2024-11-29 13:58:47 -08:00
|
|
|
package service
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
2024-12-12 17:29:20 -05:00
|
|
|
"errors"
|
2024-11-29 13:58:47 -08:00
|
|
|
"git.itzana.me/strafesnet/go-grpc/auth"
|
2024-12-12 17:29:20 -05:00
|
|
|
"git.itzana.me/strafesnet/maps-service/pkg/api"
|
2024-11-29 13:58:47 -08:00
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
|
|
|
// ErrMissingSessionID there is no session id
|
|
|
|
ErrMissingSessionID = errors.New("SessionID missing")
|
|
|
|
// ErrInvalidSession caller does not have a valid session
|
|
|
|
ErrInvalidSession = errors.New("Session invalid")
|
|
|
|
)
|
|
|
|
|
2024-12-27 17:24:09 -08:00
|
|
|
type Role int32
|
2024-11-29 13:58:47 -08:00
|
|
|
var (
|
2024-12-26 17:54:42 -08:00
|
|
|
// has ScriptWrite
|
2024-12-27 17:24:09 -08:00
|
|
|
RoleQuat Role = 255
|
2024-12-10 18:23:23 -08:00
|
|
|
// has SubmissionPublish
|
2024-12-27 17:24:09 -08:00
|
|
|
RoleMapAdmin Role = 128
|
2024-12-10 18:23:23 -08:00
|
|
|
// has SubmissionReview
|
2024-12-27 17:24:09 -08:00
|
|
|
RoleMapCouncil Role = 64
|
2024-11-29 13:58:47 -08:00
|
|
|
)
|
|
|
|
|
2024-12-27 17:24:09 -08:00
|
|
|
type UserInfo struct {
|
|
|
|
// Would love to know a better way to do this
|
|
|
|
svc *SecurityHandler
|
|
|
|
ctx *context.Context
|
|
|
|
sessionId string
|
|
|
|
}
|
2024-12-14 12:01:34 -08:00
|
|
|
|
2024-12-27 17:24:09 -08:00
|
|
|
func (usr UserInfo) GetUserID() (uint64, error) {
|
|
|
|
session, err := usr.svc.Client.GetSessionUser(*usr.ctx, &auth.IdMessage{
|
|
|
|
SessionID: usr.sessionId,
|
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
return 0, err
|
|
|
|
}
|
|
|
|
return session.UserID, nil
|
2024-11-29 13:58:47 -08:00
|
|
|
}
|
2024-12-27 17:24:09 -08:00
|
|
|
func (usr UserInfo) IsSubmitter(submitter uint64) (bool, error) {
|
|
|
|
userId, err := usr.GetUserID()
|
|
|
|
if err != nil {
|
|
|
|
return false, err
|
|
|
|
}
|
|
|
|
return userId == submitter, nil
|
|
|
|
}
|
|
|
|
func (usr UserInfo) hasRole(role Role) (bool, error) {
|
|
|
|
roles, err := usr.svc.Client.GetGroupRole(*usr.ctx, &auth.IdMessage{
|
|
|
|
SessionID: usr.sessionId,
|
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
return false, err
|
|
|
|
}
|
2024-11-29 13:58:47 -08:00
|
|
|
|
2024-12-27 17:24:09 -08:00
|
|
|
for _, r := range roles.Roles {
|
|
|
|
if int32(role) <= r.Rank {
|
|
|
|
return true, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return false, nil
|
2024-11-29 13:58:47 -08:00
|
|
|
}
|
|
|
|
|
2024-12-27 17:24:09 -08:00
|
|
|
|
|
|
|
// RoleThumbnail
|
|
|
|
// RoleMapDownload
|
|
|
|
func (usr UserInfo) HasRoleSubmissionRelease() (bool, error) {
|
|
|
|
return usr.hasRole(RoleMapAdmin)
|
|
|
|
}
|
|
|
|
func (usr UserInfo) HasRoleSubmissionReview() (bool, error) {
|
|
|
|
return usr.hasRole(RoleMapCouncil)
|
|
|
|
}
|
|
|
|
func (usr UserInfo) HasRoleScriptWrite() (bool, error) {
|
|
|
|
return usr.hasRole(RoleQuat)
|
|
|
|
}
|
|
|
|
/// Not implemented
|
|
|
|
func (usr UserInfo) HasRoleMaptest() (bool, error) {
|
|
|
|
println("HasRoleMaptest is not implemented!")
|
|
|
|
return false, nil
|
2024-11-29 13:58:47 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
type SecurityHandler struct {
|
2024-12-09 20:10:23 -08:00
|
|
|
Client auth.AuthServiceClient
|
2024-11-29 13:58:47 -08:00
|
|
|
}
|
|
|
|
|
2024-12-12 17:29:20 -05:00
|
|
|
func (svc SecurityHandler) HandleCookieAuth(ctx context.Context, operationName api.OperationName, t api.CookieAuth) (context.Context, error) {
|
2024-11-29 13:58:47 -08:00
|
|
|
sessionId := t.GetAPIKey()
|
|
|
|
if sessionId == "" {
|
|
|
|
return nil, ErrMissingSessionID
|
|
|
|
}
|
|
|
|
|
2024-12-09 20:10:23 -08:00
|
|
|
validate, err := svc.Client.ValidateSession(ctx, &auth.IdMessage{
|
2024-11-29 13:58:47 -08:00
|
|
|
SessionID: sessionId,
|
|
|
|
})
|
2024-12-12 17:29:20 -05:00
|
|
|
if err != nil {
|
2024-11-29 13:58:47 -08:00
|
|
|
return nil, err
|
|
|
|
}
|
2024-12-12 17:29:20 -05:00
|
|
|
if !validate.Valid {
|
2024-11-29 13:58:47 -08:00
|
|
|
return nil, ErrInvalidSession
|
|
|
|
}
|
|
|
|
|
|
|
|
newCtx := context.WithValue(ctx, "UserInfo", UserInfo{
|
2024-12-27 17:24:09 -08:00
|
|
|
svc: &svc,
|
|
|
|
ctx: &ctx,
|
|
|
|
sessionId: sessionId,
|
2024-11-29 13:58:47 -08:00
|
|
|
})
|
|
|
|
|
|
|
|
return newCtx, nil
|
|
|
|
}
|