public async Task <TaskResult <PlanetInvite> > CreateInvite(ulong Planet_Id, ulong userid, string token, int hours)
{
AuthToken authToken = await Context.AuthTokens.FindAsync(token);
// Return the same if the token is for the wrong user to prevent someone
// from knowing if they cracked another user's token. This is basically
// impossible to happen by chance but better safe than sorry in the case that
// the literal impossible odds occur, more likely someone gets a stolen token
// but is not aware of the owner but I'll shut up now - Spike
if (authToken == null || authToken.User_Id != userid)
{
return(new TaskResult <PlanetInvite>(false, "Failed to authorize user.", null));
}
ServerPlanet planet = await ServerPlanet.FindAsync(Planet_Id, Mapper);
if (!(await planet.AuthorizedAsync(authToken, PlanetPermissions.Invite)))
{
return(new TaskResult <PlanetInvite>(false, "You are not authorized to do this.", null));
}
PlanetInvite invite = new PlanetInvite()
{
Planet_Id = Planet_Id,
Issuer_Id = userid,
Time = DateTime.UtcNow,
Hours = hours
};
Random random = new Random();
const string chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
string code = new string(Enumerable.Repeat(chars, 8).Select(s => s[random.Next(s.Length)]).ToArray());
PlanetInvite test = await Context.PlanetInvites.FirstOrDefaultAsync(x => x.Code == code);
while (test != null)
{
code = new string(Enumerable.Repeat(chars, 8).Select(s => s[random.Next(s.Length)]).ToArray());
test = await Context.PlanetInvites.Where(x => x.Code == code).FirstOrDefaultAsync();
}
invite.Code = code;
if (hours == 0)
{
invite.Hours = null;
}
await Context.PlanetInvites.AddAsync(invite);
await Context.SaveChangesAsync();
return(new TaskResult <PlanetInvite>(true, $"Successfully created invite", invite));
}
public async Task <TaskResult> BanUser(ulong target_id, ulong planet_id, string reason, string token, uint time)
{
AuthToken authToken = await Context.AuthTokens.FindAsync(token);
if (authToken == null)
{
return(new TaskResult(false, "Failed to authorize user."));
}
ServerPlanet planet = await ServerPlanet.FindAsync(planet_id);
if (!(await planet.AuthorizedAsync(authToken, PlanetPermissions.Ban)))
{
return(new TaskResult(false, "You are not authorized to do this."));
}
ServerPlanetMember member = await Context.PlanetMembers.FirstOrDefaultAsync(x => x.Id == target_id &&
x.Planet_Id == planet_id);
PlanetBan ban = new PlanetBan()
{
Id = IdManager.Generate(),
Reason = reason,
Planet_Id = planet_id,
User_Id = member.User_Id,
Banner_Id = authToken.User_Id,
Time = DateTime.UtcNow,
Permanent = false
};
if (time <= 0)
{
ban.Permanent = true;
}
else
{
ban.Minutes = time;
}
// Add channel to database
await Context.PlanetBans.AddAsync(ban);
List <ServerPlanetRoleMember> roles = await Task.Run(() => Context.PlanetRoleMembers.Where(x => x.Member_Id == target_id && x.Planet_Id == planet_id).ToList());
foreach (ServerPlanetRoleMember role in roles)
{
Context.PlanetRoleMembers.Remove(role);
}
Context.PlanetMembers.Remove(member);
await Context.SaveChangesAsync();
return(new TaskResult(true, $"Successfully banned user {member.Nickname}"));
}
/// <summary>
/// Creates a server and if successful returns a task result with the created
/// planet's id
/// </summary>
public async Task <TaskResult <ulong> > CreateChannel(string name, ulong planet_id, ulong user_id, ulong parentid, string token)
{
TaskResult nameValid = ValidateName(name);
if (!nameValid.Success)
{
return(new TaskResult <ulong>(false, nameValid.Message, 0));
}
AuthToken authToken = await Context.AuthTokens.FindAsync(token);
// Return the same if the token is for the wrong user to prevent someone
// from knowing if they cracked another user's token. This is basically
// impossible to happen by chance but better safe than sorry in the case that
// the literal impossible odds occur, more likely someone gets a stolen token
// but is not aware of the owner but I'll shut up now - Spike
if (authToken == null || authToken.User_Id != user_id)
{
return(new TaskResult <ulong>(false, "Failed to authorize user.", 0));
}
ServerPlanet planet = await ServerPlanet.FindAsync(planet_id);
if (!(await planet.AuthorizedAsync(authToken, PlanetPermissions.ManageChannels)))
{
return(new TaskResult <ulong>(false, "You are not authorized to do this.", 0));
}
// User is verified and given channel info is valid by this point
// Creates the channel channel
PlanetChatChannel channel = new PlanetChatChannel()
{
Id = IdManager.Generate(),
Name = name,
Planet_Id = planet_id,
Parent_Id = parentid,
Message_Count = 0,
Description = "A chat channel",
Position = Convert.ToUInt16(Context.PlanetChatChannels.Count())
};
// Add channel to database
await Context.PlanetChatChannels.AddAsync(channel);
// Save changes to DB
await Context.SaveChangesAsync();
await PlanetHub.Current.Clients.Group($"p-{planet_id}").SendAsync("RefreshChannelList", "");
// Return success
return(new TaskResult <ulong>(true, "Successfully created channel.", channel.Id));
}
/// <summary>
