
||||
|
||||
Ok(Json(server))
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user