feat: implement missing permission syncs

This commit is contained in:
Zomatree
2025-01-28 15:55:21 +00:00
parent c55b5bf75f
commit c8ae34ba73
16 changed files with 266 additions and 228 deletions

View File

@@ -1,6 +1,5 @@
use revolt_database::{
util::{permissions::DatabasePermissionQuery, reference::Reference},
Channel, Database, PartialChannel, User, AMQP,
util::{permissions::DatabasePermissionQuery, reference::Reference}, voice::{delete_voice_state, get_voice_channel_members, VoiceClient}, Channel, Database, PartialChannel, User, AMQP
};
use revolt_models::v0;
use revolt_permissions::{calculate_channel_permissions, ChannelPermission};
@@ -15,6 +14,7 @@ use rocket_empty::EmptyResponse;
#[delete("/<target>?<options..>")]
pub async fn delete(
db: &State<Database>,
voice_client: &State<VoiceClient>,
amqp: &State<AMQP>,
user: User,
target: Reference,
@@ -27,7 +27,7 @@ pub async fn delete(
permissions.throw_if_lacking_channel_permission(ChannelPermission::ViewChannel)?;
match &channel {
Channel::SavedMessages { .. } => Err(create_error!(NoEffect)),
Channel::SavedMessages { .. } => Err(create_error!(NoEffect))?,
Channel::DirectMessage { .. } => channel
.update(
db,
@@ -37,8 +37,7 @@ pub async fn delete(
},
vec![],
)
.await
.map(|_| EmptyResponse),
.await?,
Channel::Group { .. } => channel
.remove_user_from_group(
db,
@@ -47,13 +46,21 @@ pub async fn delete(
None,
options.leave_silently.unwrap_or_default(),
)
.await
.map(|_| EmptyResponse),
.await?,
Channel::TextChannel { .. } | Channel::VoiceChannel { .. } => {
permissions.throw_if_lacking_channel_permission(ChannelPermission::ManageChannel)?;
channel.delete(db).await.map(|_| EmptyResponse)
channel.delete(db).await?
}
}
};
for user_id in get_voice_channel_members(channel.id()).await? {
let user = Reference::from_unchecked(user_id).as_user(db).await?;
voice_client.remove_user(&user, channel.id()).await?;
delete_voice_state(channel.id(), channel.server().as_deref(), &user.id).await?;
};
Ok(EmptyResponse)
}
#[cfg(test)]

View File

@@ -1,4 +1,4 @@
use revolt_database::{util::reference::Reference, Channel, Database, User, AMQP};
use revolt_database::{util::reference::Reference, voice::{delete_voice_state, is_in_voice_channel, raise_if_in_voice, VoiceClient}, Channel, Database, User, AMQP};
use revolt_permissions::ChannelPermission;
use revolt_result::{create_error, Result};
@@ -12,6 +12,7 @@ use rocket_empty::EmptyResponse;
#[delete("/<target>/recipients/<member>")]
pub async fn remove_member(
db: &State<Database>,
voice_client: &State<VoiceClient>,
amqp: &State<AMQP>,
user: User,
target: Reference,
@@ -23,32 +24,35 @@ pub async fn remove_member(
let channel = target.as_channel(db).await?;
match &channel {
Channel::Group {
owner, recipients, ..
} => {
if &user.id != owner {
return Err(create_error!(MissingPermission {
permission: ChannelPermission::ManageChannel.to_string()
}));
}
let member = member.as_user(db).await?;
if user.id == member.id {
return Err(create_error!(CannotRemoveYourself));
}
if !recipients.iter().any(|x| *x == member.id) {
return Err(create_error!(NotInGroup));
}
channel
.remove_user_from_group(db, amqp, &member, Some(&user.id), false)
.await
.map(|_| EmptyResponse)
if let Channel::Group { owner, recipients, .. } = &channel {
if &user.id != owner {
return Err(create_error!(MissingPermission {
permission: ChannelPermission::ManageChannel.to_string()
}));
}
_ => Err(create_error!(InvalidOperation)),
}
let member = member.as_user(db).await?;
if user.id == member.id {
return Err(create_error!(CannotRemoveYourself));
}
if !recipients.iter().any(|x| *x == member.id) {
return Err(create_error!(NotInGroup));
}
channel
.remove_user_from_group(db, amqp, &member, Some(&user.id), false)
.await?;
} else {
return Err(create_error!(InvalidOperation))
};
if is_in_voice_channel(&user.id, channel.id()).await? {
voice_client.remove_user(&user, channel.id()).await?;
delete_voice_state(channel.id(), None, &user.id).await?;
};
Ok(EmptyResponse)
}
#[cfg(test)]