/// Returns a planet's primary channel
/// </summary>
public async Task <TaskResult <PlanetChatChannel> > GetPrimaryChannel(ulong planetid, ulong userid, string token)
{
ServerPlanet planet = await ServerPlanet.FindAsync(planetid, Mapper);
if (!(await planet.AuthorizedAsync(userid, token)))
{
return(new TaskResult <PlanetChatChannel>(false, "You are not authorized to access this planet.", null));
}
return(new TaskResult <PlanetChatChannel>(true, "Successfully retireved channel.", await planet.GetPrimaryChannelAsync()));
}
private static async Task GetMemberInfo(HttpContext ctx, ValourDB db,
[FromHeader] string authorization, [Required] ulong planet_id)
{
ServerAuthToken auth = await ServerAuthToken.TryAuthorize(authorization, db);
if (auth == null)
{
ctx.Response.StatusCode = 401;
await ctx.Response.WriteAsync($"Token is invalid [token: {authorization}]");
return;
}
ServerPlanet planet = await db.Planets
.Include(x => x.Members).ThenInclude(x => x.User)
.Include(x => x.Members).ThenInclude(x => x.RoleMembership.OrderBy(x => x.Role.Position))
.ThenInclude(x => x.Role)
.FirstOrDefaultAsync(x => x.Id == planet_id);
if (planet == null)
{
ctx.Response.StatusCode = 400;
await ctx.Response.WriteAsync($"Planet not found [id: {planet_id.ToString()}]");
return;
}
if (!planet.Members.Any(x => x.User_Id == auth.User_Id))
{
ctx.Response.StatusCode = 401;
await ctx.Response.WriteAsync($"Member not found");
return;
}
List <PlanetMemberInfo> info = new List <PlanetMemberInfo>();
foreach (var member in planet.Members)
{
PlanetMemberInfo planetInfo = new PlanetMemberInfo()
{
Member = member,
User = member.User,
RoleIds = member.RoleMembership.Select(x => x.Role_Id),
State = "Currently browsing"
};
info.Add(planetInfo);
}
ctx.Response.StatusCode = 200;
await ctx.Response.WriteAsJsonAsync(info);
}
public async Task <TaskResult> UpdateOrder([FromBody] Dictionary <ushort, List <ulong> > json, ulong user_id, string token, ulong Planet_Id)
{
AuthToken authToken = await Context.AuthTokens.FindAsync(token);
// Return the same if the token is for the wrong user to prevent someone
// from knowing if they cracked another user's token. This is basically
// impossible to happen by chance but better safe than sorry in the case that
// the literal impossible odds occur, more likely someone gets a stolen token
// but is not aware of the owner but I'll shut up now - Spike
if (authToken == null || authToken.User_Id != user_id)
{
return(new TaskResult(false, "Failed to authorize user."));
}
ServerPlanet planet = await ServerPlanet.FindAsync(Planet_Id);
if (!(await planet.AuthorizedAsync(authToken, PlanetPermissions.ManageChannels)))
{
return(new TaskResult(false, "You are not authorized to do this."));
}
Console.WriteLine(json);
var values = json;//JsonConvert.DeserializeObject<Dictionary<ulong, ulong>>(data);
foreach (var value in values)
{
ushort position = value.Key;
ulong id = value.Value[0];
//checks if item is a channel
Console.WriteLine(value.Value[0]);
if (value.Value[1] == 0)
{
PlanetChatChannel channel = await Context.PlanetChatChannels.Where(x => x.Id == id).FirstOrDefaultAsync();
channel.Position = position;
}
if (value.Value[1] == 1)
{
PlanetCategory category = await Context.PlanetCategories.Where(x => x.Id == id).FirstOrDefaultAsync();
category.Position = position;
}
Console.WriteLine(value);
}
await Context.SaveChangesAsync();
await PlanetHub.Current.Clients.Group($"p-{Planet_Id}").SendAsync("RefreshChannelList", "");
return(new TaskResult(true, "Updated Order!"));
}
public async Task <TaskResult <PlanetInvite> > CreateInvite(ulong Planet_Id, string token, int hours)
{
AuthToken authToken = await Context.AuthTokens.FindAsync(token);
if (authToken == null)
{
return(new TaskResult <PlanetInvite>(false, "Failed to authorize user.", null));
}
ServerPlanet planet = await ServerPlanet.FindAsync(Planet_Id);
if (!(await planet.AuthorizedAsync(authToken, PlanetPermissions.Invite)))
{
return(new TaskResult <PlanetInvite>(false, "You are not authorized to do this.", null));
}
PlanetInvite invite = new PlanetInvite()
{
Id = IdManager.Generate(),
Planet_Id = Planet_Id,
Issuer_Id = authToken.User_Id,
Time = DateTime.UtcNow,
Hours = hours
};
Random random = new Random();
const string chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
string code = new string(Enumerable.Repeat(chars, 8).Select(s => s[random.Next(s.Length)]).ToArray());
PlanetInvite test = await Context.PlanetInvites.FirstOrDefaultAsync(x => x.Code == code);
while (test != null)
{
code = new string(Enumerable.Repeat(chars, 8).Select(s => s[random.Next(s.Length)]).ToArray());
test = await Context.PlanetInvites.Where(x => x.Code == code).FirstOrDefaultAsync();
}
invite.Code = code;
if (hours == 0)
{
invite.Hours = null;
}
await Context.PlanetInvites.AddAsync(invite);
await Context.SaveChangesAsync();
return(new TaskResult <PlanetInvite>(true, $"Successfully created invite", invite));
}
public async Task <TaskResult> BanUser(ulong id, ulong Planet_Id, string reason, ulong userid, string token, uint time)
