StrafesNET/maps-service
7
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases Wiki Activity

Web: Script Review #2

New Issue
Open
opened 2024-12-14 06:57:07 +00:00 by Quaternions · 2 comments
Quaternions commented 2024-12-14 06:57:07 +00:00
Owner
Copy Link

The website needs a script review webpage, only to be used by me personally, so it doesn't need to be fancy.

How does script review work?

Resources

  • Script database stores the actual source of the script, and a hash to find exact matches easily without uploading the entire source again.
  • Script policy database stores what the validation service is supposed to do with each script it finds.
  1. A submission is accepted by a reviewer
  2. The validation service uploads any new scripts to the script database and creates "None" (unreviewed) script policies for each of them.
  3. The Quaternions himself loads the script review webpage, which locates a single unreviewed script using GET /script-policy?Page=1&Limit=1&Policy=0.
  4. The GET /script-policy request returns a ScriptPolicy which is displayed in an editable text box, potentially with Lua syntax highlighting. The page is a form for updating the "None" ScriptPolicy with a different policy. The available policies are:
    pkg/model/policy.go Lines 8 to 12 in 00fdbd9611
    ScriptPolicyNone Policy = 0 // not yet reviewed
    ScriptPolicyAllowed Policy = 1
    ScriptPolicyBlocked Policy = 2
    ScriptPolicyDelete Policy = 3
    ScriptPolicyReplace Policy = 4

    Quaternions selects a policy from the radio menu, and clicks submit. If the policy selection is "Replace", a new Script will need to be created with POST /scripts, before updating the script policy, including ToScriptID.
  5. Updating the script policy:
  • If the policy is "Replace", upload the edited script to POST /scripts which returns the ScriptID of the newly created script. Then, update the policy with POST /script-policy/{ScriptPolicyID} using the ScriptPolicyUpdate openapi data structure. Include the fields "Policy":4 (Replace) and "ToScriptID":ScriptID.
  • If the policy is anything else, no script needs to be uploaded and the only field that need to be included in ScriptPolicyUpdate is Policy.

Bonus points:

  • When "Replace" is selected on the radio menu, a script diff is shown
  • Automatically select "Replace" when the script is edited
  • Disallow submit if the source is changed and "Replace" is not selected
The website needs a script review webpage, only to be used by me personally, so it doesn't need to be fancy. How does script review work? Resources - [Script](https://git.itzana.me/StrafesNET/maps-service/src/commit/2fa3a2d74d74ef9f7edbb79f5f2c1a8e2e2cc709/openapi.yaml#L650) database stores the actual source of the script, and a hash to find exact matches easily without uploading the entire source again. - [Script policy](https://git.itzana.me/StrafesNET/maps-service/src/commit/2fa3a2d74d74ef9f7edbb79f5f2c1a8e2e2cc709/openapi.yaml#L697) database stores what the validation service is supposed to do with each script it finds. 1. A submission is accepted by a reviewer 2. The validation service uploads any new scripts to the script database and creates "None" (unreviewed) script policies for each of them. 3. The Quaternions himself loads the script review webpage, which locates a single unreviewed script using `GET /script-policy?Page=1&Limit=1&Policy=0`. 4. The `GET /script-policy` request returns a [ScriptPolicy](https://git.itzana.me/StrafesNET/maps-service/src/commit/00fdbd9611d73c829e2beb49d97841abc09761fb/openapi.yaml#L730) which is displayed in an editable text box, potentially with Lua syntax highlighting. The page is a form for updating the "None" ScriptPolicy with a different policy. The available policies are: https://git.itzana.me/StrafesNET/maps-service/src/commit/00fdbd9611d73c829e2beb49d97841abc09761fb/pkg/model/policy.go#L8-L12 Quaternions selects a policy from the radio menu, and clicks submit. If the policy selection is "Replace", a new Script will need to be created with `POST /scripts`, before updating the script policy, including ToScriptID. 5. Updating the script policy: - If the policy is "Replace", upload the edited script to `POST /scripts` which returns the ScriptID of the newly created script. Then, update the policy with `POST /script-policy/{ScriptPolicyID}` using the `ScriptPolicyUpdate` openapi data structure. Include the fields `"Policy":4` (Replace) and `"ToScriptID":ScriptID`. - If the policy is anything else, no script needs to be uploaded and the only field that need to be included in `ScriptPolicyUpdate` is `Policy`. Bonus points: - When "Replace" is selected on the radio menu, a script diff is shown - Automatically select "Replace" when the script is edited - Disallow submit if the source is changed and "Replace" is not selected
🚀 1
interpreterK commented 2024-12-14 07:15:05 +00:00
Member
Copy Link

Some useful packages for the web development process to keep in mind that would help with this,

