/// <summary> /// Creates the requested role /// </summary> public async Task <TaskResult> EditRole([FromBody] ServerPlanetRole role, string token) { AuthToken authToken = await Context.AuthTokens.FindAsync(token); if (authToken == null) { return(new TaskResult(false, "Failed to authorize user.")); } if (!Permission.HasPermission(authToken.Scope, UserPermissions.PlanetManagement)) { return(new TaskResult(false, "You don't have planet management scope.")); } if (!(await Context.PlanetRoles.AnyAsync(x => x.Id == role.Id))) { return(new TaskResult(false, $"The role {role.Id} does not exist.")); } ServerPlanetMember member = await Context.PlanetMembers.Include(x => x.User) .Include(x => x.Planet) .FirstOrDefaultAsync(x => x.User_Id == authToken.User_Id && x.Planet_Id == role.Planet_Id); if (member == null) { return(new TaskResult(false, "You're not in the planet!")); } if (!(await member.HasPermissionAsync(PlanetPermissions.ManageRoles))) { return(new TaskResult(false, "You don't have role management permissions!")); } // Do not allow modifying roles with a lower position than your own (lower is more powerful) if (member.User_Id != member.Planet.Owner_Id) { if (((await member.GetPrimaryRoleAsync()).Position > role.Position)) { return(new TaskResult(false, "You can't edit a role above your own!")); } } Context.PlanetRoles.Update(role); await Context.SaveChangesAsync(); await PlanetHub.NotifyRoleChange(role); return(new TaskResult(true, $"Successfully edited role {role.Id}.")); }
public async Task <TaskResult <int> > TryUpdateAsync(ServerPlanetMember member, ServerPlanetRole newRole, ValourDB db) { if (member == null) { return(new TaskResult <int>(false, "Member not found", 403)); } if (member.Planet_Id != Planet_Id) { return(new TaskResult <int>(false, "Member is of another planet", 403)); } if (!await member.HasPermissionAsync(PlanetPermissions.ManageRoles, db)) { return(new TaskResult <int>(false, "Member lacks PlanetPermissions.ManageRoles", 403)); } if (await member.GetAuthorityAsync() <= GetAuthority()) { return(new TaskResult <int>(false, "Member authority is lower than role authority", 403)); } if (newRole.Id != Id) { return(new TaskResult <int>(false, "Given role does not match id", 400)); } this.Name = newRole.Name; this.Position = newRole.Position; this.Permissions = newRole.Permissions; this.Color_Red = newRole.Color_Red; this.Color_Green = newRole.Color_Green; this.Color_Blue = newRole.Color_Blue; this.Bold = newRole.Bold; this.Italics = newRole.Italics; db.PlanetRoles.Update(this); await db.SaveChangesAsync(); PlanetHub.NotifyRoleChange(this); return(new TaskResult <int>(true, "Success", 200)); }
/// <summary> /// Creates the requested role /// </summary> public async Task <TaskResult> CreateRole([FromBody] ServerPlanetRole role, string token) { AuthToken authToken = await Context.AuthTokens.FindAsync(token); if (authToken == null) { return(new TaskResult(false, "Failed to authorize user.")); } if (!Permission.HasPermission(authToken.Scope, UserPermissions.PlanetManagement)) { return(new TaskResult(false, "You don't have planet management scope.")); } ServerPlanetMember member = await Context.PlanetMembers.Include(x => x.User) .FirstOrDefaultAsync(x => x.User_Id == authToken.User_Id && x.Planet_Id == role.Planet_Id); if (member == null) { return(new TaskResult(false, "You're not in the planet!")); } if (!(await member.HasPermissionAsync(PlanetPermissions.ManageRoles))) { return(new TaskResult(false, "You don't have role management permissions!")); } // Set role id role.Id = IdManager.Generate(); // Set to next open position role.Position = (uint)await Context.PlanetRoles.Where(x => x.Planet_Id == role.Planet_Id).CountAsync(); await Context.PlanetRoles.AddAsync(role); await Context.SaveChangesAsync(); await PlanetHub.NotifyRoleChange(role); return(new TaskResult(true, $"Role {role.Id} successfully added to position {role.Position}.")); }