{
AuthToken authToken = await Context.AuthTokens.FindAsync(token);
// Return the same if the token is for the wrong user to prevent someone
// from knowing if they cracked another user's token. This is basically
// impossible to happen by chance but better safe than sorry in the case that
// the literal impossible odds occur, more likely someone gets a stolen token
// but is not aware of the owner but I'll shut up now - Spike
if (authToken == null || authToken.User_Id != userid)
{
return(new TaskResult(false, "Failed to authorize user."));
}
ServerPlanet planet = await ServerPlanet.FindAsync(Planet_Id, Mapper);
if (!(await planet.AuthorizedAsync(authToken, PlanetPermissions.Ban)))
{
return(new TaskResult(false, "You are not authorized to do this."));
}
PlanetBan ban = new PlanetBan()
{
Reason = reason,
Planet_Id = Planet_Id,
User_Id = id,
Banner_Id = userid,
Time = DateTime.UtcNow,
Permanent = false
};
if (time <= 0)
{
ban.Permanent = true;
}
else
{
ban.Minutes = time;
}
// Add channel to database
await Context.PlanetBans.AddAsync(ban);
PlanetMember member = await Context.PlanetMembers.Where(x => x.User_Id == id).FirstOrDefaultAsync();
Context.PlanetMembers.Remove(member);
await Context.SaveChangesAsync();
return(new TaskResult(true, $"Successfully banned user {id}"));
}
private static async Task GetChannelIds(HttpContext ctx, ValourDB db,
[FromHeader] string authorization, [Required] ulong planet_id)
{
ServerAuthToken auth = await ServerAuthToken.TryAuthorize(authorization, db);
if (auth == null)
{
ctx.Response.StatusCode = 401;
await ctx.Response.WriteAsync($"Token is invalid [token: {authorization}]");
return;
}
ServerPlanet planet = await db.Planets.Include(x => x.Members.Where(x => x.User_Id == auth.User_Id))
.Include(x => x.ChatChannels)
.FirstOrDefaultAsync(x => x.Id == planet_id);
if (planet == null)
{
ctx.Response.StatusCode = 400;
await ctx.Response.WriteAsync($"Planet not found [id: {planet_id}]");
return;
}
var member = planet.Members.FirstOrDefault();
if (member == null)
{
ctx.Response.StatusCode = 401;
await ctx.Response.WriteAsync($"Member not found");
return;
}
List <ulong> result = new List <ulong>();
foreach (var channel in planet.ChatChannels)
{
if (await channel.HasPermission(member, ChatChannelPermissions.View, db))
{
result.Add(channel.Id);
}
}
ctx.Response.StatusCode = 200;
await ctx.Response.WriteAsJsonAsync(result);
}
/// <summary>
/// Creates a server and if successful returns a task result with the created
/// planet's id
/// </summary>
public async Task <TaskResult <ulong> > CreateCategory(string name, ulong userid, ulong parentid, ulong planet_id, string token)
{
TaskResult nameValid = ValidateName(name);
if (!nameValid.Success)
{
return(new TaskResult <ulong>(false, nameValid.Message, 0));
}
AuthToken authToken = await Context.AuthTokens.FindAsync(token);
// Return the same if the token is for the wrong user to prevent someone
// from knowing if they cracked another user's token. This is basically
// impossible to happen by chance but better safe than sorry in the case that
// the literal impossible odds occur, more likely someone gets a stolen token
// but is not aware of the owner but I'll shut up now - Spike
if (authToken == null || authToken.User_Id != userid)
{
return(new TaskResult <ulong>(false, "Failed to authorize user.", 0));
}
ServerPlanet planet = await ServerPlanet.FindAsync(planet_id, Mapper);
if (!(await planet.AuthorizedAsync(authToken, PlanetPermissions.ManageCategories)))
{
return(new TaskResult <ulong>(false, "You are not authorized to do this.", 0));
}
// User is verified and given channel info is valid by this point
// Creates the channel channel
PlanetCategory category = new PlanetCategory()
{
Name = name,
Planet_Id = planet_id,
Parent_Id = parentid
};
// Add channel to database
await Context.PlanetCategories.AddAsync(category);
// Save changes to DB
await Context.SaveChangesAsync();
// Return success
return(new TaskResult <ulong>(true, "Successfully created category.", category.Id));
}
/// <summary>
/// Sets the description of a planet
/// </summary>
public async Task <TaskResult> SetDescription(ulong planet_id, string description, string token)
{
ServerPlanet planet = await ServerPlanet.FindAsync(planet_id, Mapper);
if (!(await planet.AuthorizedAsync(token, PlanetPermissions.Manage)))
{
return(new TaskResult(false, "You are not authorized to manage this planet."));
}
planet.Description = description;
Context.Planets.Update(planet);
await Context.SaveChangesAsync();
return(new TaskResult(true, "Changed description successfully"));
}
/// <summary>
/// Returns a planet object (if permitted)
/// </summary>
public async Task <TaskResult <Planet> > GetPlanet(ulong planetid, ulong userid, string token)
{
ServerPlanet planet = await ServerPlanet.FindAsync(planetid, Mapper);
if (planet == null)
{
return(new TaskResult <Planet>(false, "The given planet id does not exist.", null));
}
if (!(await planet.AuthorizedAsync(userid, token)))
{
