Permission Check System
Added a system for code to easily check for permission to a given channel.
This commit is contained in:
parent
04d9dda073
commit
39c5401cdb
@ -1,7 +1,7 @@
|
|||||||
using System.Security.Cryptography;
|
using System.Security.Cryptography;
|
||||||
using System.Text;
|
|
||||||
using System.Text.Json;
|
using System.Text.Json;
|
||||||
using System.Text.Json.Serialization.Metadata;
|
using System.Text.Json.Serialization.Metadata;
|
||||||
|
using LuskiServer.Classes.TableDef;
|
||||||
using LuskiServer.Enums;
|
using LuskiServer.Enums;
|
||||||
using ServerDatabase;
|
using ServerDatabase;
|
||||||
|
|
||||||
@ -11,7 +11,7 @@ public static class Luski
|
|||||||
{
|
{
|
||||||
public static Database Database = null!;
|
public static Database Database = null!;
|
||||||
|
|
||||||
public static TResult GetSettings<TResult>(string path, JsonTypeInfo<TResult> TypeInfo, bool EndOnError = false) where TResult : new()
|
public static TResult GetSettings<TResult>(string path, JsonTypeInfo<TResult> TypeInfo, bool EndOnError = false, bool UpdateOldFile = true) where TResult : new()
|
||||||
{
|
{
|
||||||
TResult? @out;
|
TResult? @out;
|
||||||
if (!File.Exists(path))
|
if (!File.Exists(path))
|
||||||
@ -53,7 +53,7 @@ public static class Luski
|
|||||||
|
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
File.WriteAllText(path, JsonSerializer.Serialize(@out, TypeInfo));
|
if (UpdateOldFile) File.WriteAllText(path, JsonSerializer.Serialize(@out, TypeInfo));
|
||||||
}
|
}
|
||||||
catch (Exception e)
|
catch (Exception e)
|
||||||
{
|
{
|
||||||
@ -65,6 +65,109 @@ public static class Luski
|
|||||||
|
|
||||||
public static AppConfig Config = null!;
|
public static AppConfig Config = null!;
|
||||||
|
|
||||||
|
public static bool HasAccessToChannel(long User, long Channel, params ServerPermissions[] RequiredPerms)
|
||||||
|
{
|
||||||
|
long[] UserRoleIDList = Tables.Users.Read(Users.Roles, Users.ID.CreateParameter(User));
|
||||||
|
List<ServerPermissions> pp = RequiredPerms.ToList();
|
||||||
|
if (!pp.Contains(ServerPermissions.ViewChannels)) pp.Add(ServerPermissions.ViewChannels);
|
||||||
|
List<ServerPermissions> GoodPerms = new();
|
||||||
|
bool more = false;
|
||||||
|
bool CheckCatPerm(long Cat, List<ServerPermissions> NeededPerms, bool more2 = false)
|
||||||
|
{
|
||||||
|
more = more2;
|
||||||
|
if (more2 && pp.Contains(ServerPermissions.ViewCategories)) pp.Add(ServerPermissions.ViewCategories);
|
||||||
|
long Parent = Tables.Categories.Read(Categories.Parent, Categories.ID.CreateParameter(Channel));
|
||||||
|
if (Parent != -1 && !CheckCatPerm(Parent, pp, true)) return false;
|
||||||
|
long[] CatUserOverides = Tables.Categories.Read(Categories.UserOverides, Categories.ID.CreateParameter(Cat));
|
||||||
|
foreach (long CatUserOveride in CatUserOverides)
|
||||||
|
{
|
||||||
|
if (Tables.UserRoleOverides.Read(UserRoleOverides.UserID, UserRoleOverides.ID.CreateParameter(CatUserOveride)) != User) continue;
|
||||||
|
string[] overrids = Tables.UserRoleOverides.Read(UserRoleOverides.Overides,
|
||||||
|
UserRoleOverides.ID.CreateParameter(CatUserOveride));
|
||||||
|
foreach (string o in overrids)
|
||||||
|
{
|
||||||
|
foreach (ServerPermissions p in NeededPerms)
|
||||||
|
{
|
||||||
|
if (o.StartsWith($"{p.GetNumberString()}:"))
|
||||||
|
{
|
||||||
|
if (o.EndsWith("0")) return false;
|
||||||
|
else GoodPerms.Add(p);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
long[] CatRoleOverides = Tables.Categories.Read(Categories.RoleOverides, Categories.ID.CreateParameter(Cat));
|
||||||
|
foreach (long CatRoleOveride in CatRoleOverides)
|
||||||
|
{
|
||||||
|
if (!UserRoleIDList.Contains(Tables.ServerRoleOverides.Read(ServerRoleOverides.RoleID, ServerRoleOverides.ID.CreateParameter(CatRoleOveride)))) continue;
