protected async Task RequirePermission(ulong guildId, int caseId, APIActionPermission permission) { Identity currentIdentity = await GetIdentity(); ModCase modCase = await ModCaseRepository.CreateDefault(_serviceProvider, currentIdentity).GetModCase(guildId, caseId); if (modCase == null) { throw new ResourceNotFoundException(); } if (!await currentIdentity.IsAllowedTo(permission, modCase)) { throw new UnauthorizedException(); } if (modCase.MarkedToDeleteAt != null && permission == APIActionPermission.Edit) { throw new CaseMarkedToBeDeletedException(); } }
public async Task <bool> IsAllowedTo(APIActionPermission permission, CaseTemplate caseTemplate) { if (currentUser == null) { return(false); } if (caseTemplate == null) { return(false); } if (IsSiteAdmin()) { return(true); } switch (permission) { case APIActionPermission.View: if (caseTemplate.UserId == currentUser.Id) { return(true); } if (caseTemplate.ViewPermission == ViewPermission.Self) { return(false); } if (caseTemplate.ViewPermission == ViewPermission.Global) { return(true); } return(await HasPermissionOnGuild(DiscordPermission.Moderator, caseTemplate.CreatedForGuildId)); case APIActionPermission.Edit: case APIActionPermission.Delete: return(await HasPermissionOnGuild(DiscordPermission.Moderator, caseTemplate.CreatedForGuildId) && caseTemplate.UserId == currentUser.Id); case APIActionPermission.ForceDelete: return(false); // only siteadmin default: return(false); } }
public async Task <bool> IsAllowedTo(APIActionPermission permission, ModCase modCase) { if (modCase == null) { return(false); } if (IsSiteAdmin()) { return(true); } switch (permission) { case APIActionPermission.View: if (currentUser == null) { return(false); } return(modCase.UserId == currentUser.Id || await HasPermissionOnGuild(DiscordPermission.Moderator, modCase.GuildId)); case APIActionPermission.Delete: return(await HasPermissionOnGuild(DiscordPermission.Moderator, modCase.GuildId)); case APIActionPermission.ForceDelete: return(false); // only siteadmin case APIActionPermission.Edit: GuildConfig guildConfig; try { using var scope = _serviceProvider.CreateScope(); guildConfig = await GuildConfigRepository.CreateDefault(scope.ServiceProvider).GetGuildConfig(modCase.GuildId); } catch (ResourceNotFoundException) { return(false); } if (guildConfig.StrictModPermissionCheck && modCase.PunishmentType != PunishmentType.Warn) { GuildPermission x = GuildPermission.CreateInstantInvite; if (modCase.PunishmentType == PunishmentType.Kick) { x = GuildPermission.KickMembers; } if (modCase.PunishmentType == PunishmentType.Ban) { x = GuildPermission.BanMembers; } if (modCase.PunishmentType == PunishmentType.Mute) { x = GuildPermission.ManageRoles; } if (await HasPermissionOnGuild(DiscordPermission.Admin, modCase.GuildId)) { return(true); } return(await HasPermissionOnGuild(DiscordPermission.Moderator, modCase.GuildId) && await HasRolePermissionInGuild(modCase.GuildId, x)); } return(await HasPermissionOnGuild(DiscordPermission.Moderator, modCase.GuildId)); } return(false); }