return(new TaskResult <Planet>(false, "You are not authorized to access this planet.", null));
}
return(new TaskResult <Planet>(true, "Successfully retrieved planet.", planet));
}
/// <summary>
/// Sets the description of a planet
/// </summary>
public async Task <TaskResult> SetPublic(ulong planet_id, bool ispublic, string token)
{
ServerPlanet planet = await ServerPlanet.FindAsync(planet_id);
if (!(await planet.AuthorizedAsync(token, PlanetPermissions.Manage)))
{
return(new TaskResult(false, "You are not authorized to manage this planet."));
}
planet.Public = ispublic;
Context.Planets.Update(planet);
await Context.SaveChangesAsync();
return(new TaskResult(true, "Changed public value successfully"));
}
public async Task <TaskResult> Delete(ulong id, ulong user_id, string token)
{
AuthToken authToken = await Context.AuthTokens.FindAsync(token);
// Return the same if the token is for the wrong user to prevent someone
// from knowing if they cracked another user's token. This is basically
// impossible to happen by chance but better safe than sorry in the case that
// the literal impossible odds occur, more likely someone gets a stolen token
// but is not aware of the owner but I'll shut up now - Spike
if (authToken == null || authToken.User_Id != user_id)
{
return(new TaskResult(false, "Failed to authorize user."));
}
PlanetChatChannel channel = await Context.PlanetChatChannels.FindAsync(id);
if (channel == null)
{
return(new TaskResult(false, "That channel does not exist."));
}
ServerPlanet planet = await ServerPlanet.FindAsync(channel.Planet_Id);
if (planet == null)
{
return(new TaskResult(false, "Could not find the planet."));
}
if (!(await planet.AuthorizedAsync(authToken, PlanetPermissions.ManageChannels)))
{
return(new TaskResult(false, "You are not authorized to do this."));
}
if (channel.Id == planet.Main_Channel_Id)
{
return(new TaskResult(false, "You can not delete your main channel!"));
}
Context.PlanetChatChannels.Remove(channel);
await Context.SaveChangesAsync();
await PlanetHub.Current.Clients.Group($"p-{channel.Planet_Id}").SendAsync("RefreshChannelList", "");
return(new TaskResult(true, "Successfully deleted."));
}
private static async Task GetRoles(HttpContext ctx, ValourDB db, ulong planet_id,
[FromHeader] string authorization)
{
ServerAuthToken auth = await ServerAuthToken.TryAuthorize(authorization, db);
if (auth == null)
{
ctx.Response.StatusCode = 401;
await ctx.Response.WriteAsync($"Token is invalid");
return;
}
ServerPlanet planet = await db.Planets
.Include(x => x.Members.Where(x => x.User_Id == auth.User_Id))
.Include(x => x.Roles)
.FirstOrDefaultAsync(x => x.Id == planet_id);
if (planet == null)
{
ctx.Response.StatusCode = 404;
await ctx.Response.WriteAsync($"Planet not found [id: {planet_id.ToString()}]");
return;
}
var member = planet.Members.FirstOrDefault();
if (member == null)
{
ctx.Response.StatusCode = 403;
await ctx.Response.WriteAsync($"Member not found");
return;
}
if (!await planet.HasPermissionAsync(member, PlanetPermissions.View, db))
{
ctx.Response.StatusCode = 403;
await ctx.Response.WriteAsync($"Member lacks PlanetPermissions.View");
return;
}
ctx.Response.StatusCode = 200;
await ctx.Response.WriteAsJsonAsync(planet.Roles);
}
/// <summary>
/// Returns the planet membership of a user
/// </summary>
/// <param name="token"></param>
/// <returns></returns>
public async Task <TaskResult <List <Planet> > > GetPlanetMembership(ulong user_id, string token)
{
if (token == null)
{
return(new TaskResult <List <Planet> >(false, "Please supply an authentication token", null));
}
AuthToken authToken = await Context.AuthTokens.FindAsync(token);
if (!Permission.HasPermission(authToken.Scope, UserPermissions.Membership))
{
return(new TaskResult <List <Planet> >(false, $"The given token does not have membership scope", null));
}
User user = await Context.Users.FindAsync(user_id);
if (user == null)
{
return(new TaskResult <List <Planet> >(false, $"Could not find user {user_id}", null));
}
List <Planet> membership = new List <Planet>();
ServerPlanet valourServer = await ServerPlanet.FindAsync(735703679107072);
if (valourServer != null)
{
// Remove this after pre-pre-alpha
if (!(await valourServer.IsMemberAsync(user_id, Context)))
{
await valourServer.AddMemberAsync(user, Context);
}
}
foreach (PlanetMember member in Context.PlanetMembers.Where(x => x.User_Id == user_id))
{
Planet planet = await Context.Planets.FindAsync(member.Planet_Id);
if (planet != null)
{
membership.Add(planet);
}
}
return(new TaskResult <List <Planet> >(true, $"Retrieved {membership.Count} planets", membership));
}
/// <summary>
/// Returns a planetuser given the user and planet id
/// </summary>
public async Task <TaskResult <PlanetUser> > GetPlanetUser(ulong userid, ulong planet_id, string auth)
{
// Retrieve planet
ServerPlanet planet = ServerPlanet.FromBase(await Context.Planets.FindAsync(planet_id), Mapper);
if (planet == null)
{
return(new TaskResult <PlanetUser>(false, "The planet could not be found.", null));
}