View File

@@ -1,6 +1,5 @@
use revolt_database::{
util::{permissions::DatabasePermissionQuery, reference::Reference},
Channel, Database, User,
util::{permissions::DatabasePermissionQuery, reference::Reference}, voice::{sync_voice_permissions, VoiceClient}, Channel, Database, User
};
use revolt_models::v0;
use revolt_permissions::{calculate_channel_permissions, ChannelPermission, Override};
@@ -17,14 +16,15 @@ use serde::Deserialize;
#[put("/<target>/permissions/<role_id>", data = "<data>", rank = 2)]
pub async fn set_role_permissions(
db: &State<Database>,
voice_client: &State<VoiceClient>,
user: User,
target: Reference,
role_id: String,
data: Json<v0::DataSetRolePermissions>,
) -> Result<Json<v0::Channel>> {
let mut channel = target.as_channel(db).await?;
let channel = target.as_channel(db).await?;
let mut query = DatabasePermissionQuery::new(db, &user).channel(&channel);
let permissions = calculate_channel_permissions(&mut query).await;
let permissions: revolt_permissions::PermissionValue = calculate_channel_permissions(&mut query).await;
permissions.throw_if_lacking_channel_permission(ChannelPermission::ManagePermissions)?;
@@ -39,11 +39,15 @@ pub async fn set_role_permissions(
.throw_permission_override(current_value, &data.permissions)
.await?;
channel
let mut new_channel = channel.clone();
new_channel
.set_role_permission(db, &role_id, data.permissions.clone().into())
.await?;
Ok(Json(channel.into()))
sync_voice_permissions(db, voice_client, &new_channel, Some(server), Some(&role_id)).await?;
Ok(Json(new_channel.into()))
} else {
Err(create_error!(NotFound))
}

View File

@@ -1,6 +1,5 @@
use revolt_database::{
util::{permissions::DatabasePermissionQuery, reference::Reference},
Channel, Database, PartialChannel, User,
util::{permissions::DatabasePermissionQuery, reference::Reference}, voice::{sync_voice_permissions, VoiceClient}, Channel, Database, PartialChannel, User
};
use revolt_models::v0::{self, DataDefaultChannelPermissions};
use revolt_permissions::{calculate_channel_permissions, ChannelPermission};
@@ -16,6 +15,7 @@ use rocket::{serde::json::Json, State};
#[put("/<target>/permissions/default", data = "<data>", rank = 1)]
pub async fn set_default_permissions(
db: &State<Database>,
voice_client: &State<VoiceClient>,
user: User,
target: Reference,
data: Json<v0::DataDefaultChannelPermissions>,
@@ -75,5 +75,12 @@ pub async fn set_default_permissions(
_ => return Err(create_error!(InvalidOperation)),
}
let server = match channel.server() {
Some(server_id) => Some(Reference::from_unchecked(server_id).as_server(db).await?),
None => None
};
sync_voice_permissions(db, voice_client, &channel, server.as_ref(), None).await?;
Ok(Json(channel.into()))
}

View File

@@ -19,7 +19,7 @@ use validator::Validate;
#[put("/<server>/bans/<target>", data = "<data>")]
pub async fn ban(
db: &State<Database>,
voice: &State<VoiceClient>,
voice_client: &State<VoiceClient>,
user: User,
server: Reference,
target: Reference,
@@ -61,6 +61,7 @@ pub async fn ban(
// If the member is in a voice channel while banned kick them from the voice channel
if let Some(channel_id) = get_user_voice_channel_in_server(&user.id, &server.id).await? {
voice_client.remove_user(&user, &channel_id).await?;
delete_voice_state(&channel_id, Some(&server.id), &user.id).await?
}
}

