maps-service/pkg/service/security.go

103 lines
2.0 KiB
Go
Raw Normal View History

2024-11-29 21:58:47 +00:00
package service
import (
"context"
2024-12-12 22:29:20 +00:00
"errors"
2024-11-29 21:58:47 +00:00
"git.itzana.me/strafesnet/go-grpc/auth"
2024-12-12 22:29:20 +00:00
"git.itzana.me/strafesnet/maps-service/pkg/api"
2024-11-29 21:58:47 +00:00
)
var (
// ErrMissingSessionID there is no session id
ErrMissingSessionID = errors.New("SessionID missing")
// ErrInvalidSession caller does not have a valid session
ErrInvalidSession = errors.New("Session invalid")
)
var (
// has ScriptWrite
RoleQuat int32 = 255
2024-12-11 02:23:23 +00:00
// has SubmissionPublish
2024-12-12 22:29:20 +00:00
RoleMapAdmin int32 = 128
2024-12-11 02:23:23 +00:00
// has SubmissionReview
RoleMapCouncil int32 = 64
2024-11-29 21:58:47 +00:00
)
type Roles struct {
2024-12-06 03:10:01 +00:00
// human roles
2024-12-14 12:06:49 +00:00
SubmissionRelease bool
2024-12-12 22:29:20 +00:00
SubmissionReview bool
ScriptWrite bool
2024-12-14 20:01:34 +00:00
// Thumbnail bool
// MapDownload
2024-12-06 03:10:01 +00:00
// automated roles
2024-12-12 22:29:20 +00:00
Maptest bool
2024-11-29 21:58:47 +00:00
}
type UserInfo struct {
2024-12-12 22:29:20 +00:00
Roles Roles
2024-12-11 03:18:04 +00:00
UserID uint64
2024-11-29 21:58:47 +00:00
}
2024-12-12 22:29:20 +00:00
func (usr UserInfo) IsSubmitter(submitter uint64) bool {
2024-11-29 21:58:47 +00:00
return usr.UserID == submitter
}
type SecurityHandler struct {
2024-12-10 04:10:23 +00:00
Client auth.AuthServiceClient
2024-11-29 21:58:47 +00:00
}
2024-12-12 22:29:20 +00:00
func (svc SecurityHandler) HandleCookieAuth(ctx context.Context, operationName api.OperationName, t api.CookieAuth) (context.Context, error) {
2024-11-29 21:58:47 +00:00
sessionId := t.GetAPIKey()
if sessionId == "" {
return nil, ErrMissingSessionID
}
2024-12-10 04:10:23 +00:00
session, err := svc.Client.GetSessionUser(ctx, &auth.IdMessage{
2024-11-29 21:58:47 +00:00
SessionID: sessionId,
})
2024-12-12 22:29:20 +00:00
if err != nil {
2024-11-29 21:58:47 +00:00
return nil, err
}
2024-12-10 04:10:23 +00:00
role, err := svc.Client.GetGroupRole(ctx, &auth.IdMessage{
2024-11-29 21:58:47 +00:00
SessionID: sessionId,
})
2024-12-12 22:29:20 +00:00
if err != nil {
2024-11-29 21:58:47 +00:00
return nil, err
}
2024-12-10 04:10:23 +00:00
validate, err := svc.Client.ValidateSession(ctx, &auth.IdMessage{
2024-11-29 21:58:47 +00:00
SessionID: sessionId,
})
2024-12-12 22:29:20 +00:00
if err != nil {
2024-11-29 21:58:47 +00:00
return nil, err
}
2024-12-12 22:29:20 +00:00
if !validate.Valid {
2024-11-29 21:58:47 +00:00
return nil, ErrInvalidSession
}
roles := Roles{}
// fix this when roblox udpates group roles
2024-12-12 22:29:20 +00:00
for _, r := range role.Roles {
if RoleQuat <= r.Rank {
roles.ScriptWrite = true
}
2024-12-12 22:29:20 +00:00
if RoleMapAdmin <= r.Rank {
2024-12-14 12:06:49 +00:00
roles.SubmissionRelease = true
2024-11-29 21:58:47 +00:00
}
2024-12-12 22:29:20 +00:00
if RoleMapCouncil <= r.Rank {
2024-12-06 03:10:01 +00:00
roles.SubmissionReview = true
2024-11-29 21:58:47 +00:00
}
}
newCtx := context.WithValue(ctx, "UserInfo", UserInfo{
2024-12-12 22:29:20 +00:00
Roles: roles,
2024-12-11 03:18:04 +00:00
UserID: session.UserID,
2024-11-29 21:58:47 +00:00
})
return newCtx, nil
}