// Authentication flow
AuthToken token = await Context.AuthTokens.FindAsync(auth);
// If authorizor is not a member of the planet, they do not have authority to get member info
if (token == null || !(await planet.IsMemberAsync(token.User_Id)))
{
return(new TaskResult <PlanetUser>(false, "Failed to authorize.", null));
}
// At this point the request is authorized
// Retrieve server data for user
User user = await Context.Users.FindAsync(userid);
// Null check
if (user == null)
{
return(new TaskResult <PlanetUser>(false, "The user could not be found.", null));
}
// Ensure the user is a member of the planet
if (!(await planet.IsMemberAsync(user)))
{
return(new TaskResult <PlanetUser>(false, "The target user is not a member of the planet.", null));
}
PlanetUser planetUser = await ServerPlanetUser.CreateAsync(userid, planet_id, Mapper);
if (planetUser == null)
{
return(new TaskResult <PlanetUser>(false, "Could not create planet user: Fatal error.", null));
}
return(new TaskResult <PlanetUser>(true, "Successfully retrieved planet user.", planetUser));
}
/// <summary>
/// Returns a planet object (if permitted)
/// </summary>
public async Task <TaskResult <Planet> > GetPlanet(ulong planet_id, string token)
{
ServerPlanet planet = await ServerPlanet.FindAsync(planet_id);
if (planet == null)
{
return(new TaskResult <Planet>(false, "The given planet id does not exist.", null));
}
AuthToken authToken = await Context.AuthTokens.FindAsync(token);
if (!(await planet.AuthorizedAsync(authToken, PlanetPermissions.View)))
{
return(new TaskResult <Planet>(false, "You are not authorized to access this planet.", null));
}
return(new TaskResult <Planet>(true, "Successfully retrieved planet.", planet));
}
/// <summary>
/// Returns the planet name using an invite code as authorization
/// </summary>
public async Task <TaskResult <string> > GetPlanetName(string invite_code)
{
PlanetInvite invite = await Context.PlanetInvites.FirstOrDefaultAsync(x => x.Code == invite_code);
if (invite == null)
{
return(new TaskResult <string>(false, "Could not find invite.", null));
}
ServerPlanet planet = await Context.Planets.FindAsync(invite.Planet_Id);
if (planet == null)
{
return(new TaskResult <string>(false, $"Could not find planet {invite.Planet_Id}", null));
}
return(new TaskResult <string>(true, $"Success", planet.Name));
}
public async Task <TaskResult> Delete(ulong id, ulong userid, string token)
{
AuthToken authToken = await Context.AuthTokens.FindAsync(token);
// Return the same if the token is for the wrong user to prevent someone
// from knowing if they cracked another user's token. This is basically
// impossible to happen by chance but better safe than sorry in the case that
// the literal impossible odds occur, more likely someone gets a stolen token
// but is not aware of the owner but I'll shut up now - Spike
if (authToken == null || authToken.User_Id != userid)
{
return(new TaskResult(false, "Failed to authorize user."));
}
PlanetCategory category = await Context.PlanetCategories.FindAsync(id);
ServerPlanet planet = await ServerPlanet.FindAsync(category.Planet_Id, Mapper);
if (!(await planet.AuthorizedAsync(authToken, PlanetPermissions.ManageCategories)))
{
return(new TaskResult(false, "You are not authorized to do this."));
}
List <PlanetCategory> categories = await Task.Run(() => Context.PlanetCategories.Where(x => x.Parent_Id == id).ToList());
foreach (PlanetCategory Category in categories)
{
Category.Parent_Id = null;
}
List <PlanetChatChannel> channels = await Task.Run(() => Context.PlanetChatChannels.Where(x => x.Parent_Id == id).ToList());
foreach (PlanetChatChannel channel in channels)
{
Context.PlanetChatChannels.Remove(channel);
}
Context.PlanetCategories.Remove(category);
Context.PlanetCategories.Remove(category);
await Context.SaveChangesAsync();
return(new TaskResult(true, "Successfully deleted."));
}
public async Task <TaskResult <List <PlanetInvite> > > GetInvites(ulong user_id, string token, ulong planet_id)
{
AuthToken authToken = await Context.AuthTokens.FindAsync(token);
if (authToken == null)
{
return(new TaskResult <List <PlanetInvite> >(false, "Failed to authorize user.", null));
}
ServerPlanet planet = await ServerPlanet.FindAsync(planet_id);
if (!(await planet.AuthorizedAsync(authToken, PlanetPermissions.Invite)))
{
return(new TaskResult <List <PlanetInvite> >(false, "You are not authorized to do this.", null));
}
List <PlanetInvite> invites = await Task.Run(() => Context.PlanetInvites.Where(x => x.Planet_Id == planet_id).ToList());
return(new TaskResult <List <PlanetInvite> >(true, $"Retrieved {invites.Count} invites", invites));
}
public async Task <TaskResult> Join(string code, string token)
{
AuthToken authToken = await Context.AuthTokens.FindAsync(token);
if (authToken == null)
{
return(new TaskResult(false, $"Unable to authorize"));
}
ulong user_id = authToken.User_Id;
PlanetInvite invite = await Context.PlanetInvites.FirstOrDefaultAsync(x => x.Code == code);
if (invite == null)
{