View File

@@ -7,7 +7,7 @@ use redis_kiss::{get_connection, redis::Pipeline, AsyncCommands};
use revolt_database::{
events::client::EventV1,
util::{permissions::DatabasePermissionQuery, reference::Reference},
voice::VoiceClient,
voice::{get_user_voice_channel_in_server, move_user, sync_user_voice_permissions, VoiceClient},
Database, File, PartialMember, User,
};
use revolt_models::v0::{self, FieldsMember, PartialUserVoiceState};
@@ -23,8 +23,8 @@ use validator::Validate;
#[openapi(tag = "Server Members")]
#[patch("/<server>/members/<target>", data = "<data>")]
pub async fn edit(
voice_client: &State<VoiceClient>,
db: &State<Database>,
voice_client: &State<VoiceClient>,
user: User,
server: Reference,
target: Reference,
@@ -190,6 +190,18 @@ pub async fn edit(
.map(|r| r.contains(FieldsMember::CanPublish) || r.contains(FieldsMember::CanReceive))
.unwrap_or_default();
if can_publish.is_some()
|| can_receive.is_some()
|| voice_channel.is_some()
|| remove_contains_voice
{
if let Some(channel) = get_user_voice_channel_in_server(&target_user.id, &server.id).await? {
let channel = Reference::from_unchecked(channel).as_channel(db).await?;
sync_user_voice_permissions(db, voice_client, &user, &channel, Some(&server), None).await?;
};
};
member
.update(
db,
@@ -200,68 +212,5 @@ pub async fn edit(
)
.await?;
if can_publish.is_some()
|| can_receive.is_some()
|| voice_channel.is_some()
|| remove_contains_voice
{
let mut conn = get_connection().await.to_internal_error()?;
let unique_key = format!("{}-{}", &member.id.user, &member.id.server);
// if we edit the member while they are in a voice channel we need to also update the perms
// otherwise it wont take place until they leave and rejoin
if let Some(channel) = conn
.get::<_, Option<String>>(format!("vc-{}", &unique_key))
.await
.to_internal_error()?
{
let mut pipeline = Pipeline::new();
let mut new_perms = ParticipantPermission::default();
if remove_contains_voice {
let mut query = DatabasePermissionQuery::new(db, &target_user)
.server(&server)
.member(&member);
let permissions = calculate_server_permissions(&mut query).await;
if !permissions.has_channel_permission(ChannelPermission::Speak) {
can_publish = Some(false)
}
if !permissions.has_channel_permission(ChannelPermission::Listen) {
can_publish = Some(false)
}
}
if let Some(can_publish) = can_publish {
new_perms.can_publish = can_publish;
new_perms.can_publish_data = can_publish;
};
if let Some(can_receive) = can_receive {
new_perms.can_subscribe = can_receive;
};
if let Some(new_channel) = voice_channel {
pipeline.smove(
format!("vc-members-{channel}"),
format!("vc-members-{new_channel}"),
&member.id.user,
);
};
pipeline
.query_async(&mut conn.into_inner())
.await
.to_internal_error()?;
voice_client
.update_permissions(&user, &channel, new_perms)
.await?;
};
};
Ok(Json(member.into()))
}

View File

@@ -1,5 +1,6 @@
use revolt_database::{
util::{permissions::DatabasePermissionQuery, reference::Reference},
voice::{delete_voice_state, get_user_voice_channel_in_server, VoiceClient},
Database, RemovalIntention, User,
};
use revolt_permissions::{calculate_server_permissions, ChannelPermission};
@@ -14,6 +15,7 @@ use rocket_empty::EmptyResponse;
#[delete("/<target>/members/<member>")]
pub async fn kick(
db: &State<Database>,
voice_client: &State<VoiceClient>,
user: User,
target: Reference,
member: Reference,
@@ -40,6 +42,11 @@ pub async fn kick(
return Err(create_error!(NotElevated));
}
if let Some(channel_id) = get_user_voice_channel_in_server(&user.id, &server.id).await? {
voice_client.remove_user(&user, &channel_id).await?;
delete_voice_state(&channel_id, Some(&server.id), &user.id).await?;
}
member
.remove(db, &server, RemovalIntention::Kick, false)
.await

