99 lines
3.7 KiB
JavaScript
99 lines
3.7 KiB
JavaScript
/*Canopy - The next generation of stoner streaming software
|
|
Copyright (C) 2024-2025 Rainbownapkin and the TTN Community
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU Affero General Public License as
|
|
published by the Free Software Foundation, either version 3 of the
|
|
License, or (at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU Affero General Public License for more details.
|
|
|
|
You should have received a copy of the GNU Affero General Public License
|
|
along with this program. If not, see <https://www.gnu.org/licenses/>.*/
|
|
|
|
//NPM imports
|
|
const {validationResult, matchedData} = require('express-validator');
|
|
|
|
//local imports
|
|
const {exceptionHandler, errorHandler} = require('../../../utils/loggerUtils');
|
|
const channelModel = require('../../../schemas/channel/channelSchema');
|
|
const permissionModel = require('../../../schemas/permissionSchema');
|
|
|
|
//api account functions
|
|
module.exports.get = async function(req, res){
|
|
try{
|
|
const validResult = validationResult(req);
|
|
|
|
if(validResult.isEmpty()){
|
|
const data = matchedData(req);
|
|
const channel = await channelModel.findOne({name: data.chanName});
|
|
|
|
|
|
if(channel == null){
|
|
throw loggerUtils.exceptionSmith("Channel not found.", "validation");
|
|
}
|
|
|
|
res.status(200);
|
|
return res.send(channel.permissions);
|
|
}else{
|
|
res.status(400);
|
|
res.send({errors: validResult.array()})
|
|
}
|
|
}catch(err){
|
|
exceptionHandler(res, err);
|
|
}
|
|
|
|
}
|
|
|
|
module.exports.post = async function(req, res){
|
|
try{
|
|
const validResult = validationResult(req);
|
|
|
|
if(validResult.isEmpty()){
|
|
const data = matchedData(req);
|
|
//get channel document based on sanatized/validated input
|
|
const chanDB = await channelModel.findOne({name: data.chanName});
|
|
//get permissions map based on sanatized/validated input
|
|
const permissionsMap = data.channelPermissionsMap;
|
|
//get chanRank off off session user
|
|
const chanRank = await chanDB.getChannelRank(req.session.user);
|
|
//setup flag for permissions errors
|
|
var permError = null;
|
|
|
|
if(chanDB == null){
|
|
throw loggerUtils.exceptionSmith("Channel not found.", "validation");
|
|
}
|
|
|
|
//For each permission submitted
|
|
Object.keys(permissionsMap).forEach((perm) => {
|
|
//Check to make sure no one is jumping perms (this should be admins only, but just in-case)
|
|
//Setting a boolean inside of an if statement seems fucked, until you realize it won't set it back false on the next loop :P
|
|
if(permissionModel.rankToNum(chanDB.permissions[perm]) > permissionModel.rankToNum(chanRank) || permissionModel.rankToNum(permissionsMap[perm]) > permissionModel.rankToNum(chanRank)){
|
|
permError = true;
|
|
}
|
|
|
|
//Set permissions in the permissions model
|
|
chanDB.permissions[perm] = permissionsMap[perm];
|
|
});
|
|
|
|
//Flip our shit if something's wrong.
|
|
if(permError){
|
|
return errorHandler(res, "New rank must be equal to or below that of the user changing it.", 'Unauthorized', 401);
|
|
}
|
|
|
|
await chanDB.save();
|
|
|
|
res.status(200);
|
|
return res.send(chanDB.permissions);
|
|
}else{
|
|
res.status(400);
|
|
res.send({errors: validResult.array()})
|
|
}
|
|
}catch(err){
|
|
exceptionHandler(res, err);
|
|
}
|
|
|
|
} |