pkg/service/security.go

@@ -25,19 +25,19 @@ var (
 )
 
 // StrafesNET group roles
-type Role int32
+type GroupRole int32
 var (
 	// has ScriptWrite
-	RoleQuat Role = 240
+	RoleQuat GroupRole = 240
 	RolesQuat Roles = RolesScriptWrite|RolesSubmissionPublish|RolesSubmissionReview|RolesMapDownload
 	// has SubmissionPublish
-	RoleMapAdmin Role = 128
+	RoleMapAdmin GroupRole = 128
 	RolesMapAdmin Roles = RolesSubmissionPublish|RolesSubmissionReview|RolesMapDownload
 	// has SubmissionReview
-	RoleMapCouncil Role = 64
+	RoleMapCouncil GroupRole = 64
 	RolesMapCouncil Roles = RolesSubmissionReview|RolesMapDownload
 	// access to downloading maps
-	RoleMapAccess Role = 32
+	RoleMapAccess GroupRole = 32
 	RolesMapAccess Roles = RolesMapDownload
 )
 
@@ -90,20 +90,13 @@ func (usr UserInfoHandle) IsSubmitter(submitter uint64) (bool, error) {
 	}
 	return userId == submitter, nil
 }
-func (usr UserInfoHandle) hasRole(role Role) (bool, error) {
+func (usr UserInfoHandle) hasRoles(wantRoles Roles) (bool, error) {
-	roles, err := usr.svc.Client.GetGroupRole(*usr.ctx, &auth.IdMessage{
+	haveroles, err := usr.GetRoles()
-		SessionID: usr.sessionId,
-	})
 	if err != nil {
 		return false, err
 	}
 
-	for _, r := range roles.Roles {
+	return haveroles & wantRoles == wantRoles, nil
-		if int32(role) <= r.Rank {
-			return true, nil
-		}
-	}
-	return false, nil
 }
 func (usr UserInfoHandle) GetRoles() (Roles, error) {
 	roles, err := usr.svc.Client.GetGroupRole(*usr.ctx, &auth.IdMessage{
@@ -117,7 +110,7 @@ func (usr UserInfoHandle) GetRoles() (Roles, error) {
 
 	// map roles into bitflag
 	for _, r := range roles.Roles {
-		switch Role(r.Rank){
+		switch GroupRole(r.Rank){
 			case RoleQuat:
 				rolesBitflag|=RolesQuat;
 			case RoleMapAdmin:
@@ -133,14 +126,17 @@ func (usr UserInfoHandle) GetRoles() (Roles, error) {
 
 // RoleThumbnail
 // RoleMapDownload
-func (usr UserInfoHandle) HasRoleSubmissionRelease() (bool, error) {
+func (usr UserInfoHandle) HasRoleSubmissionPublish() (bool, error) {
-	return usr.hasRole(RoleMapAdmin)
+	return usr.hasRoles(RolesSubmissionPublish)
 }
 func (usr UserInfoHandle) HasRoleSubmissionReview() (bool, error) {
-	return usr.hasRole(RoleMapCouncil)
+	return usr.hasRoles(RolesSubmissionReview)
+}
+func (usr UserInfoHandle) HasRoleMapDownload() (bool, error) {
+	return usr.hasRoles(RolesMapDownload)
 }
 func (usr UserInfoHandle) HasRoleScriptWrite() (bool, error) {
-	return usr.hasRole(RoleQuat)
+	return usr.hasRoles(RolesScriptWrite)
 }
 /// Not implemented
 func (usr UserInfoHandle) HasRoleMaptest() (bool, error) {

pkg/service/submissions.go

@@ -386,7 +386,7 @@ func (svc *Service) ActionSubmissionTriggerUpload(ctx context.Context, params ap
 		return ErrUserInfo
 	}
 
-	has_role, err := userInfo.HasRoleSubmissionRelease()
+	has_role, err := userInfo.HasRoleSubmissionPublish()
 	if err != nil {
 		return err
 	}
@@ -451,7 +451,7 @@ func (svc *Service) ActionSubmissionValidated(ctx context.Context, params api.Ac
 		return ErrUserInfo
 	}
 
-	has_role, err := userInfo.HasRoleSubmissionRelease()
+	has_role, err := userInfo.HasRoleSubmissionPublish()
 	if err != nil {
 		return err
 	}
@@ -584,7 +584,7 @@ func (svc *Service) ReleaseSubmissions(ctx context.Context, request []api.Releas
 		return ErrUserInfo
 	}
 
-	has_role, err := userInfo.HasRoleSubmissionRelease()
+	has_role, err := userInfo.HasRoleSubmissionPublish()
 	if err != nil {
 		return err
 	}