View File

@@ -1,6 +1,5 @@
use revolt_database::{
util::{permissions::DatabasePermissionQuery, reference::Reference},
Database, User,
util::{permissions::DatabasePermissionQuery, reference::Reference}, voice::{sync_voice_permissions, VoiceClient}, Database, User
};
use revolt_models::v0;
use revolt_permissions::{calculate_server_permissions, ChannelPermission, Override};
@@ -14,6 +13,7 @@ use rocket::{serde::json::Json, State};
#[put("/<target>/permissions/<role_id>", data = "<data>", rank = 2)]
pub async fn set_role_permission(
db: &State<Database>,
voice_client: &State<VoiceClient>,
user: User,
target: Reference,
role_id: String,
@@ -40,6 +40,12 @@ pub async fn set_role_permission(
.throw_permission_override(current_value, &data.permissions)
.await?;
for channel_id in &server.channels {
let channel = Reference::from_unchecked(channel_id.clone()).as_channel(db).await?;
sync_voice_permissions(db, voice_client, &channel, Some(&server), Some(&role_id)).await?;
};
server
.set_role_permission(db, &role_id, data.permissions.into())
.await?;

View File

@@ -1,6 +1,5 @@
use revolt_database::{
util::{permissions::DatabasePermissionQuery, reference::Reference},
Database, PartialServer, Server, User,
util::{permissions::DatabasePermissionQuery, reference::Reference}, voice::{sync_voice_permissions, VoiceClient}, Database, PartialServer, Server, User
};
use revolt_models::v0;
use revolt_permissions::{
@@ -16,6 +15,7 @@ use rocket::{serde::json::Json, State};
#[put("/<target>/permissions/default", data = "<data>", rank = 1)]
pub async fn set_default_permissions(
db: &State<Database>,
voice_client: &State<VoiceClient>,
user: User,
target: Reference,
data: Json<DataPermissionsValue>,
@@ -39,6 +39,12 @@ pub async fn set_default_permissions(
)
.await?;
for channel_id in &server.channels {
let channel = Reference::from_unchecked(channel_id.clone()).as_channel(db).await?;
sync_voice_permissions(db, voice_client, &channel, Some(&server), None).await?;
};
server
.update(
db,

View File

@@ -1,11 +1,9 @@
use livekit_protocol::ParticipantPermission;
use revolt_database::{
util::{permissions::DatabasePermissionQuery, reference::Reference},
voice::{get_allowed_sources, get_voice_channel_members, get_voice_state, update_voice_state, VoiceClient},
Channel, Database, User
voice::{sync_voice_permissions, VoiceClient},
Database, User
};
use revolt_models::v0::PartialUserVoiceState;
use revolt_permissions::{calculate_channel_permissions, calculate_server_permissions, ChannelPermission};
use revolt_permissions::{calculate_server_permissions, ChannelPermission};
use revolt_result::{create_error, Result};
use rocket::State;
use rocket_empty::EmptyResponse;
@@ -38,45 +36,7 @@ pub async fn delete(
for channel_id in &server.channels {
let channel = Reference::from_unchecked(channel_id.clone()).as_channel(db).await?;
if matches!(channel, Channel::VoiceChannel { .. }) {
for member_id in get_voice_channel_members(channel_id).await? {
let member = Reference::from_unchecked(member_id).as_member(db, &server.id).await?;
if member.roles.contains(&role_id) {
let user = Reference::from_unchecked(member.id.user.clone()).as_user(db).await?;
let voice_state = get_voice_state(channel_id, Some(&server.id), &user.id).await?.unwrap();
let mut query = DatabasePermissionQuery::new(db, &user)
.member(&member)
.channel(&channel)
.server(&server);
let permissions = calculate_channel_permissions(&mut query).await;
let mut update_event = PartialUserVoiceState {
id: Some(user.id.clone()),
..Default::default()
};
let can_video = permissions.has_channel_permission(ChannelPermission::Video);
let can_speak = permissions.has_channel_permission(ChannelPermission::Speak);
let can_listen = permissions.has_channel_permission(ChannelPermission::Listen);
update_event.camera = voice_state.camera.then_some(can_video);
update_event.screensharing = voice_state.screensharing.then_some(can_video);
update_event.is_publishing = voice_state.is_publishing.then_some(can_speak);
update_voice_state(channel_id, Some(&server.id), &user.id, &update_event).await?;
voice_client.update_permissions(&user, channel_id, ParticipantPermission {
can_subscribe: can_listen,
can_publish: can_speak,
can_publish_data: can_speak,
..Default::default()
}).await?;
}
}
}
sync_voice_permissions(db, voice_client, &channel, Some(&server), Some(&role_id)).await?;
};
role.delete(db, &server.id, &role_id)

