Skip to content

Commit

Permalink
Allow verified role to be restricted per server based on api key perm…
Browse files Browse the repository at this point in the history 
…issions
  • Loading branch information
@vennekilde
vennekilde committed Oct 6, 2024
1 parent 6443d31 commit d86fae5
Show file tree
Hide file tree
Showing 7 changed files with 285 additions and 98 deletions.
46 changes: 45 additions & 1 deletion api/openapi.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -609,6 +609,8 @@ components:
bun: ",nullzero,notnull,default:current_timestamp"
id:
type: string
x-oapi-codegen-extra-tags:
bun: ",pk"
name:
type: string
world:
Expand Down Expand Up @@ -653,6 +655,13 @@ components:
type: boolean
x-oapi-codegen-extra-tags:
bun: '-'
api_keys:
type: array
items:
$ref: '#/components/schemas/TokenInfo'
x-go-type-skip-optional-pointer: true
x-oapi-codegen-extra-tags:
bun: rel:has-many,join:id=account_id
PlatformLink:
type: object
required:
Expand Down Expand Up @@ -681,7 +690,42 @@ components:
type: integer
format: int64
x-go-name: UserID

TokenInfo:
type: object
required:
- id
- name
- account_id
- permissions
properties:
db_created:
type: string
format: date-time
x-go-type-skip-optional-pointer: true
x-oapi-codegen-extra-tags:
bun: ",nullzero,notnull,default:current_timestamp,scanonly"
db_updated:
type: string
format: date-time
x-go-type-skip-optional-pointer: true
x-oapi-codegen-extra-tags:
bun: ",nullzero,notnull,default:current_timestamp"
last_success:
type: string
format: date-time
x-go-type-skip-optional-pointer: true
id:
type: string
name:
type: string
account_id:
type: string
permissions:
type: array
items:
type: string
x-go-type-skip-optional-pointer: true

EphemeralAssociation:
type: object
properties:
Expand Down
149 changes: 81 additions & 68 deletions internal/api/api.gen.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

19 changes: 10 additions & 9 deletions internal/backend/service.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,15 +15,16 @@ import (
const PlatformID = 2

const (
SettingWvWWorld = "wvw_world"
SettingPrimaryRole = "wvw_primary_role"
SettingLinkedRole = "wvw_linked_role"
SettingAssociatedRoles = "wvw_associated_roles"
SettingAccRepEnabled = "acc_rep_nick"
SettingGuildTagRepEnabled = "guild_tag_rep_nick"
SettingEnforceGuildRep = "enforce_guild_rep"
SettingGuildCommonRole = "verification_role"
SettingGuildVerifyRoles = "guild_verify_roles"
SettingWvWWorld = "wvw_world"
SettingPrimaryRole = "wvw_primary_role"
SettingLinkedRole = "wvw_linked_role"
SettingAssociatedRoles = "wvw_associated_roles"
SettingAccRepEnabled = "acc_rep_nick"
SettingGuildTagRepEnabled = "guild_tag_rep_nick"
SettingEnforceGuildRep = "enforce_guild_rep"
SettingGuildCommonRole = "verification_role"
SettingGuildVerifyRoles = "guild_verify_roles"
SettingGuildRequiredPermissions = "guild_required_permissions"
)

type Service struct {
Expand Down
37 changes: 29 additions & 8 deletions internal/guild/guilds.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"fmt"
"regexp"
"slices"
"strings"
"time"

"github.com/MrGunflame/gw2api"
Expand Down Expand Up @@ -156,7 +157,10 @@ func (g *GuildRoleHandler) CheckRoles(guildID string, member *discordgo.Member,
favoredGuildRoleID = role.ID
}
if len(verifiedRoles) == 0 || slices.Contains(verifiedRoles, role.ID) {
isVerified = true
// Ensure they are allowed to be verified
if g.CanHaveGuildVerifiedRole(guildID, account.ApiKeys) {
isVerified = true
}
}
}
}
Expand Down Expand Up @@ -242,16 +246,33 @@ nextRole:
}
}

func (g *GuildRoleHandler) AddVerificationRole(guildID string, userID string) error {
verificationRole := g.service.GetSetting(guildID, backend.SettingGuildCommonRole)
if verificationRole != "" {
err := g.discord.GuildMemberRoleAdd(guildID, userID, verificationRole)
if err != nil {
return err
// CanHaveGuildVerifiedRole check if the user has the required API Key permissions to have the guild verification role on this server
func (g *GuildRoleHandler) CanHaveGuildVerifiedRole(guildID string, apiKeys []api.TokenInfo) bool {
requiredPermissions := g.service.GetSettingSlice(guildID, backend.SettingGuildRequiredPermissions)
if len(requiredPermissions) == 0 {
return true
}

apiPermissions := make(map[string]struct{})
for _, apiKey := range apiKeys {
for _, permission := range apiKey.Permissions {
permission := strings.Split(permission, ",")
for _, p := range permission {
apiPermissions[p] = struct{}{}
}
}
}

return nil
outer:
for _, requiredPermission := range requiredPermissions {
for permission := range apiPermissions {
if permission == requiredPermission {
continue outer
}
}
return false
}
return true
}

func (g *GuildRoleHandler) SetGuildRole(guildID string, userID string, roleID string) error {
Expand Down
5 changes: 0 additions & 5 deletions internal/interaction/interaction_cmd_rep.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -195,11 +195,6 @@ func (c *RepCmd) handleRepFromStatus(s *discordgo.Session, event *discordgo.Inte
}
}
} else {
err := c.guildRoleHandler.AddVerificationRole(event.GuildID, user.ID)
if err != nil {
onError(s, event, err)
}

_, err = s.FollowupMessageCreate(event.Interaction, false, &discordgo.WebhookParams{
Content: "Pick guild to represent",
Flags: discordgo.MessageFlagsEphemeral,
Expand Down
Loading

0 comments on commit d86fae5

Please sign in to comment.