From 7268779dc3e9a428d3a95012ca4ba5e1e3d0ca7a Mon Sep 17 00:00:00 2001 From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> Date: Sun, 3 Oct 2021 01:55:57 +0200 Subject: :sparkles: add ``right`` option to route() --- api/src/middlewares/Authentication.ts | 4 +++- api/src/util/route.ts | 21 ++++++++++++++++++++- 2 files changed, 23 insertions(+), 2 deletions(-) (limited to 'api/src') diff --git a/api/src/middlewares/Authentication.ts b/api/src/middlewares/Authentication.ts index a300c786..571097bf 100644 --- a/api/src/middlewares/Authentication.ts +++ b/api/src/middlewares/Authentication.ts @@ -1,6 +1,6 @@ import { NextFunction, Request, Response } from "express"; import { HTTPError } from "lambert-server"; -import { checkToken, Config } from "@fosscord/util"; +import { checkToken, Config, Rights } from "@fosscord/util"; export const NO_AUTHORIZATION_ROUTES = [ "/auth/login", @@ -21,6 +21,7 @@ declare global { user_id: string; user_bot: boolean; token: string; + rights: Rights; } } } @@ -46,6 +47,7 @@ export async function Authentication(req: Request, res: Response, next: NextFunc req.token = decoded; req.user_id = decoded.id; req.user_bot = user.bot; + req.rights = new Rights(user.rights); return next(); } catch (error: any) { return next(new HTTPError(error?.toString(), 400)); diff --git a/api/src/util/route.ts b/api/src/util/route.ts index 45882d8a..3e967e2a 100644 --- a/api/src/util/route.ts +++ b/api/src/util/route.ts @@ -1,4 +1,15 @@ -import { DiscordApiErrors, EVENT, Event, EventData, getPermission, PermissionResolvable, Permissions } from "@fosscord/util"; +import { + DiscordApiErrors, + EVENT, + Event, + EventData, + FosscordApiErrors, + getPermission, + PermissionResolvable, + Permissions, + RightResolvable, + Rights +} from "@fosscord/util"; import { NextFunction, Request, Response } from "express"; import fs from "fs"; import path from "path"; @@ -33,6 +44,7 @@ export type RouteResponse = { status?: number; body?: `${string}Response`; heade export interface RouteOptions { permission?: PermissionResolvable; + right?: RightResolvable; body?: `${string}Schema`; // typescript interface name test?: { response?: RouteResponse; @@ -89,6 +101,13 @@ export function route(opts: RouteOptions) { } } + if (opts.right) { + const required = new Rights(opts.right); + if (!req.rights || !req.rights.has(required)) { + throw FosscordApiErrors.MISSING_RIGHTS.withParams(opts.right as string); + } + } + if (validate) { const valid = validate(normalizeBody(req.body)); if (!valid) { -- cgit 1.5.1