|
||||||
|
string[] overrids = Tables.UserRoleOverides.Read(ServerRoleOverides.Overides,
|
||||||
|
ServerRoleOverides.ID.CreateParameter(CatRoleOveride));
|
||||||
|
foreach (string o in overrids)
|
||||||
|
{
|
||||||
|
foreach (ServerPermissions p in NeededPerms)
|
||||||
|
{
|
||||||
|
if (o.StartsWith($"{p.GetNumberString()}:"))
|
||||||
|
{
|
||||||
|
if (o.EndsWith("0")) return false;
|
||||||
|
else GoodPerms.Add(p);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (GoodPerms.Count == NeededPerms.Count) return true;
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!CheckCatPerm(Tables.Channels.Read(Channels.Parent, Channels.ID.CreateParameter(Channel)), pp)) return false;
|
||||||
|
if (more && !GoodPerms.Contains(ServerPermissions.ViewCategories)) return false;
|
||||||
|
|
||||||
|
foreach (ServerPermissions v in GoodPerms)
|
||||||
|
{
|
||||||
|
pp.Remove(v);
|
||||||
|
}
|
||||||
|
GoodPerms.Clear();
|
||||||
|
long[] ChanUserOverides = Tables.Channels.Read(Channels.UserOverides, Channels.ID.CreateParameter(Channel));
|
||||||
|
foreach (long ChanUserOveride in ChanUserOverides)
|
||||||
|
{
|
||||||
|
if (Tables.UserRoleOverides.Read(UserRoleOverides.UserID, UserRoleOverides.ID.CreateParameter(ChanUserOveride)) != User) continue;
|
||||||
|
string[] overrids = Tables.UserRoleOverides.Read(UserRoleOverides.Overides,
|
||||||
|
UserRoleOverides.ID.CreateParameter(ChanUserOveride));
|
||||||
|
foreach (string o in overrids)
|
||||||
|
{
|
||||||
|
foreach (ServerPermissions p in pp)
|
||||||
|
{
|
||||||
|
if (o.StartsWith($"{p.GetNumberString()}:"))
|
||||||
|
{
|
||||||
|
if (o.EndsWith("0")) return false;
|
||||||
|
else GoodPerms.Add(p);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
long[] ChanRoleOverides = Tables.Channels.Read(Channels.RoleOverides, Channels.ID.CreateParameter(Channel));
|
||||||
|
foreach (long ChanRoleOveride in ChanRoleOverides)
|
||||||
|
{
|
||||||
|
if (!UserRoleIDList.Contains(Tables.ServerRoleOverides.Read(ServerRoleOverides.RoleID, ServerRoleOverides.ID.CreateParameter(ChanRoleOveride)))) continue;
|
||||||
|
string[] overrids = Tables.UserRoleOverides.Read(ServerRoleOverides.Overides,
|
||||||
|
ServerRoleOverides.ID.CreateParameter(ChanRoleOveride));
|
||||||
|
foreach (string o in overrids)
|
||||||
|
{
|
||||||
|
foreach (ServerPermissions p in pp)
|
||||||
|
{
|
||||||
|
if (o.StartsWith($"{p.GetNumberString()}:"))
|
||||||
|
{
|
||||||
|
if (o.EndsWith("0")) return false;
|
||||||
|
else GoodPerms.Add(p);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (GoodPerms.Count == pp.Count) return true;
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
public static class Info
|
public static class Info
|
||||||
{
|
{
|
||||||
public static class Routes
|
public static class Routes
|
||||||
|
@ -7,6 +7,7 @@ public static class Categories
|
|||||||
public static TableColumn<long> ID { get; } = new("id", true);
|
public static TableColumn<long> ID { get; } = new("id", true);
|
||||||
public static TableColumn<string> Name { get; } = new("name") { DefaultValue = "New Category"};
|
public static TableColumn<string> Name { get; } = new("name") { DefaultValue = "New Category"};
|
||||||
public static TableColumn<string> Description { get; } = new("description") { DefaultValue = "Default Description"};
|
public static TableColumn<string> Description { get; } = new("description") { DefaultValue = "Default Description"};
|
||||||
|
public static TableColumn<long> Parent { get; } = new("parent") { DefaultValue = -1 };
|
||||||
public static TableColumn<long[]> InnerCategories { get; } = new("inner_categories") { DefaultValue = Array.Empty<long>() };
|
public static TableColumn<long[]> InnerCategories { get; } = new("inner_categories") { DefaultValue = Array.Empty<long>() };
