Pull user-management into main #13
134
src/auth.rs
134
src/auth.rs
|
@ -20,7 +20,7 @@ pub fn register(data: Json<RegisterEvent>) -> JsonValue {
|
||||||
} else {
|
} else {
|
||||||
let pin_hashed = sha1::Sha1::from(&data.pin).digest().to_string(); // hash the pin
|
let pin_hashed = sha1::Sha1::from(&data.pin).digest().to_string(); // hash the pin
|
||||||
|
|
||||||
let new_user: User = User {
|
let mut new_user: User = User {
|
||||||
name: data.name.to_string().to_lowercase(),
|
name: data.name.to_string().to_lowercase(),
|
||||||
pin_hashed,
|
pin_hashed,
|
||||||
pronouns: data.pronouns.to_string().to_lowercase(),
|
pronouns: data.pronouns.to_string().to_lowercase(),
|
||||||
|
@ -28,6 +28,10 @@ pub fn register(data: Json<RegisterEvent>) -> JsonValue {
|
||||||
role: UserType::Normal,
|
role: UserType::Normal,
|
||||||
id: Uuid::new_v4(),
|
id: Uuid::new_v4(),
|
||||||
};
|
};
|
||||||
|
|
||||||
|
if new_user.name == "admin".to_string() { // if name is admin, make them an admin
|
||||||
|
new_user.role = UserType::Admin;
|
||||||
|
}
|
||||||
db_add(&new_user);
|
db_add(&new_user);
|
||||||
|
|
||||||
info!(
|
info!(
|
||||||
|
@ -283,6 +287,117 @@ pub fn get_user(name: String) -> JsonValue {
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
// Make a user into a moderator
|
||||||
|
fn premote(name: &str) -> JsonValue {
|
||||||
|
if let Some(mut user) = db_read_user(&name.to_lowercase()).ok().flatten() {
|
||||||
|
if user.role != UserType::Admin { // make sure mods can't demote admins ;3
|
||||||
|
user.role = UserType::Moderator;
|
||||||
|
db_remove(&user);
|
||||||
|
db_add(&user);
|
||||||
|
info!("succesfully premoted user {}", &user.name);
|
||||||
|
return json!({
|
||||||
|
"status": "ok",
|
||||||
|
"reason": "premoted user",
|
||||||
|
});
|
||||||
|
} else {
|
||||||
|
warn!("user is an admin, cannot make moderator");
|
||||||
|
return json!({
|
||||||
|
"status": "fail",
|
||||||
|
"reason": "user is admin",
|
||||||
|
});
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
warn!("could not premote {}, user not found", &name);
|
||||||
|
return json!({
|
||||||
|
"status": "fail",
|
||||||
|
"reason": "user not found",
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Make a user into a normal user
|
||||||
|
fn demote(name: &str) -> JsonValue {
|
||||||
|
if let Some(mut user) = db_read_user(&name.to_lowercase()).ok().flatten() {
|
||||||
|
if user.role != UserType::Admin { // make sure mods can't demote admins ;3
|
||||||
|
user.role = UserType::Normal;
|
||||||
|
db_remove(&user);
|
||||||
|
db_add(&user);
|
||||||
|
info!("succesfully demoted user {}", &user.name);
|
||||||
|
return json!({
|
||||||
|
"status": "ok",
|
||||||
|
"reason": "demoted user",
|
||||||
|
});
|
||||||
|
} else {
|
||||||
|
warn!("user is an admin, cannot demote");
|
||||||
|
return json!({
|
||||||
|
"status": "fail",
|
||||||
|
"reason": "user is admin",
|
||||||
|
});
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
warn!("could not demote {}, user not found", &name);
|
||||||
|
return json!({
|
||||||
|
"status": "fail",
|
||||||
|
"reason": "user not found",
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Kick a user (temporarilly log them out for a certain amount of time)
|
||||||
|
fn kick(name: &str) -> JsonValue {
|
||||||
|
if let Some(mut user) = db_read_user(&name.to_lowercase()).ok().flatten() {
|
||||||
|
if user.role != UserType::Admin { // make sure mods can't kick admins
|
||||||
|
user.session_token = "NULL".to_string();
|
||||||
|
db_remove(&user);
|
||||||
|
db_add(&user);
|
||||||
|
info!("succesfully kicked user {}", &user.name);
|
||||||
|
return json!({
|
||||||
|
"status": "ok",
|
||||||
|
"reason": "kicked user",
|
||||||
|
});
|
||||||
|
} else {
|
||||||
|
warn!("user is an admin, cannot kick");
|
||||||
|
return json!({
|
||||||
|
"status": "fail",
|
||||||
|
"reason": "user is admin",
|
||||||
|
});
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
warn!("could not kick {}, user not found", &name);
|
||||||
|
return json!({
|
||||||
|
"status": "fail",
|
||||||
|
"reason": "user not found",
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
// Ban a user (remove their account)
|
||||||
|
fn ban(name: &str) -> JsonValue {
|
||||||
|
if let Some(mut user) = db_read_user(&name.to_lowercase()).ok().flatten() {
|
||||||
|
if user.role != UserType::Admin { // make sure mods can't kick admins
|
||||||
|
db_remove(&user);
|
||||||
|
info!("succesfully banned user {}", &user.name);
|
||||||
|
return json!({
|
||||||
|
"status": "ok",
|
||||||
|
"reason": "banned user",
|
||||||
|
});
|
||||||
|
} else {
|
||||||
|
warn!("user is an admin, cannot ban");
|
||||||
|
return json!({
|
||||||
|
"status": "fail",
|
||||||
|
"reason": "user is admin",
|
||||||
|
});
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
warn!("could not ban {}, user not found", &name);
|
||||||
|
return json!({
|
||||||
|
"status": "fail",
|
||||||
|
"reason": "user not found",
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
/* User Management */
|
/* User Management */
|
||||||
#[post("/mod", format = "json", data = "<data>")]
|
#[post("/mod", format = "json", data = "<data>")]
|
||||||
|
@ -305,18 +420,15 @@ pub fn moderation_actions(data: Json<ModerationAction>, mut cookies: Cookies) ->
|
||||||
"reason": "NULL token",
|
"reason": "NULL token",
|
||||||
});
|
});
|
||||||
} else if user.session_token == token.value() { // if token matches
|
} else if user.session_token == token.value() { // if token matches
|
||||||
if user.role == UserType::Normal {
|
if user.role == UserType::Moderator || user.role == UserType::Admin {
|
||||||
match data.action {
|
match data.action {
|
||||||
ModActions::Kick => {
|
ModActions::Kick => kick(&data.target),
|
||||||
info!("kicked user {}", data.target)
|
ModActions::Ban => ban(&data.target),
|
||||||
},
|
ModActions::Demote => demote(&data.target),
|
||||||
ModActions::Ban => info!("banned user {}", data.target),
|
ModActions::Premote => premote(&data.target),
|
||||||
_ => info!("F"),
|
_ => return json!({"status":"fail","reason":"bad command"}),
|
||||||
};
|
};
|
||||||
return json!({
|
return json!({"status":"fail","reason":"idk"});
|
||||||
"status": "ok",
|
|
||||||
"reason": "completed action",
|
|
||||||
});
|
|
||||||
} else {
|
} else {
|
||||||
warn!("user does not have sufficient permissions to perform that action!");
|
warn!("user does not have sufficient permissions to perform that action!");
|
||||||
return json!({
|
return json!({
|
||||||
|
|
Loading…
Reference in New Issue