Ryan/drop
1
0
Fork 0
mirror of https://github.com/Drop-OSS/drop.git synced 2025-11-12 15:52:39 +10:00
Code Issues Packages Projects Releases Wiki Activity

feat(acls): added backend acls

Browse Source
This commit is contained in:
DecDuck
2025-02-04 13:15:34 +11:00
parent 256fbd6afa
commit 090d2e6586
70 changed files with 397 additions and 474 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
server/api/v1/admin/auth/invitation/index.delete.ts
View File

@ -1,8 +1,11 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"auth:simple:invitation:delete",
]);
if (!allowed) throw createError({ statusCode: 403 });
const body = await readBody(h3);
const id = body.id;

7
server/api/v1/admin/auth/invitation/index.get.ts
View File

@ -1,8 +1,11 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"auth:simple:invitation:read",
]);
if (!allowed) throw createError({ statusCode: 403 });
await runTask("cleanup:invitations");

9
server/api/v1/admin/auth/invitation/index.post.ts
View File

@ -1,8 +1,11 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"auth:simple:invitation:new",
]);
if (!allowed) throw createError({ statusCode: 403 });
const body = await readBody(h3);
const isAdmin = body.isAdmin;
@ -30,7 +33,7 @@ export default defineEventHandler(async (h3) => {
isAdmin: isAdmin,
username: username,
email: email,
expires: expiresDate
expires: expiresDate,
},
});

7
server/api/v1/admin/game/image/index.delete.ts
View File

@ -1,8 +1,11 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"game:image:delete",
]);
if (!allowed) throw createError({ statusCode: 403 });
const body = await readBody(h3);
const gameId = body.gameId;

7
server/api/v1/admin/game/image/index.post.ts
View File

@ -1,9 +1,12 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
import { handleFileUpload } from "~/server/internal/utils/handlefileupload";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"game:image:new",
]);
if (!allowed) throw createError({ statusCode: 403 });
const form = await readMultipartFormData(h3);
if (!form)

7
server/api/v1/admin/game/index.delete.ts
View File

@ -1,9 +1,12 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
import libraryManager from "~/server/internal/library";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"game:delete",
]);
if (!allowed) throw createError({ statusCode: 403 });
const query = getQuery(h3);
const gameId = query.id?.toString();

7
server/api/v1/admin/game/index.get.ts
View File

@ -1,9 +1,12 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
import libraryManager from "~/server/internal/library";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"game:read",
]);
if (!allowed) throw createError({ statusCode: 403 });
const query = getQuery(h3);
const gameId = query.id?.toString();

7
server/api/v1/admin/game/index.patch.ts
View File

@ -1,8 +1,11 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"game:update",
]);
if (!allowed) throw createError({ statusCode: 403 });
const body = await readBody(h3);
const id = body.id;

7
server/api/v1/admin/game/metadata.post.ts
View File

@ -1,9 +1,12 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
import { handleFileUpload } from "~/server/internal/utils/handlefileupload";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"game:update",
]);
if (!allowed) throw createError({ statusCode: 403 });
const form = await readMultipartFormData(h3);
if (!form)

7
server/api/v1/admin/game/version/index.delete.ts
View File

@ -1,8 +1,11 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"game:version:delete",
]);
if (!allowed) throw createError({ statusCode: 403 });
const body = await readBody(h3);
const gameId = body.id.toString();

7
server/api/v1/admin/game/version/index.post.ts → server/api/v1/admin/game/version/index.patch.ts
View File

@ -1,8 +1,11 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"game:version:update",
]);
if (!allowed) throw createError({ statusCode: 403 });
const body = await readBody(h3);
const gameId = body.id?.toString();

7
server/api/v1/admin/import/game/index.get.ts
View File

@ -1,8 +1,11 @@
import aclManager from "~/server/internal/acls";
import libraryManager from "~/server/internal/library";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"import:game:read",
]);
if (!allowed) throw createError({ statusCode: 403 });
const unimportedGames = await libraryManager.fetchAllUnimportedGames();
return { unimportedGames };