|
||||||
public static TableColumn<long[]> Channels { get; } = new("channels") { DefaultValue = Array.Empty<long>() };
|
public static TableColumn<long[]> Channels { get; } = new("channels") { DefaultValue = Array.Empty<long>() };
|
||||||
public static TableColumn<long[]> RoleOverides { get; } = new("role_overides") { DefaultValue = Array.Empty<long>() };
|
public static TableColumn<long[]> RoleOverides { get; } = new("role_overides") { DefaultValue = Array.Empty<long>() };
|
||||||
|
@ -8,6 +8,7 @@ namespace LuskiServer.Classes.TableDef;
|
|||||||
public static class Channels
|
public static class Channels
|
||||||
{
|
{
|
||||||
public static TableColumn<long> ID { get; } = new("id", true);
|
public static TableColumn<long> ID { get; } = new("id", true);
|
||||||
|
public static TableColumn<long> Parent { get; } = new("parent") { DefaultValue = -1 };
|
||||||
public static TableColumn<ChannelType> Type { get; } = new("type");
|
public static TableColumn<ChannelType> Type { get; } = new("type");
|
||||||
public static TableColumn<DateTime> Epoch { get; } = new("epoch");
|
public static TableColumn<DateTime> Epoch { get; } = new("epoch");
|
||||||
public static TableColumn<byte[]> Name { get; } = new("name") { DefaultValue = Encoding.UTF8.GetBytes("New Channel") };
|
public static TableColumn<byte[]> Name { get; } = new("name") { DefaultValue = Encoding.UTF8.GetBytes("New Channel") };
|
||||||
|
@ -7,6 +7,5 @@ public static class UserRoleOverides
|
|||||||
{
|
{
|
||||||
public static TableColumn<long> ID { get; } = new("id", true);
|
public static TableColumn<long> ID { get; } = new("id", true);
|
||||||
public static TableColumn<long> UserID { get; } = new("user_id");
|
public static TableColumn<long> UserID { get; } = new("user_id");
|
||||||
public static TableColumn<long> ParentOverideID { get; } = new("parent_overide_id");
|
|
||||||
public static TableColumn<string[]> Overides { get; } = new("overides");
|
public static TableColumn<string[]> Overides { get; } = new("overides");
|
||||||
}
|
}
|
@ -1,4 +1,5 @@
|
|||||||
using System.Text.Json.Serialization;
|
using System.Text.Json.Serialization;
|
||||||
|
using JacobTechEncryption.Enums;
|
||||||
using Microsoft.AspNetCore.Mvc.ModelBinding;
|
using Microsoft.AspNetCore.Mvc.ModelBinding;
|
||||||
|
|
||||||
namespace LuskiServer.Classes.v1.Incoming;
|
namespace LuskiServer.Classes.v1.Incoming;
|
||||||
@ -21,4 +22,14 @@ public class ClientSendMessage
|
|||||||
[JsonRequired]
|
[JsonRequired]
|
||||||
[JsonPropertyName("files")]
|
[JsonPropertyName("files")]
|
||||||
public long[] Files { get; set; }
|
public long[] Files { get; set; }
|
||||||
|
[JsonInclude]
|
||||||
|
[BindRequired]
|
||||||
|
[JsonRequired]
|
||||||
|
[JsonPropertyName("encryption")]
|
||||||
|
public EncryptionType Encryption { get; set; }
|
||||||
|
[JsonInclude]
|
||||||
|
[BindRequired]
|
||||||
|
[JsonRequired]
|
||||||
|
[JsonPropertyName("encoding")]
|
||||||
|
public EncoderType Encoding { get; set; }
|
||||||
}
|
}
|
@ -26,8 +26,8 @@ public class SocketBulkMessageController : ControllerBase
|
|||||||
long MessagesToDownload = 50;
|
long MessagesToDownload = 50;
|
||||||
long Max = 200;
|
long Max = 200;
|
||||||
if (long.TryParse(channel_id, out long Channel_Id) && !Tables.Channels.TryRead(Channels.ID, out _, Channels.ID.CreateParameter(Channel_Id))) return this.ShowError(ErrorCode.InvalidHeader, "The the channel id you have given the server is not a valed id");
|
if (long.TryParse(channel_id, out long Channel_Id) && !Tables.Channels.TryRead(Channels.ID, out _, Channels.ID.CreateParameter(Channel_Id))) return this.ShowError(ErrorCode.InvalidHeader, "The the channel id you have given the server is not a valed id");
|
||||||
//This needs to be added but using the new permission system.