return(new TaskResult(false, $"Invite code not found!"));
}
if (await Context.PlanetBans.AnyAsync(x => x.User_Id == user_id && x.Planet_Id == invite.Planet_Id))
{
return(new TaskResult(false, $"User is banned from this planet!"));
}
if (await Context.PlanetMembers.AnyAsync(x => x.User_Id == user_id && x.Planet_Id == invite.Planet_Id))
{
return(new TaskResult(false, $"User is already in this planet!"));
}
ServerPlanet planet = await ServerPlanet.FindAsync(invite.Planet_Id);
if (!planet.Public)
{
return(new TaskResult(false, $"Planet is set to private!"));
}
User user = await Context.Users.FindAsync(user_id);
await planet.AddMemberAsync(user, Context);
return(new TaskResult(true, $"Successfully joined planet."));
}
public async Task <TaskResult> SetParentId(ulong id, ulong parentId, ulong user_id, string token)
{
AuthToken authToken = await Context.AuthTokens.FindAsync(token);
// Return the same if the token is for the wrong user to prevent someone
// from knowing if they cracked another user's token. This is basically
// impossible to happen by chance but better safe than sorry in the case that
// the literal impossible odds occur, more likely someone gets a stolen token
// but is not aware of the owner but I'll shut up now - Spike
if (authToken == null || authToken.User_Id != user_id)
{
return(new TaskResult(false, "Failed to authorize user."));
}
PlanetCategory category = await Context.PlanetCategories.Where(x => x.Id == id).FirstOrDefaultAsync();
ServerPlanet planet = await ServerPlanet.FindAsync(category.Planet_Id);
if (!(await planet.AuthorizedAsync(authToken, PlanetPermissions.ManageCategories)))
{
return(new TaskResult(false, "You are not authorized to do this."));
}
if (parentId == 0)
{
category.Parent_Id = null;
}
else
{
category.Parent_Id = parentId;
}
await Context.SaveChangesAsync();
await PlanetHub.Current.Clients.Group($"p-{planet.Id}").SendAsync("RefreshChannelList", "");
return(new TaskResult(true, "Successfully set parent id."));
}
/// <summary>
/// Sets the name of a planet
/// </summary>
public async Task <TaskResult> SetName(ulong planet_id, string name, string token)
{
ServerPlanet planet = await ServerPlanet.FindAsync(planet_id);
if (!(await planet.AuthorizedAsync(token, PlanetPermissions.Manage)))
{
return(new TaskResult(false, "You are not authorized to manage this planet."));
}
TaskResult validation = ValidateName(name);
if (!validation.Success)
{
return(validation);
}
planet.Name = name;
Context.Planets.Update(planet);
await Context.SaveChangesAsync();
return(new TaskResult(true, "Changed name successfully"));
}
public async Task <TaskResult> KickUser(ulong target_id, ulong planet_id, string token)
{
AuthToken authToken = await Context.AuthTokens.FindAsync(token);
if (authToken == null)
{
return(new TaskResult(false, "Failed to authorize user."));
}
ServerPlanet planet = await ServerPlanet.FindAsync(planet_id);
if (!(await planet.AuthorizedAsync(authToken, PlanetPermissions.Kick)))
{
return(new TaskResult(false, "You are not authorized to do this."));
}
ServerPlanetMember member = await Context.PlanetMembers.FirstOrDefaultAsync(x => x.Id == target_id && x.Planet_Id == planet_id);
if (member == null)
{
return(new TaskResult(true, $"Could not find PlanetMember {target_id}"));
}
List <ServerPlanetRoleMember> roles = await Task.Run(() => Context.PlanetRoleMembers.Where(x => x.Member_Id == target_id && x.Planet_Id == planet_id).ToList());
foreach (ServerPlanetRoleMember role in roles)
{
Context.PlanetRoleMembers.Remove(role);
}
Context.PlanetMembers.Remove(member);
await Context.SaveChangesAsync();
return(new TaskResult(true, $"Successfully kicked user {target_id}"));
}
/// <summary>
/// Returns a planet member's role ids given the user and planet id
/// </summary>
public async Task <TaskResult <List <ulong> > > GetPlanetMemberRoleIds(ulong user_id, ulong planet_id, string token)
{
// Retrieve planet
ServerPlanet planet = ServerPlanet.FromBase(await Context.Planets.FindAsync(planet_id));
if (planet == null)
{
return(new TaskResult <List <ulong> >(false, "The planet could not be found.", null));
}
// Authentication flow
AuthToken authToken = await Context.AuthTokens.FindAsync(token);
// If authorizor is not a member of the planet, they do not have authority to get member info
if (authToken == null || !(await planet.IsMemberAsync(authToken.User_Id)))
{
return(new TaskResult <List <ulong> >(false, "Failed to authorize.", null));
}
var roles = Context.PlanetRoleMembers.Include(x => x.Role).Where(x => x.User_Id == user_id && x.Planet_Id == planet_id).OrderBy(x => x.Role.Position);
var roleids = roles.Select(x => x.Role_Id).ToList();
return(new TaskResult <List <ulong> >(true, $"Retrieved {roleids.Count} roles.", roleids));
}
private static async Task InsertItem(HttpContext ctx, ValourDB db, ulong category_id,
[FromHeader] string authorization)
{
AuthToken auth = await ServerAuthToken.TryAuthorize(authorization, db);
if (auth == null)
{
ctx.Response.StatusCode = 401;
await ctx.Response.WriteAsync($"Token is invalid [token: {authorization}]");
