shockrah/freechat
shockrah/freechat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

+ Adding API handlers for /badge/update/* routes

Browse Source 
* Fixing permissions for routes
The /badge/update routes all share the same perms for now
This commit is contained in:
shockrah 2021-05-30 19:54:20 -07:00
parent 1884580bf8
commit 0e6168a961
2 changed files with 83 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

87
json-api/src/badges.rs
View File

@ -32,17 +32,86 @@ pub async fn new(p: &Pool, response: &mut Response<Body>, params: HashMap<String
} }
} }
pub async fn update(_p: &Pool, _response: &mut Response<Body>, _params: HashMap<String, String>) { pub async fn update_perms(p: &Pool, response: &mut Response<Body>, params: HashMap<String, String>) {
/* TODO: let id = qs_param!(params, "badge_id", u64);
* This handler could actually benefit from being split into multiple handlers let perms = qs_param!(params, "perms", u64);
* Concern: Permissions handling with is route could get ugly when handling updates to the if let (Some(id), Some(perms)) = (id, perms) {
* permissions flag in each badge which is why we may want a match db::badges::update_perms(p, id, perms).await {
* /badge/update/color // TODO: add rtc update here
* /badge/update/name Ok(true) => {
* /badge/update/permissions #[cfg(feature = "rtc")]
*/ {
let payload = json!({ "id": id, "perms": perms});
set_json_body(response, json!({"badge-update": payload}));
}
},
Ok(false) => {
*response.status_mut() = StatusCode::NOT_FOUND;
},
Err(e) => {
eprintln!("[HTTP][ERROR] /badge/update/perms {}", e);
*response.status_mut() = StatusCode::INTERNAL_SERVER_ERROR;
}
}
} else {
*response.status_mut() = StatusCode::BAD_REQUEST;
}
} }
pub async fn update_color(p: &Pool, response: &mut Response<Body>, params: HashMap<String, String>) {
let id = qs_param!(params, "badge_id", u64);
let color = qs_param!(params, "badge_color", u32);
if let (Some(id), Some(color)) = (id, color) {
match db::badges::update_color(p, id, color).await {
Ok(true) => {
// NOTE: this response iss more meant for rtc as the non-rtc mode
// isn't supposed respond with anything in particular
// TODO: rtc update here
#[cfg(feature = "rtc")]
{
let payload = json!({"id": id, "color": color});
set_json_body(response, json!({"badge-update": payload}));
}
},
Ok(false) => {
*response.status_mut() = StatusCode::NOT_FOUND;
},
Err(e) => {
eprintln!("[HTTP][ERROR] /badge/update/color {}", e);
*response.status_mut() = StatusCode::INTERNAL_SERVER_ERROR;
}
}
} else {
*response.status_mut() = StatusCode::BAD_REQUEST;
}
}
pub async fn update_name(p: &Pool, response: &mut Response<Body>, params: HashMap<String, String>) {
let id = qs_param!(params, "badge_id", u64);
let name = qs_param!(params, "badge_name", String);
if let (Some(id), Some(name)) = (id, name) {
match db::badges::update_name(p, id, &name).await {
Ok(true) => {
#[cfg(feature = "rtc")]
{
let payload = json!({"id": id, "name": name});
set_json_body(response, json!({"badge-update": payload}));
}
},
Ok(false) => {},
Err(e) => {
eprintln!("[HTTP][ERROR] /badges/update/name {}", e);
*response.status_mut() = StatusCode::INTERNAL_SERVER_ERROR;
}
}
} else {
*response.status_mut() = StatusCode::BAD_REQUEST;
}
}
pub async fn delete(p: &Pool, response: &mut Response<Body>, params: HashMap<String, String>) { pub async fn delete(p: &Pool, response: &mut Response<Body>, params: HashMap<String, String>) {
if let Some(id) = qs_param!(params, "badge_id", u64) { if let Some(id) = qs_param!(params, "badge_id", u64) {
match db::badges::delete(p, id).await { match db::badges::delete(p, id).await {

5
json-api/src/perms.rs
View File

@ -14,6 +14,7 @@ pub const _ADMIN: u64 = 1 << 62; // can make other admins but can't really touch
pub const CREATE_CHANNEL:u64 = 64; pub const CREATE_CHANNEL:u64 = 64;
pub const DELETE_CHANNEL:u64 = 128; pub const DELETE_CHANNEL:u64 = 128;
pub const ADD_NEIGHBOR:u64 = 256; pub const ADD_NEIGHBOR:u64 = 256;
pub const MOD_BADGE:u64 = 512;
// BELOW ARE COLLECTIVE PERMISSION SETS // BELOW ARE COLLECTIVE PERMISSION SETS
pub const OWNER: u64 = std::u64::MAX; pub const OWNER: u64 = std::u64::MAX;
@ -26,6 +27,7 @@ pub fn get_perm_mask(path: &str) -> Option<u64> {
INVITE_CREATE, INVITE_CREATE,
CHANNELS_LIST, CHANNELS_CREATE, CHANNELS_DELETE, CHANNELS_LIST, CHANNELS_CREATE, CHANNELS_DELETE,
MESSAGE_SEND, MESSAGE_SEND,
NEW_BADGE, DELETE_BADGE, UPDATE_COLOR_BADGE, UPDATE_PERMS_BADGE, UPDATE_NAME_BADGE
}; };
match path { match path {
INVITE_CREATE => Some(CREATE_TMP_INVITES), INVITE_CREATE => Some(CREATE_TMP_INVITES),
@ -37,6 +39,9 @@ pub fn get_perm_mask(path: &str) -> Option<u64> {
MESSAGE_SEND => Some(SEND_MESSAGES), MESSAGE_SEND => Some(SEND_MESSAGES),
NEW_BADGE|DELETE_BADGE|UPDATE_COLOR_BADGE|UPDATE_NAME_BADGE|UPDATE_PERMS_BADGE =>
Some(MOD_BADGE),
routes::ADD_NEIGHBOR => Some(ADD_NEIGHBOR), routes::ADD_NEIGHBOR => Some(ADD_NEIGHBOR),
_ => Some(0) _ => Some(0)
} }