From 0553ce55876e98985d75349437d018462ac581ed Mon Sep 17 00:00:00 2001 From: Paul Makles Date: Wed, 23 Feb 2022 17:51:36 +0000 Subject: [PATCH] feat(permissions): apply permissions on set channel routes --- src/routes/channels/permissions_set.rs | 42 +++++++++++++------ .../channels/permissions_set_default.rs | 28 +++++++++---- src/routes/servers/permissions_set.rs | 20 +++------ src/routes/servers/permissions_set_default.rs | 15 +++---- 4 files changed, 60 insertions(+), 45 deletions(-) diff --git a/src/routes/channels/permissions_set.rs b/src/routes/channels/permissions_set.rs index 999f1eeb..45721e43 100644 --- a/src/routes/channels/permissions_set.rs +++ b/src/routes/channels/permissions_set.rs @@ -1,35 +1,51 @@ use rocket::serde::json::Json; -use serde::{Deserialize, Serialize}; +use serde::Deserialize; use revolt_quark::{ models::{Channel, User}, - perms, Db, OverrideField, Permission, Ref, Result, + perms, Db, Error, Override, Permission, Ref, Result, }; -#[derive(Serialize, Deserialize)] +#[derive(Deserialize)] pub struct Data { - permissions: OverrideField, + permissions: Override, } -#[put("//permissions/", data = "", rank = 2)] +#[put("//permissions/", data = "", rank = 2)] pub async fn req( db: &Db, user: User, target: Ref, - role: String, + role_id: String, data: Json, ) -> Result> { let mut channel = target.as_channel(db).await?; - perms(&user) - .channel(&channel) + let mut permissions = perms(&user).channel(&channel); + + permissions .throw_permission_and_view_channel(db, Permission::ManagePermissions) .await?; - // ! FIXME_PERMISSIONS + if let Some(server) = permissions.server.get() { + if let Some(role) = server.roles.get(&role_id) { + if role.rank <= permissions.get_member_rank().unwrap_or(i64::MIN) { + return Err(Error::NotElevated); + } - channel - .set_role_permission(db, &role, data.permissions) - .await?; + let current_value: Override = role.permissions.into(); + permissions + .throw_permission_override(db, current_value, data.permissions) + .await?; - Ok(Json(channel)) + channel + .set_role_permission(db, &role_id, data.permissions.into()) + .await?; + + Ok(Json(channel)) + } else { + Err(Error::NotFound) + } + } else { + Err(Error::InvalidOperation) + } } diff --git a/src/routes/channels/permissions_set_default.rs b/src/routes/channels/permissions_set_default.rs index 42cd0830..d80c8f5d 100644 --- a/src/routes/channels/permissions_set_default.rs +++ b/src/routes/channels/permissions_set_default.rs @@ -1,12 +1,12 @@ use rocket::serde::json::Json; -use serde::{Deserialize, Serialize}; +use serde::Deserialize; use revolt_quark::{ models::{channel::PartialChannel, Channel, User}, perms, Db, Error, Override, Permission, Ref, Result, }; -#[derive(Serialize, Deserialize)] +#[derive(Deserialize)] #[serde(untagged)] pub enum Data { Value { permissions: u64 }, @@ -18,9 +18,9 @@ pub async fn req(db: &Db, user: User, target: Ref, data: Json) -> Result) -> Result { - // ! FIXME_PERMISSIONS - + Channel::TextChannel { + default_permissions, + .. + } + | Channel::VoiceChannel { + default_permissions, + .. + } => { if let Data::Field { permissions } = data { + perm.throw_permission_override( + db, + default_permissions.map(|x| x.into()), + permissions, + ) + .await?; + channel .update( db, diff --git a/src/routes/servers/permissions_set.rs b/src/routes/servers/permissions_set.rs index 1180a4c3..b9941559 100644 --- a/src/routes/servers/permissions_set.rs +++ b/src/routes/servers/permissions_set.rs @@ -1,12 +1,12 @@ use rocket::serde::json::Json; -use serde::{Deserialize, Serialize}; +use serde::Deserialize; use revolt_quark::{ models::{Server, User}, perms, Db, Error, Override, Permission, Ref, Result, }; -#[derive(Serialize, Deserialize)] +#[derive(Deserialize)] pub struct Data { permissions: Override, } @@ -34,20 +34,10 @@ pub async fn req( return Err(Error::NotElevated); } - if !permissions - .has_permission_value(db, data.permissions.allows()) - .await? - { - return Err(Error::CannotGiveMissingPermissions); - } - let current_value: Override = current_value.into(); - if !permissions - .has_permission_value(db, current_value.denies() & (!data.permissions.denies())) - .await? - { - return Err(Error::CannotGiveMissingPermissions); - } + permissions + .throw_permission_override(db, current_value, data.permissions) + .await?; server .set_role_permission(db, &role_id, data.permissions.into()) diff --git a/src/routes/servers/permissions_set_default.rs b/src/routes/servers/permissions_set_default.rs index 7f1ee736..ce25533a 100644 --- a/src/routes/servers/permissions_set_default.rs +++ b/src/routes/servers/permissions_set_default.rs @@ -1,12 +1,12 @@ use rocket::serde::json::Json; -use serde::{Deserialize, Serialize}; +use serde::Deserialize; use revolt_quark::{ models::{server::PartialServer, Server, User}, - perms, Db, Error, Permission, Ref, Result, + perms, Db, Permission, Ref, Result, }; -#[derive(Serialize, Deserialize)] +#[derive(Deserialize)] pub struct Data { permissions: u64, } @@ -22,12 +22,9 @@ pub async fn req(db: &Db, user: User, target: Ref, data: Json) -> Result