7
server/api/v1/admin/import/game/index.post.ts
View File

@ -1,3 +1,4 @@
import aclManager from "~/server/internal/acls";
import libraryManager from "~/server/internal/library";
import {
GameMetadataSearchResult,
@ -5,8 +6,10 @@ import {
} from "~/server/internal/metadata/types";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"import:game:new",
]);
if (!allowed) throw createError({ statusCode: 403 });
const body = await readBody(h3);

7
server/api/v1/admin/import/game/search.get.ts
View File

@ -1,8 +1,11 @@
import aclManager from "~/server/internal/acls";
import libraryManager from "~/server/internal/library";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"import:game:read",
]);
if (!allowed) throw createError({ statusCode: 403 });
const query = getQuery(h3);
const search = query.q?.toString();

7
server/api/v1/admin/import/version/index.get.ts
View File

@ -1,8 +1,11 @@
import aclManager from "~/server/internal/acls";
import libraryManager from "~/server/internal/library";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"import:version:read",
]);
if (!allowed) throw createError({ statusCode: 403 });
const query = await getQuery(h3);
const gameId = query.id?.toString();

7
server/api/v1/admin/import/version/index.post.ts
View File

@ -1,10 +1,13 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
import libraryManager from "~/server/internal/library";
import { parsePlatform } from "~/server/internal/utils/parseplatform";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"import:version:new",
]);
if (!allowed) throw createError({ statusCode: 403 });
const body = await readBody(h3);
const gameId = body.id;

7
server/api/v1/admin/import/version/preload.get.ts
View File

@ -1,8 +1,11 @@
import aclManager from "~/server/internal/acls";
import libraryManager from "~/server/internal/library";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, [
"import:version:read",
]);
if (!allowed) throw createError({ statusCode: 403 });
const query = await getQuery(h3);
const gameId = query.id?.toString();

6
server/api/v1/admin/index.get.ts
View File

@ -1,6 +0,0 @@
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getUser(h3);
if (!user)
throw createError({ statusCode: 403, statusMessage: "Not authenticated" });
return { admin: user.admin };
});

5
server/api/v1/admin/library/index.get.ts
View File

@ -1,8 +1,9 @@
import aclManager from "~/server/internal/acls";
import libraryManager from "~/server/internal/library";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, ["library:read"]);
if (!allowed) throw createError({ statusCode: 403 });
const unimportedGames = await libraryManager.fetchAllUnimportedGames();
const games = await libraryManager.fetchGamesWithStatus();

0
server/api/v1/news/[id].delete.ts → server/api/v1/admin/news/[id].delete.ts
View File

0
server/api/v1/news/index.post.ts → server/api/v1/admin/news/index.post.ts
View File

5
server/api/v1/admin/user/index.get.ts
View File

@ -1,8 +1,9 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getAdminUser(h3);
if (!user) throw createError({ statusCode: 403 });
const allowed = await aclManager.allowSystemACL(h3, ["user:read"]);
if (!allowed) throw createError({ statusCode: 403 });
const users = await prisma.user.findMany({});

3
server/api/v1/auth/signin/simple.post.ts
View File

@ -2,6 +2,7 @@ import { AuthMec } from "@prisma/client";
import { JsonArray } from "@prisma/client/runtime/library";
import prisma from "~/server/internal/db/database";
import { checkHash } from "~/server/internal/security/simple";
import sessionHandler from "~/server/internal/session";
export default defineEventHandler(async (h3) => {
const body = await readBody(h3);
@ -31,7 +32,7 @@ export default defineEventHandler(async (h3) => {
if (!await checkHash(password, hash.toString()))
throw createError({ statusCode: 401, statusMessage: "Invalid username or password." });
await h3.context.session.setUserId(h3, authMek.userId, rememberMe);
await sessionHandler.setUserId(h3, authMek.userId, rememberMe);
return { result: true, userId: authMek.userId }
});

