2024-11-29 21:58:47 +00:00
|
|
|
package service
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
2024-12-12 22:29:20 +00:00
|
|
|
"errors"
|
2024-11-29 21:58:47 +00:00
|
|
|
"git.itzana.me/strafesnet/go-grpc/auth"
|
2024-12-12 22:29:20 +00:00
|
|
|
"git.itzana.me/strafesnet/maps-service/pkg/api"
|
2024-11-29 21:58:47 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
|
|
|
// ErrMissingSessionID there is no session id
|
|
|
|
ErrMissingSessionID = errors.New("SessionID missing")
|
|
|
|
// ErrInvalidSession caller does not have a valid session
|
|
|
|
ErrInvalidSession = errors.New("Session invalid")
|
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
2024-12-27 01:54:42 +00:00
|
|
|
// has ScriptWrite
|
|
|
|
RoleQuat int32 = 255
|
2024-12-11 02:23:23 +00:00
|
|
|
// has SubmissionPublish
|
2024-12-12 22:29:20 +00:00
|
|
|
RoleMapAdmin int32 = 128
|
2024-12-11 02:23:23 +00:00
|
|
|
// has SubmissionReview
|
|
|
|
RoleMapCouncil int32 = 64
|
2024-11-29 21:58:47 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
type Roles struct {
|
2024-12-06 03:10:01 +00:00
|
|
|
// human roles
|
2024-12-14 12:06:49 +00:00
|
|
|
SubmissionRelease bool
|
2024-12-12 22:29:20 +00:00
|
|
|
SubmissionReview bool
|
|
|
|
ScriptWrite bool
|
2024-12-14 20:01:34 +00:00
|
|
|
// Thumbnail bool
|
|
|
|
// MapDownload
|
|
|
|
|
2024-12-06 03:10:01 +00:00
|
|
|
// automated roles
|
2024-12-12 22:29:20 +00:00
|
|
|
Maptest bool
|
2024-11-29 21:58:47 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
type UserInfo struct {
|
2024-12-12 22:29:20 +00:00
|
|
|
Roles Roles
|
2024-12-11 03:18:04 +00:00
|
|
|
UserID uint64
|
2024-11-29 21:58:47 +00:00
|
|
|
}
|
|
|
|
|
2024-12-12 22:29:20 +00:00
|
|
|
func (usr UserInfo) IsSubmitter(submitter uint64) bool {
|
2024-11-29 21:58:47 +00:00
|
|
|
return usr.UserID == submitter
|
|
|
|
}
|
|
|
|
|
|
|
|
type SecurityHandler struct {
|
2024-12-10 04:10:23 +00:00
|
|
|
Client auth.AuthServiceClient
|
2024-11-29 21:58:47 +00:00
|
|
|
}
|
|
|
|
|
2024-12-12 22:29:20 +00:00
|
|
|
func (svc SecurityHandler) HandleCookieAuth(ctx context.Context, operationName api.OperationName, t api.CookieAuth) (context.Context, error) {
|
2024-11-29 21:58:47 +00:00
|
|
|
sessionId := t.GetAPIKey()
|
|
|
|
if sessionId == "" {
|
|
|
|
return nil, ErrMissingSessionID
|
|
|
|
}
|
|
|
|
|
2024-12-10 04:10:23 +00:00
|
|
|
session, err := svc.Client.GetSessionUser(ctx, &auth.IdMessage{
|
2024-11-29 21:58:47 +00:00
|
|
|
SessionID: sessionId,
|
|
|
|
})
|
2024-12-12 22:29:20 +00:00
|
|
|
if err != nil {
|
2024-11-29 21:58:47 +00:00
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2024-12-10 04:10:23 +00:00
|
|
|
role, err := svc.Client.GetGroupRole(ctx, &auth.IdMessage{
|
2024-11-29 21:58:47 +00:00
|
|
|
SessionID: sessionId,
|
|
|
|
})
|
2024-12-12 22:29:20 +00:00
|
|
|
if err != nil {
|
2024-11-29 21:58:47 +00:00
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2024-12-10 04:10:23 +00:00
|
|
|
validate, err := svc.Client.ValidateSession(ctx, &auth.IdMessage{
|
2024-11-29 21:58:47 +00:00
|
|
|
SessionID: sessionId,
|
|
|
|
})
|
2024-12-12 22:29:20 +00:00
|
|
|
if err != nil {
|
2024-11-29 21:58:47 +00:00
|
|
|
return nil, err
|
|
|
|
}
|
2024-12-12 22:29:20 +00:00
|
|
|
if !validate.Valid {
|
2024-11-29 21:58:47 +00:00
|
|
|
return nil, ErrInvalidSession
|
|
|
|
}
|
|
|
|
|
|
|
|
roles := Roles{}
|
|
|
|
|
|
|
|
// fix this when roblox udpates group roles
|
2024-12-12 22:29:20 +00:00
|
|
|
for _, r := range role.Roles {
|
2024-12-27 01:54:42 +00:00
|
|
|
if RoleQuat <= r.Rank {
|
|
|
|
roles.ScriptWrite = true
|
|
|
|
}
|
2024-12-12 22:29:20 +00:00
|
|
|
if RoleMapAdmin <= r.Rank {
|
2024-12-14 12:06:49 +00:00
|
|
|
roles.SubmissionRelease = true
|
2024-11-29 21:58:47 +00:00
|
|
|
}
|
2024-12-12 22:29:20 +00:00
|
|
|
if RoleMapCouncil <= r.Rank {
|
2024-12-06 03:10:01 +00:00
|
|
|
roles.SubmissionReview = true
|
2024-11-29 21:58:47 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
newCtx := context.WithValue(ctx, "UserInfo", UserInfo{
|
2024-12-12 22:29:20 +00:00
|
|
|
Roles: roles,
|
2024-12-11 03:18:04 +00:00
|
|
|
UserID: session.UserID,
|
2024-11-29 21:58:47 +00:00
|
|
|
})
|
|
|
|
|
|
|
|
return newCtx, nil
|
|
|
|
}
|