return;
}
ServerPlanetCategory category = await db.PlanetCategories.Include(x => x.Planet)
.ThenInclude(x => x.Members.Where(x => x.User_Id == auth.User_Id))
.FirstOrDefaultAsync(x => x.Id == category_id);
if (category == null)
{
ctx.Response.StatusCode = 400;
await ctx.Response.WriteAsync($"Category not found [id: {category_id}]");
return;
}
var member = category.Planet.Members.FirstOrDefault();
if (member == null)
{
ctx.Response.StatusCode = 401;
await ctx.Response.WriteAsync("Member not found");
return;
}
if (!await category.HasPermission(member, CategoryPermissions.View, db))
{
ctx.Response.StatusCode = 401;
await ctx.Response.WriteAsync("Member lacks CategoryPermissions.View");
return;
}
if (!auth.HasScope(UserPermissions.PlanetManagement))
{
ctx.Response.StatusCode = 401;
await ctx.Response.WriteAsync($"Token lacks UserPermissions.PlanetManagement");
return;
}
if (!await category.HasPermission(member, CategoryPermissions.ManageCategory, db))
{
ctx.Response.StatusCode = 401;
await ctx.Response.WriteAsync("Member lacks CategoryPermissions.ManageCategory");
return;
}
ChannelListItem in_item = await JsonSerializer.DeserializeAsync <ChannelListItem>(ctx.Request.Body);
if (in_item == null || in_item.Planet_Id == 0)
{
ctx.Response.StatusCode = 400;
await ctx.Response.WriteAsync("Include item data.");
return;
}
IServerChannelListItem item = await IServerChannelListItem.FindAsync(in_item.ItemType, in_item.Id, db);
if (item == null)
{
ctx.Response.StatusCode = 400;
await ctx.Response.WriteAsync($"Item not found [id: {in_item.Id}]");
return;
}
ServerPlanet item_planet = await db.Planets.FindAsync(item.Planet_Id);
if (item_planet == null)
{
ctx.Response.StatusCode = 400;
await ctx.Response.WriteAsync($"Item planet not found [id: {in_item.Planet_Id}]");
return;
}
if (item_planet.Id != category.Planet_Id)
{
ctx.Response.StatusCode = 400;
await ctx.Response.WriteAsync($"Item belongs to different planet");
return;
}
if (item.Parent_Id == category.Id)
{
ctx.Response.StatusCode = 200;
await ctx.Response.WriteAsync($"No change");
return;
}
// Ensure that if this is a category, it is not going into a category that contains itself!
if (item.ItemType == ItemType.Category)
{
ulong?parent_id = category.Parent_Id;
while (parent_id != null)
{
// Recursion is a nono
if (parent_id == item.Id)
{
ctx.Response.StatusCode = 400;
await ctx.Response.WriteAsync("Operation would result in recursion.");
return;
}
parent_id = (await db.PlanetCategories.FindAsync(parent_id)).Parent_Id;
}
}
item.Parent_Id = category.Id;
item.Position = in_item.Position;
db.Update(item);
await db.SaveChangesAsync();
item.NotifyClientsChange();
ctx.Response.StatusCode = 200;
await ctx.Response.WriteAsync("Success");
return;
}
private static async Task Create(HttpContext ctx, ValourDB db,
[FromHeader] string authorization, [Required] string name,
[Required] string image_url)
{
ServerAuthToken auth = await ServerAuthToken.TryAuthorize(authorization, db);
if (auth == null)
{
ctx.Response.StatusCode = 401;
await ctx.Response.WriteAsync($"Token is invalid [token: {authorization}]");
return;
}
TaskResult nameValid = ServerPlanet.ValidateName(name);
if (!nameValid.Success)
{
ctx.Response.StatusCode = 400;
await ctx.Response.WriteAsync(nameValid.Message);
return;
}
ServerUser user = await db.Users.FindAsync(auth.User_Id);
if (!user.Valour_Staff)
{
var owned_planets = await db.Planets.CountAsync(x => x.Owner_Id == user.Id);
if (owned_planets > MAX_OWNED_PLANETS)
{
ctx.Response.StatusCode = 400;
await ctx.Response.WriteAsync("Max owned planets reached");
return;
}
}
// Image handling via proxy
ProxyResponse proxyResponse = await MPSManager.GetProxy(image_url);
bool is_media = MPSManager.Media_Types.Contains(proxyResponse.Item.Mime_Type);
if (proxyResponse.Item == null || !is_media)
{
image_url = "https://valour.gg/image.png";
}
else
{
image_url = proxyResponse.Item.Url;
}
ulong planet_id = IdManager.Generate();
// Create general category
ServerPlanetCategory category = new ServerPlanetCategory()
{
Id = IdManager.Generate(),
Name = "General",
Parent_Id = null,
Planet_Id = planet_id,
Description = "General category",
Position = 0
};
// Create general channel
ServerPlanetChatChannel channel = new ServerPlanetChatChannel()
{
Id = IdManager.Generate(),
Planet_Id = planet_id,
Name = "General",
Message_Count = 0,
Description = "General chat channel",
Parent_Id = category.Id
};
// Create default role
ServerPlanetRole defaultRole = new ServerPlanetRole()
{
Id = IdManager.Generate(),
Planet_Id = planet_id,
Position = uint.MaxValue,
Color_Blue = 255,
Color_Green = 255,
Color_Red = 255,
Name = "@everyone"
};
ServerPlanet planet = new ServerPlanet()
{
Id = planet_id,
Name = name,
Member_Count = 1,
Description = "A Valour server.",
Image_Url = image_url,
Public = true,
Owner_Id = user.Id,
Default_Role_Id = defaultRole.Id,
Main_Channel_Id = channel.Id
};
// Add planet to database
await db.Planets.AddAsync(planet);
await db.SaveChangesAsync(); // We must do this first to prevent foreign key errors