3
server/api/v1/client/auth/callback/index.get.ts
View File

@ -1,7 +1,8 @@
import clientHandler from "~/server/internal/clients/handler";
import sessionHandler from "~/server/internal/session";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await sessionHandler.getUserId(h3);
if (!userId) throw createError({ statusCode: 403 });
const query = getQuery(h3);

3
server/api/v1/client/auth/callback/index.post.ts
View File

@ -1,7 +1,8 @@
import clientHandler from "~/server/internal/clients/handler";
import sessionHandler from "~/server/internal/session";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await sessionHandler.getUserId(h3);
if (!userId) throw createError({ statusCode: 403 });
const body = await readBody(h3);

4
server/api/v1/collection/[id]/entry.delete.ts
View File

@ -1,11 +1,11 @@
import aclManager from "~/server/internal/acls";
import userLibraryManager from "~/server/internal/userlibrary";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserIdACL(h3, ["collections:remove"]);
if (!userId)
throw createError({
statusCode: 403,
statusMessage: "Requires authentication",
});
const id = getRouterParam(h3, "id");

4
server/api/v1/collection/[id]/entry.post.ts
View File

@ -1,11 +1,11 @@
import aclManager from "~/server/internal/acls";
import userLibraryManager from "~/server/internal/userlibrary";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserIdACL(h3, ["collections:add"]);
if (!userId)
throw createError({
statusCode: 403,
statusMessage: "Requires authentication",
});
const id = getRouterParam(h3, "id");

3
server/api/v1/collection/[id]/index.delete.ts
View File

@ -1,7 +1,8 @@
import aclManager from "~/server/internal/acls";
import userLibraryManager from "~/server/internal/userlibrary";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserIdACL(h3, ["collections:delete"]);
if (!userId)
throw createError({
statusCode: 403,

3
server/api/v1/collection/[id]/index.get.ts
View File

@ -1,7 +1,8 @@
import aclManager from "~/server/internal/acls";
import userLibraryManager from "~/server/internal/userlibrary";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserIdACL(h3, ["collections:read"]);
if (!userId)
throw createError({
statusCode: 403,

3
server/api/v1/collection/default/entry.delete.ts
View File

@ -1,7 +1,8 @@
import aclManager from "~/server/internal/acls";
import userLibraryManager from "~/server/internal/userlibrary";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserIdACL(h3, ["library:remove"]);
if (!userId)
throw createError({
statusCode: 403,

3
server/api/v1/collection/default/entry.post.ts
View File

@ -1,7 +1,8 @@
import aclManager from "~/server/internal/acls";
import userLibraryManager from "~/server/internal/userlibrary";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserIdACL(h3, ["library:add"]);
if (!userId)
throw createError({
statusCode: 403,

3
server/api/v1/collection/default/index.get.ts
View File

@ -1,7 +1,8 @@
import aclManager from "~/server/internal/acls";
import userLibraryManager from "~/server/internal/userlibrary";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserIdACL(h3, ["collections:read"]);
if (!userId)
throw createError({
statusCode: 403,

4
server/api/v1/collection/index.get.ts
View File

@ -1,11 +1,11 @@
import aclManager from "~/server/internal/acls";
import userLibraryManager from "~/server/internal/userlibrary";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserIdACL(h3, ["collections:new"]);
if (!userId)
throw createError({
statusCode: 403,
statusMessage: "Requires authentication",
});
const collections = await userLibraryManager.fetchCollections(userId);

4
server/api/v1/collection/index.post.ts
View File

@ -1,11 +1,11 @@
import aclManager from "~/server/internal/acls";
import userLibraryManager from "~/server/internal/userlibrary";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserIdACL(h3, ["collections:read"]);
if (!userId)
throw createError({
statusCode: 403,
statusMessage: "Requires authentication",
});
const body = await readBody(h3);