|
if (!Luski.HasAccessToChannel(ID, Channel_Id, ServerPermissions.ReadMessageHistory))
|
||||||
//if (!Luski.HasAccessToChannel(ID, Channel_Id)) return this.ShowError(ErrorCode.Forbidden);
|
return this.ResponseToResult(new HTTPResponse() { error = ErrorCode.Forbidden });
|
||||||
if (Request.Headers.ContainsKey("messages")) _ = long.TryParse(Request.Headers["messages"].First(), out MessagesToDownload);
|
if (Request.Headers.ContainsKey("messages")) _ = long.TryParse(Request.Headers["messages"].First(), out MessagesToDownload);
|
||||||
if (MessagesToDownload > Max) MessagesToDownload = Max;
|
if (MessagesToDownload > Max) MessagesToDownload = Max;
|
||||||
string? MostRecentID = null;
|
string? MostRecentID = null;
|
||||||
|
@ -23,8 +23,7 @@ public class SocketMessageController : ControllerBase
|
|||||||
try
|
try
|
||||||
{
|
{
|
||||||
if (!this.CanTokenRequest(out long ID, out IActionResult? toc) && toc != null) return toc;
|
if (!this.CanTokenRequest(out long ID, out IActionResult? toc) && toc != null) return toc;
|
||||||
//TODO Add a check system for channel access
|
if (Luski.HasAccessToChannel(ID, data.ChannelID, ServerPermissions.SendMessages))
|
||||||
//if (Luski.HasAccessToChannel(ID, data.ChannelID))
|
|
||||||
{
|
{
|
||||||
Luski.Snowflake Id = Luski.Snowflake.GenerateSnowflake(Tables.Channels.Read(Channels.Epoch, Channels.ID.CreateParameter(data.ChannelID)));
|
Luski.Snowflake Id = Luski.Snowflake.GenerateSnowflake(Tables.Channels.Read(Channels.Epoch, Channels.ID.CreateParameter(data.ChannelID)));
|
||||||
ChannelType type = Tables.Channels.Read(Channels.Type, Channels.ID.CreateParameter(data.ChannelID));
|
ChannelType type = Tables.Channels.Read(Channels.Type, Channels.ID.CreateParameter(data.ChannelID));
|
||||||
@ -42,8 +41,8 @@ public class SocketMessageController : ControllerBase
|
|||||||
Messages.Context.CreateParameter(Convert.FromBase64String(data.Base64Context)),
|
Messages.Context.CreateParameter(Convert.FromBase64String(data.Base64Context)),
|
||||||
Messages.TimeStamp.CreateParameter(Id.Timestamp),
|
Messages.TimeStamp.CreateParameter(Id.Timestamp),
|
||||||
Messages.Files.CreateParameter(data.Files),
|
Messages.Files.CreateParameter(data.Files),
|
||||||
Messages.EncoderType.CreateParameter(EncoderType.UTF8),
|
Messages.EncoderType.CreateParameter(data.Encoding),
|
||||||
Messages.EncryptionType.CreateParameter(EncryptionType.RSA));
|
Messages.EncryptionType.CreateParameter(data.Encryption));
|
||||||
//TODO Get all ID for members to send to
|
//TODO Get all ID for members to send to
|
||||||
WSS.SendData(SendType.ID_Group, new ServerEvent()
|
WSS.SendData(SendType.ID_Group, new ServerEvent()
|
||||||
{
|
{
|
||||||
|
@ -93,6 +93,7 @@ if (!Tables.Categories.TryRead(Categories.ID, out _, Categories.ID.CreateParamet
|
|||||||
Tables.Categories.Insert(
|
Tables.Categories.Insert(
|
||||||
Categories.ID.CreateParameter(0),
|
Categories.ID.CreateParameter(0),
|
||||||
Categories.Name.CreateParameter("server"),
|
Categories.Name.CreateParameter("server"),
|
||||||
|
Categories.Parent.CreateParameter(-1),
|
||||||
Categories.Description.CreateParameter(
|
Categories.Description.CreateParameter(
|
||||||
"The default category for the server. Everybody will see this category."),
|
"The default category for the server. Everybody will see this category."),
|
||||||
Categories.RoleOverides.CreateParameter(new long[1] { 0 })
|
Categories.RoleOverides.CreateParameter(new long[1] { 0 })
|
||||||
|
Loading…
Reference in New Issue
Block a user