Servers: Create or delete roles.

Members: Assign / un-assign multiple roles.
Servers: Routes to set permissions.
This commit is contained in:
Paul
2021-06-30 20:09:42 +01:00
parent 31c93b9954
commit 57f81e018c
6 changed files with 197 additions and 7 deletions

View File

@@ -1,3 +1,5 @@
use std::collections::HashSet;
use crate::notifications::events::ClientboundNotification;
use crate::util::result::{Error, Result};
use crate::{database::*, notifications::events::RemoveMemberField};
@@ -12,6 +14,7 @@ pub struct Data {
#[validate(length(min = 1, max = 32))]
nickname: Option<String>,
avatar: Option<String>,
roles: Option<Vec<String>>,
remove: Option<RemoveMemberField>,
}
@@ -21,7 +24,7 @@ pub async fn req(user: User, server: Ref, target: String, data: Json<Data>) -> R
data.validate()
.map_err(|error| Error::FailedValidation { error })?;
if data.nickname.is_none() && data.avatar.is_none() && data.remove.is_none() {
if data.nickname.is_none() && data.avatar.is_none() && data.roles.is_none() && data.remove.is_none() {
return Ok(());
}
@@ -33,6 +36,10 @@ pub async fn req(user: User, server: Ref, target: String, data: Json<Data>) -> R
.for_server()
.await?;
if data.roles.is_some() && !perm.get_manage_roles() {
return Err(Error::MissingPermission);
}
if target.id.user == user.id {
if (data.nickname.is_some() && !perm.get_change_nickname())
|| (data.avatar.is_some() && !perm.get_change_avatar())
@@ -97,6 +104,18 @@ pub async fn req(user: User, server: Ref, target: String, data: Json<Data>) -> R
remove_avatar = true;
}
if let Some(role_ids) = &data.roles {
let mut ids = HashSet::new();
for role in role_ids {
if server.roles.contains_key(role) {
ids.insert(role.clone());
}
}
set.insert("roles", ids.into_iter().collect::<Vec<String>>());
}
let mut operations = doc! {};
if set.len() > 0 {
operations.insert("$set", &set);

View File

@@ -20,6 +20,8 @@ mod invites_fetch;
mod roles_create;
mod roles_delete;
mod permissions_set;
mod permissions_set_default;
pub fn routes() -> Vec<Route> {
routes![
@@ -37,6 +39,8 @@ pub fn routes() -> Vec<Route> {
ban_list::req,
invites_fetch::req,
roles_create::req,
roles_delete::req
roles_delete::req,
permissions_set::req,
permissions_set_default::req
]
}

View File

@@ -0,0 +1,69 @@
use mongodb::bson::doc;
use rocket_contrib::json::Json;
use serde::{Serialize, Deserialize};
use crate::database::*;
use crate::database::permissions::channel::ChannelPermission;
use crate::database::permissions::server::ServerPermission;
use crate::notifications::events::ClientboundNotification;
use crate::util::result::{Error, Result};
#[derive(Serialize, Deserialize)]
pub struct Data {
server: u32,
channel: u32
}
#[put("/<target>/permissions/<role_id>", data = "<data>")]
pub async fn req(user: User, target: Ref, role_id: String, data: Json<Data>) -> Result<()> {
let target = target.fetch_server().await?;
let perm = permissions::PermissionCalculator::new(&user)
.with_server(&target)
.for_server()
.await?;
if !perm.get_manage_roles() {
return Err(Error::MissingPermission);
}
if !target.roles.contains_key(&role_id) {
return Err(Error::NotFound);
}
let server_permissions: u32 = ServerPermission::View as u32 | data.server;
let channel_permissions: u32 = ChannelPermission::View as u32 | data.channel;
get_collection("servers")
.update_one(
doc! { "_id": &target.id },
doc! {
"$set": {
"roles.".to_owned() + &role_id + &".permissions": [
server_permissions as i32,
channel_permissions as i32
]
}
},
None
)
.await
.map_err(|_| Error::DatabaseError {
operation: "update_one",
with: "server"
})?;
ClientboundNotification::ServerRoleUpdate {
id: target.id.clone(),
role_id,
data: json!({
"permissions": [
server_permissions as i32,
channel_permissions as i32
]
})
}
.publish(target.id);
Ok(())
}

View File

@@ -0,0 +1,65 @@
use mongodb::bson::doc;
use rocket_contrib::json::Json;
use serde::{Serialize, Deserialize};
use crate::database::*;
use crate::database::permissions::channel::ChannelPermission;
use crate::database::permissions::server::ServerPermission;
use crate::notifications::events::ClientboundNotification;
use crate::util::result::{Error, Result};
#[derive(Serialize, Deserialize)]
pub struct Data {
server: u32,
channel: u32
}
#[put("/<target>/permissions/default", data = "<data>", rank = 1)]
pub async fn req(user: User, target: Ref, data: Json<Data>) -> Result<()> {
let target = target.fetch_server().await?;
let perm = permissions::PermissionCalculator::new(&user)
.with_server(&target)
.for_server()
.await?;
if !perm.get_manage_roles() {
return Err(Error::MissingPermission);
}
let server_permissions: u32 = ServerPermission::View as u32 | data.server;
let channel_permissions: u32 = ChannelPermission::View as u32 | data.channel;
get_collection("servers")
.update_one(
doc! { "_id": &target.id },
doc! {
"$set": {
"default_permissions": [
server_permissions as i32,
channel_permissions as i32
]
}
},
None
)
.await
.map_err(|_| Error::DatabaseError {
operation: "update_one",
with: "server"
})?;
ClientboundNotification::ServerUpdate {
id: target.id.clone(),
data: json!({
"default_permissions": [
server_permissions as i32,
channel_permissions as i32
]
}),
clear: None
}
.publish(target.id);
Ok(())
}

View File

@@ -40,7 +40,7 @@ pub async fn req(user: User, target: Ref, data: Json<Data>) -> Result<JsonValue>
get_collection("servers")
.update_one(
doc! {
"_id": &id
"_id": &target.id
},
doc! {
"$set": {

View File

@@ -20,7 +20,7 @@ pub async fn req(user: User, target: Ref, role_id: String) -> Result<()> {
get_collection("servers")
.update_one(
doc! {
"_id": &role_id
"_id": &target.id
},
doc! {
"$unset": {
@@ -34,9 +34,42 @@ pub async fn req(user: User, target: Ref, role_id: String) -> Result<()> {
operation: "update_one",
with: "servers"
})?;
// remove role from members
// remove role from channels
get_collection("channels")
.update_one(
doc! {
"server": &target.id
},
doc! {
"$unset": {
"role_permissions.".to_owned() + &role_id: 1
}
},
None
)
.await
.map_err(|_| Error::DatabaseError {
operation: "update_one",
with: "channels"
})?;
get_collection("server_members")
.update_many(
doc! {
"_id.server": &target.id
},
doc! {
"$pull": {
"roles": &role_id
}
},
None
)
.await
.map_err(|_| Error::DatabaseError {
operation: "update_many",
with: "server_members"
})?;
ClientboundNotification::ServerRoleDelete {
id: target.id.clone(),