3
server/api/v1/games/[id]/index.get.ts
View File

@ -1,7 +1,8 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserIdACL(h3, ["store:read"]);
if (!userId) throw createError({ statusCode: 403 });
const gameId = getRouterParam(h3, "id");

0
server/api/v1/news/[id].get.ts → server/api/v1/news/[id]/index.get.ts
View File

3
server/api/v1/notifications/[id]/index.delete.ts
View File

@ -1,7 +1,8 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserIdACL(h3, ["notifications:delete"]);
if (!userId) throw createError({ statusCode: 403 });
const notificationId = getRouterParam(h3, "id");

3
server/api/v1/notifications/[id]/index.get.ts
View File

@ -1,7 +1,8 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserIdACL(h3, ["notifications:read"]);
if (!userId) throw createError({ statusCode: 403 });
const notificationId = getRouterParam(h3, "id");

3
server/api/v1/notifications/[id]/read.post.ts
View File

@ -1,7 +1,8 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserIdACL(h3, ["notifications:mark"]);
if (!userId) throw createError({ statusCode: 403 });
const notificationId = getRouterParam(h3, "id");

3
server/api/v1/notifications/index.get.ts
View File

@ -1,7 +1,8 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserIdACL(h3, ["notifications:read"]);
if (!userId) throw createError({ statusCode: 403 });
const notifications = await prisma.notification.findMany({

3
server/api/v1/notifications/readall.post.ts
View File

@ -1,7 +1,8 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserIdACL(h3, ["notifications:mark"]);
if (!userId) throw createError({ statusCode: 403 });
await prisma.notification.updateMany({

15
server/api/v1/notifications/ws.get.ts
View File

@ -1,6 +1,7 @@
import notificationSystem from "~/server/internal/notifications";
import session from "~/server/internal/session";
import { parse as parseCookies } from "cookie-es";
import aclManager from "~/server/internal/acls";
// TODO add web socket sessions for horizontal scaling
// Peer ID to user ID
@ -8,16 +9,10 @@ const socketSessions: { [key: string]: string } = {};
export default defineWebSocketHandler({
async open(peer) {
const cookies = peer.request?.headers?.get("Cookie");
if (!cookies) {
peer.send("unauthenticated");
return;
}
const parsedCookies = parseCookies(cookies);
const token = parsedCookies[session.getDropTokenCookie()];
const userId = await session.getUserIdRaw(token);
const userId = await aclManager.getUserIdACL(
{ headers: peer.request?.headers ?? new Headers() },
["notifications:listen"]
);
if (!userId) {
peer.send("unauthenticated");
return;

4
server/api/v1/object/[id]/index.delete.ts
View File

@ -1,8 +1,10 @@
import aclManager from "~/server/internal/acls";
export default defineEventHandler(async (h3) => {
const id = getRouterParam(h3, "id");
if (!id) throw createError({ statusCode: 400, statusMessage: "Invalid ID" });
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserIdACL(h3, ["object:delete"]);
const result = await h3.context.objects.deleteWithPermission(id, userId);
return { success: result };

4
server/api/v1/object/[id]/index.get.ts
View File

@ -1,8 +1,10 @@
import aclManager from "~/server/internal/acls";
export default defineEventHandler(async (h3) => {
const id = getRouterParam(h3, "id");
if (!id) throw createError({ statusCode: 400, statusMessage: "Invalid ID" });
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserIdACL(h3, ["object:read"]);
const object = await h3.context.objects.fetchWithPermissions(id, userId);
if (!object)

4
server/api/v1/object/[id]/index.post.ts
View File

@ -1,3 +1,5 @@
import aclManager from "~/server/internal/acls";
export default defineEventHandler(async (h3) => {
const id = getRouterParam(h3, "id");
if (!id) throw createError({ statusCode: 400, statusMessage: "Invalid ID" });
@ -9,7 +11,7 @@ export default defineEventHandler(async (h3) => {
statusMessage: "Invalid upload",
});
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserIdACL(h3, ["object:update"]);
const buffer = Buffer.from(body);
const result = await h3.context.objects.writeWithPermissions(