// Add category to database
await db.PlanetCategories.AddAsync(category);
// Add channel to database
await db.PlanetChatChannels.AddAsync(channel);
// Add default role to database
await db.PlanetRoles.AddAsync(defaultRole);
// Save changes
await db.SaveChangesAsync();
// Add owner to planet
await planet.AddMemberAsync(user, db);
ctx.Response.StatusCode = 200;
await ctx.Response.WriteAsJsonAsync(planet.Id);
}
private static async Task Public(HttpContext ctx, ValourDB db, ulong planet_id,
[FromHeader] string authorization)
{
AuthToken auth = await ServerAuthToken.TryAuthorize(authorization, db);
if (auth == null)
{
ctx.Response.StatusCode = 401;
await ctx.Response.WriteAsync($"Token is invalid [token: {authorization}]");
return;
}
ServerPlanet planet = await db.Planets.Include(x => x.Members.Where(x => x.User_Id == auth.User_Id))
.FirstOrDefaultAsync(x => x.Id == planet_id);
if (planet == null)
{
ctx.Response.StatusCode = 400;
await ctx.Response.WriteAsync($"Planet not found [id: {planet_id}]");
return;
}
ServerPlanetMember member = planet.Members.FirstOrDefault();
if (member == null)
{
ctx.Response.StatusCode = 401;
await ctx.Response.WriteAsync($"Member not found");
return;
}
if (!await planet.HasPermissionAsync(member, PlanetPermissions.View, db))
{
ctx.Response.StatusCode = 401;
await ctx.Response.WriteAsync("Member lacks PlanetPermissions.View");
return;
}
switch (ctx.Request.Method)
{
case "GET":
{
ctx.Response.StatusCode = 200;
await ctx.Response.WriteAsJsonAsync(planet.Public);
return;
}
case "PUT":
{
if (!auth.HasScope(UserPermissions.PlanetManagement))
{
ctx.Response.StatusCode = 401;
await ctx.Response.WriteAsync($"Token lacks UserPermissions.PlanetManagement");
return;
}
if (!await planet.HasPermissionAsync(member, PlanetPermissions.Manage, db))
{
ctx.Response.StatusCode = 401;
await ctx.Response.WriteAsync("Member lacks PlanetPermissions.Manage");
return;
}
string body = await ctx.Request.ReadBodyStringAsync();
bool parsed = false;
parsed = bool.TryParse(body, out var in_public);
if (!parsed)
{
ctx.Response.StatusCode = 400;
await ctx.Response.WriteAsync("Failed to parse body");
return;
}
var result = await planet.TrySetPublicAsync(in_public, db);
if (!result.Success)
{
ctx.Response.StatusCode = 400;
}
else
{
ctx.Response.StatusCode = 200;
}
await ctx.Response.WriteAsync(result.Message);
return;
}
}
}
private static async Task CreateCategory(HttpContext ctx, ValourDB db,
[FromHeader] string authorization)
{
ServerPlanetCategory category_data = await JsonSerializer.DeserializeAsync <ServerPlanetCategory>(ctx.Request.Body);
if (category_data == null)
{
ctx.Response.StatusCode = 400;
await ctx.Response.WriteAsync("Please include category in body");
return;
}
if (string.IsNullOrWhiteSpace(category_data.Name))
{
ctx.Response.StatusCode = 400;
await ctx.Response.WriteAsync("Please include a category name");
return;
}
// Request parameter validation //
TaskResult name_valid = ServerPlanetCategory.ValidateName(category_data.Name);
if (!name_valid.Success)
{
ctx.Response.StatusCode = 400;
await ctx.Response.WriteAsync($"Name is not valid [name: {category_data.Name}]");
return;
}
// Request authorization //
AuthToken auth = await ServerAuthToken.TryAuthorize(authorization, db);
if (!auth.HasScope(UserPermissions.PlanetManagement))
{
ctx.Response.StatusCode = 401;
await ctx.Response.WriteAsync("Token lacks UserPermissions.PlanetManagement scope");
return;
}
ServerPlanet planet = await db.Planets.Include(x => x.Members.Where(x => x.User_Id == auth.User_Id))
.FirstOrDefaultAsync(x => x.Id == category_data.Planet_Id);
var member = planet.Members.FirstOrDefault();
if (!await planet.HasPermissionAsync(member, PlanetPermissions.ManageChannels, db))
{
ctx.Response.StatusCode = 401;
await ctx.Response.WriteAsync("Member lacks PlanetPermissions.ManageChannels node");
return;
}
// Ensure parent category exists
ulong?parent_id = null;
ServerPlanetCategory parent = await db.PlanetCategories.FindAsync(category_data.Parent_Id);
ushort child_count = 0;
if (parent != null)
{
parent_id = parent.Id;
if (parent.Planet_Id != planet.Id)
{
ctx.Response.StatusCode = 400;
await ctx.Response.WriteAsync("Parent id does not match planet");
return;
}
child_count += (ushort)await db.PlanetChatChannels.CountAsync(x => x.Parent_Id == parent_id);
child_count += (ushort)await db.PlanetCategories.CountAsync(x => x.Parent_Id == parent_id);
}
// Request action //
// Creates the category
ServerPlanetCategory category = new ServerPlanetCategory()
{
Id = IdManager.Generate(),
Name = category_data.Name,
Planet_Id = category_data.Planet_Id,
Parent_Id = category_data.Parent_Id,
Description = category_data.Description,
Position = child_count
};
// Add channel to database
await db.PlanetCategories.AddAsync(category);
// Save changes to DB
await db.SaveChangesAsync();
// Send channel refresh
PlanetHub.NotifyCategoryChange(category);
ctx.Response.StatusCode = 201;
await ctx.Response.WriteAsync(category.Id.ToString());
}