View File

@@ -1,14 +1,12 @@
use livekit_protocol::ParticipantPermission;
use revolt_database::{
util::{permissions::DatabasePermissionQuery, reference::Reference},
voice::{get_allowed_sources, get_voice_channel_members, get_voice_state, update_voice_state, update_voice_state_tracks, VoiceClient},
Channel, Database, PartialRole, User
voice::{sync_voice_permissions, VoiceClient},
Database, PartialRole, User
};
use revolt_models::v0::{self, PartialUserVoiceState};
use revolt_permissions::{calculate_channel_permissions, calculate_server_permissions, ChannelPermission, PermissionQuery};
use revolt_models::v0;
use revolt_permissions::{calculate_server_permissions, ChannelPermission};
use revolt_result::{create_error, Result};
use rocket::{serde::json::Json, State};
use serde::{Deserialize, Serialize};
use validator::Validate;
/// # Edit Role
@@ -18,12 +16,11 @@ use validator::Validate;
#[patch("/<target>/roles/<role_id>", data = "<data>")]
pub async fn edit(
db: &State<Database>,
voice: &State<VoiceClient>,
voice_client: &State<VoiceClient>,
user: User,
target: Reference,
role_id: String,
data: Json<v0::DataEditRole>,
voice_client: &State<VoiceClient>
) -> Result<Json<v0::Role>> {
let data = data.into_inner();
data.validate().map_err(|error| {
@@ -83,45 +80,7 @@ pub async fn edit(
for channel_id in &server.channels {
let channel = Reference::from_unchecked(channel_id.clone()).as_channel(db).await?;
if matches!(channel, Channel::VoiceChannel { .. }) {
for member_id in get_voice_channel_members(channel_id).await? {
let member = Reference::from_unchecked(member_id).as_member(db, &server.id).await?;
if member.roles.contains(&role_id) {
let user = Reference::from_unchecked(member.id.user.clone()).as_user(db).await?;
let voice_state = get_voice_state(channel_id, Some(&server.id), &user.id).await?.unwrap();
let mut query = DatabasePermissionQuery::new(db, &user)
.member(&member)
.channel(&channel)
.server(&server);
let permissions = calculate_channel_permissions(&mut query).await;
let mut update_event = PartialUserVoiceState {
id: Some(user.id.clone()),
..Default::default()
};
let can_video = permissions.has_channel_permission(ChannelPermission::Video);
let can_speak = permissions.has_channel_permission(ChannelPermission::Speak);
let can_listen = permissions.has_channel_permission(ChannelPermission::Listen);
update_event.camera = voice_state.camera.then_some(can_video);
update_event.screensharing = voice_state.screensharing.then_some(can_video);
update_event.is_publishing = voice_state.is_publishing.then_some(can_speak);
update_voice_state(channel_id, Some(&server.id), &user.id, &update_event).await?;
voice_client.update_permissions(&user, channel_id, ParticipantPermission {
can_subscribe: can_listen,
can_publish: can_speak,
can_publish_data: can_speak,
..Default::default()
}).await?;
}
}
}
sync_voice_permissions(db, voice_client, &channel, Some(&server), Some(&role_id)).await?;
};
Ok(Json(role.into()))

View File

@@ -1,4 +1,8 @@
use revolt_database::{util::reference::Reference, Database, RemovalIntention, User};
use revolt_database::{
util::reference::Reference,
voice::{delete_voice_state, get_user_voice_channel_in_server, VoiceClient},
Database, RemovalIntention, User,
};
use revolt_models::v0;
use revolt_result::Result;
use rocket::State;
@@ -12,6 +16,7 @@ use rocket_empty::EmptyResponse;
#[delete("/<target>?<options..>")]
pub async fn delete(
db: &State<Database>,
voice_client: &State<VoiceClient>,
user: User,
target: Reference,
options: v0::OptionsServerDelete,
@@ -20,8 +25,20 @@ pub async fn delete(
let member = db.fetch_member(&target.id, &user.id).await?;
if server.owner == user.id {
for channel_id in &server.channels {
voice_client.remove_user(&user, channel_id).await?;
delete_voice_state(channel_id, Some(&server.id), &user.id).await?;
}
server.delete(db).await
} else {
if let Some(channel_id) = get_user_voice_channel_in_server(&user.id, &server.id).await? {
if server.channels.iter().any(|c| c == &channel_id) {
voice_client.remove_user(&user, &channel_id).await?;
delete_voice_state(&channel_id, Some(&server.id), &user.id).await?;
}
};
member
.remove(
db,