3
server/api/v1/store/developers.ts
View File

@ -1,7 +1,8 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserACL(h3, ["store:read"]);
if (!userId) throw createError({ statusCode: 403 });
const developers = await prisma.developer.findMany({

3
server/api/v1/store/publishers.ts
View File

@ -1,7 +1,8 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserACL(h3, ["store:read"]);
if (!userId) throw createError({ statusCode: 403 });
const publishers = await prisma.publisher.findMany({

3
server/api/v1/store/recent.get.ts
View File

@ -1,7 +1,8 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserACL(h3, ["store:read"]);
if (!userId) throw createError({ statusCode: 403 });
const games = await prisma.game.findMany({

3
server/api/v1/store/released.get.ts
View File

@ -1,7 +1,8 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserACL(h3, ["store:read"]);
if (!userId) throw createError({ statusCode: 403 });
const games = await prisma.game.findMany({

3
server/api/v1/store/updated.get.ts
View File

@ -1,7 +1,8 @@
import aclManager from "~/server/internal/acls";
import prisma from "~/server/internal/db/database";
export default defineEventHandler(async (h3) => {
const userId = await h3.context.session.getUserId(h3);
const userId = await aclManager.getUserACL(h3, ["store:read"]);
if (!userId) throw createError({ statusCode: 403 });
const versions = await prisma.gameVersion.findMany({

29
server/api/v1/task/index.get.ts
View File

@ -1,46 +1,39 @@
import session from "~/server/internal/session";
import taskHandler, { TaskMessage } from "~/server/internal/tasks";
import { parse as parseCookies } from "cookie-es";
import { MinimumRequestObject } from "~/server/h3";
// TODO add web socket sessions for horizontal scaling
// ID to admin
const adminSocketSessions: { [key: string]: boolean } = {};
const socketHeaders: { [key: string]: MinimumRequestObject } = {};
export default defineWebSocketHandler({
async open(peer) {
const cookies = peer.request?.headers?.get("Cookie");
if (!cookies) {
const request = peer.request;
if (!request) {
peer.send("unauthenticated");
return;
}
const parsedCookies = parseCookies(cookies);
const token = parsedCookies[session.getDropTokenCookie()];
const userId = await session.getUserIdRaw(token);
if (!userId) {
peer.send("unauthenticated");
return;
}
const admin = session.getAdminUser(token);
adminSocketSessions[peer.id] = admin !== undefined;
socketHeaders[peer.id] = {
headers: request.headers ?? new Headers(),
};
peer.send(`connect`);
},
message(peer, message) {
if (!peer.id) return;
if (adminSocketSessions[peer.id] === undefined) return;
if (socketHeaders[peer.id] === undefined) return;
const text = message.text();
if (text.startsWith("connect/")) {
const id = text.substring("connect/".length);
taskHandler.connect(peer.id, id, peer, adminSocketSessions[peer.id]);
taskHandler.connect(peer.id, id, peer, socketHeaders[peer.id]);
return;
}
},
close(peer, details) {
if (!peer.id) return;
if (adminSocketSessions[peer.id] === undefined) return;
delete adminSocketSessions[peer.id];
if (socketHeaders[peer.id] === undefined) return;
delete socketHeaders[peer.id];
taskHandler.disconnectAll(peer.id);
},

4
server/api/v1/user/index.get.ts
View File

@ -1,4 +1,6 @@
import aclManager from "~/server/internal/acls";
export default defineEventHandler(async (h3) => {
const user = await h3.context.session.getUser(h3);
const user = await aclManager.getUserACL(h3, ["read"]);
return user ?? null; // Need to specifically return null
});