Skip to content

Commit

Permalink
Deploy permissions 🎉
Browse files Browse the repository at this point in the history
  • Loading branch information
@Smaug6739
Smaug6739 committed Mar 28, 2021
1 parent 76ef34e commit d08d5e7
Show file tree
Hide file tree
Showing 26 changed files with 611 additions and 694 deletions.
224 changes: 57 additions & 167 deletions __frontend/controllers/admin.js
View file

Large diffs are not rendered by default.

12 changes: 7 additions & 5 deletions __frontend/controllers/forum.js
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
const axios = require('axios')
const path = require('path');
const { statusUser } = require('../functions');
const { statusUser, hasPermissions } = require('../functions');
const config = require('../config');
const { WebhookClient } = require('discord.js')
const WebhookReport = new WebhookClient(config.webhook.forumReport.id, config.webhook.forumReport.token);
Expand Down Expand Up @@ -54,10 +54,12 @@ exports.getCategorie = (req, res) => {
axios.get(`http://localhost:8080/api/v1/forum/getCategorie/${req.params.categorieId}/${req.params.page}`)
.then(async (responce) => {
if (responce.data.status === 'success') {
const status = await statusUser(req.session)
res.render(path.join(__dirname, '../pages/forum/categorie.ejs'), {
userConnected: await statusUser(req.session),
userConnected: status,
topics: responce.data.result,
categorieId: req.params.categorieId
categorieId: req.params.categorieId,
modo: hasPermissions(status.permissions, ['MODERATOR'])
})
} else {
res.render(path.join(__dirname, '../pages/error.ejs'), {
Expand Down Expand Up @@ -169,7 +171,7 @@ exports.updateMessage = (req, res) => {


exports.deleteMessage = (req, res) => {
axios.delete(`http://localhost:8080/api/v1/forum/message/${req.params.messageId}/${req.params.categorieId}/${req.session.user.id}`, {
axios.delete(`http://localhost:8080/api/v1/forum/message/${req.params.messageId}/${req.session.user.id}`, {
headers: { 'Authorization': `${req.session.user.id} ${req.session.user.token}` },
})
.then(async (responce) => {
Expand All @@ -191,7 +193,7 @@ exports.deleteMessage = (req, res) => {
}

exports.deleteTopic = (req, res) => {
axios.delete(`http://localhost:8080/api/v1/forum/topic/${req.params.topicId}/${req.session.user.id}`, {
axios.delete(`http://localhost:8080/api/v1/forum/topic/${req.params.topicId}`, {
headers: { 'Authorization': `${req.session.user.id} ${req.session.user.token}` }
})
.then(async (responce) => {
Expand Down
61 changes: 48 additions & 13 deletions __frontend/functions.js
View file
Original file line number Diff line number Diff line change
@@ -1,26 +1,61 @@
const axios = require('axios');
const axios = require('axios');
const config = require('./config')
exports.statusUser = async (session) => {
let userConnected = {
auth : false,
userPermissions : -1
auth: false,
userPermissions: -1
}

if(!session || !session.user) { //User non connecté
if (!session || !session.user) { //User non connecté
return userConnected = {
auth : false,
userPermissions : -1,
auth: false,
userPermissions: -1,
id: -1,
userAvatar : "default.png"
userAvatar: "default.png"
}
}else{
const msgs = await axios.get(`${config.urlAPI}dm/nb-msgs-new/${session.user.id}`,{ headers : { 'Authorization' : `token ${session.user.token}`}})
} else {
const msgs = await axios.get(`${config.urlAPI}dm/nb-msgs-new/${session.user.id}`, { headers: { 'Authorization': `token ${session.user.token}` } })
return userConnected = {
auth : true,
auth: true,
id: session.user.id,
userPermissions : session.user.userPermissions,
userAvatar : session.user.userAvatar,
nbMsgs : msgs.data.result.nb_msgs || 0
userPermissions: session.user.userPermissions,
permissions: this.convertPermissions(session.user.userPermissions),
userAvatar: session.user.userAvatar,
nbMsgs: msgs.data.result.nb_msgs || 0
}
}
}

exports.convertPermissions = (userPermsNumber) => {
let userPermissions = [];
const permissions = [
{ value: 256, permission: 'MANAGE_ALBUM' },
{ value: 128, permission: 'MANAGE_ANNOUNCEMENTS' },
{ value: 64, permission: 'MANAGE_REQUESTS' },
{ value: 32, permission: 'MANAGE_FORUM' },
{ value: 16, permission: 'MANAGE_ARTICLES' },
{ value: 8, permission: 'MANAGE_MEMBERS' },
{ value: 4, permission: 'MODERATOR' },
{ value: 2, permission: 'STAFF' },
{ value: 1, permission: 'ADMINISTRATOR' },
]
for (let permission of permissions) {
const rest = userPermsNumber % permission.value;
if (rest == 0 && userPermsNumber != 0) {
userPermissions.push(permission.permission);
break;
}
if (rest < userPermsNumber) {
userPermissions.push(permission.permission);
userPermsNumber = rest
}
}
return userPermissions;
}
exports.hasPermissions = (userPermissions, permissionsRequested) => {
if (userPermissions[0].permission === 'ADMINISTRATOR') return true;
for (permRequested of permissionsRequested) {
if (!permissionsRequested.includes(permRequested)) return false;
}
return true;
}
16 changes: 9 additions & 7 deletions __frontend/middleware/admin.js
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,13 @@

const { convertPermissions } = require('../functions')
module.exports = async (req, res, next) => {
try{
if(!req.session || !req.session.user) throw 'Missing session'
else if(req.session.user && req.session.user.userPermissions < 3) throw 'Missing permissions'
next()
}catch(err){
try {
const userPermissions = convertPermissions(req.session.user.userPermissions)
req.user = {
permissions: userPermissions
}
if (userPermissions.length) next()
else throw 'Bad permissions'
} catch (err) {
res.status(401).redirect('/')
//json(checkAndChange(new Error('Requete non authentifiée')));
}
};
Loading

0 comments on commit d08d5e7

Please sign in to comment.