Syntax highlighting, line numbers, and editing
https://shiki.matsu.io/ (Luau supported)
https://highlightjs.org/
https://microsoft.github.io/monaco-editor/ (Vscode base)

Diff viewer
https://github.com/praneshr/react-diff-viewer

Some useful packages for the web development process to keep in mind that would help with this, **Syntax highlighting, line numbers, and editing** https://shiki.matsu.io/ (Luau supported) https://highlightjs.org/ https://microsoft.github.io/monaco-editor/ (Vscode base) **Diff viewer** https://github.com/praneshr/react-diff-viewer
Quaternions commented 2024-12-28 03:29:25 +00:00
Author
Owner
Copy Link

I created a command line review tool, the code can be used as reference for an eventual review web page but the review tool will cover the required functionality for now.

src/main.rs Lines 92 to 178 in c4508480c1
async fn review(config:ReviewConfig)->Result<(),ReviewError>{
// download unreviewed policies
// review them
let cookie=submissions_api::Cookie::new(&config.session_id).map_err(ReviewError::Cookie)?;
let api=submissions_api::external::Context::new(config.api_url,cookie).map_err(ReviewError::Reqwest)?;
let unreviewed_policies=api.get_script_policies(submissions_api::types::GetScriptPoliciesRequest{
Page:1,
Limit:100,
FromScriptHash:None,
ToScriptID:None,
Policy:Some(submissions_api::types::Policy::None),
}).await.map_err(ReviewError::GetPolicies)?;
for unreviewed_policy in unreviewed_policies{
// download source code
let script_response=api.get_script_from_hash(submissions_api::types::HashRequest{
hash:unreviewed_policy.FromScriptHash.as_str(),
}).await
.map_err(ReviewError::GetScriptFromHash)?
.ok_or(ReviewError::NoScript)?;
let source=script_response.Source;
//load source into current.lua
tokio::fs::write("current.lua",source.as_str()).await.map_err(ReviewError::WriteCurrent)?;
//prompt action in terminal
//wait for input
let script_action;
loop{
print!("action: ");
std::io::Write::flush(&mut std::io::stdout()).map_err(ReviewError::ActionIO)?;
let mut action_string=String::new();
std::io::stdin().read_line(&mut action_string).map_err(ReviewError::ActionIO)?;
if let Ok(parsed_script_action)=action_string.parse::<ScriptActionParseResult>(){
script_action=parsed_script_action;
break;
}
}
// default to_script_id is from from_script_id (only changed for replace policy)
let mut to_script_id=None;
// interpret action
let reviewed_policy=match script_action{
ScriptActionParseResult::Pass=>{
//if current.lua was updated, create an allowed and replace file and set script_action to replace(new_id)
let modified_source=tokio::fs::read_to_string("current.lua").await.map_err(ReviewError::ReadCurrent)?;
if modified_source==source{
submissions_api::types::Policy::Allowed
}else{
// compute hash
let hash=hash_source(source.as_str());
// check if modified script already exists
let maybe_script_response=api.get_script_from_hash(submissions_api::types::HashRequest{
hash:format!("{:016x}",hash).as_str(),
}).await.map_err(ReviewError::DeduplicateModified)?;
// write to_script_id, uploading modified script if necessary
to_script_id=Some(match maybe_script_response{
Some(script_response)=>script_response.ID,
None=>api.create_script(submissions_api::types::CreateScriptRequest{
Name:script_response.Name.as_str(),
Source:modified_source.as_str(),
SubmissionID:Some(script_response.SubmissionID),
}).await.map_err(ReviewError::UploadModified)?.ID
});
// use replace policy
submissions_api::types::Policy::Replace
}
},
ScriptActionParseResult::Block=>submissions_api::types::Policy::Blocked,
ScriptActionParseResult::Exit=>break,
ScriptActionParseResult::Delete=>submissions_api::types::Policy::Delete,
};
// update policy
api.update_script_policy(submissions_api::types::UpdateScriptPolicyRequest{
ID:unreviewed_policy.ID,
FromScriptID:None,
ToScriptID:to_script_id,
Policy:Some(reviewed_policy),
}).await.map_err(ReviewError::UpdateScriptPolicy)?;
}
Ok(())
}

I created a command line review tool, the code can be used as reference for an eventual review web page but the review tool will cover the required functionality for now. https://git.itzana.me/StrafesNET/remote-script-review/src/commit/c4508480c184c37bc7f5158379dc083155ee464b/src/main.rs#L92-L178
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
Something is not working
duplicate
This issue or pull request already exists
enhancement
New feature
help wanted
Need some help
invalid
Something is wrong
question
More information is needed
wontfix
This won't be fixed
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: StrafesNET/maps-service#2
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?