Add token listing at GET /tokens, also add a token-fixing tool at /tokens/fix_privileges.
By the way, 100th commit on the API!
This commit is contained in:
parent
52d7b65493
commit
4d9ec829a8
|
@ -46,6 +46,7 @@ func Start(conf common.Conf, dbO *sql.DB) *gin.Engine {
|
||||||
gv1.GET("/badges", Method(v1.BadgesGET, common.PrivilegeRead))
|
gv1.GET("/badges", Method(v1.BadgesGET, common.PrivilegeRead))
|
||||||
gv1.GET("/beatmaps", Method(v1.BeatmapGET, common.PrivilegeRead))
|
gv1.GET("/beatmaps", Method(v1.BeatmapGET, common.PrivilegeRead))
|
||||||
gv1.GET("/leaderboard", Method(v1.LeaderboardGET, common.PrivilegeRead))
|
gv1.GET("/leaderboard", Method(v1.LeaderboardGET, common.PrivilegeRead))
|
||||||
|
gv1.GET("/tokens", Method(v1.TokenGET, common.PrivilegeRead))
|
||||||
|
|
||||||
// ReadConfidential privilege required
|
// ReadConfidential privilege required
|
||||||
gv1.GET("/friends", Method(v1.FriendsGET, common.PrivilegeReadConfidential))
|
gv1.GET("/friends", Method(v1.FriendsGET, common.PrivilegeReadConfidential))
|
||||||
|
@ -70,6 +71,10 @@ func Start(conf common.Conf, dbO *sql.DB) *gin.Engine {
|
||||||
gv1.GET("/meta/kill", Method(v1.MetaKillGET, common.PrivilegeAPIMeta))
|
gv1.GET("/meta/kill", Method(v1.MetaKillGET, common.PrivilegeAPIMeta))
|
||||||
gv1.GET("/meta/up_since", Method(v1.MetaUpSinceGET, common.PrivilegeAPIMeta))
|
gv1.GET("/meta/up_since", Method(v1.MetaUpSinceGET, common.PrivilegeAPIMeta))
|
||||||
gv1.GET("/meta/update", Method(v1.MetaUpdateGET, common.PrivilegeAPIMeta))
|
gv1.GET("/meta/update", Method(v1.MetaUpdateGET, common.PrivilegeAPIMeta))
|
||||||
|
|
||||||
|
// User Managing + meta
|
||||||
|
gv1.GET("/tokens/fix_privileges", Method(v1.TokenFixPrivilegesGET,
|
||||||
|
common.PrivilegeManageUser, common.PrivilegeAPIMeta))
|
||||||
}
|
}
|
||||||
|
|
||||||
api.GET("/status", internals.Status)
|
api.GET("/status", internals.Status)
|
||||||
|
|
|
@ -29,6 +29,7 @@ func UserManageSetAllowedPOST(md common.MethodData) common.CodeMessager {
|
||||||
md.Err(err)
|
md.Err(err)
|
||||||
return Err500
|
return Err500
|
||||||
}
|
}
|
||||||
|
go fixPrivileges(data.UserID, md.DB)
|
||||||
query := `
|
query := `
|
||||||
SELECT users.id, users.username, register_datetime, rank,
|
SELECT users.id, users.username, register_datetime, rank,
|
||||||
latest_activity, users_stats.username_aka,
|
latest_activity, users_stats.username_aka,
|
||||||
|
|
|
@ -6,6 +6,7 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
|
|
||||||
"git.zxq.co/ripple/rippleapi/common"
|
"git.zxq.co/ripple/rippleapi/common"
|
||||||
|
"git.zxq.co/ripple/schiavolib"
|
||||||
"golang.org/x/crypto/bcrypt"
|
"golang.org/x/crypto/bcrypt"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -137,3 +138,85 @@ func TokenSelfDeleteGET(md common.MethodData) common.CodeMessager {
|
||||||
}
|
}
|
||||||
return common.SimpleResponse(200, "Bye!")
|
return common.SimpleResponse(200, "Bye!")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type token struct {
|
||||||
|
ID int `json:"id"`
|
||||||
|
Privileges uint64 `json:"privileges"`
|
||||||
|
Description string `json:"description"`
|
||||||
|
}
|
||||||
|
type tokenResponse struct {
|
||||||
|
common.ResponseBase
|
||||||
|
Tokens []token `json:"token"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// TokenGET retrieves a list listing all the user's public tokens.
|
||||||
|
func TokenGET(md common.MethodData) common.CodeMessager {
|
||||||
|
rows, err := md.DB.Query("SELECT id, privileges, description FROM tokens WHERE user = ? AND private = '0'", md.ID())
|
||||||
|
if err != nil {
|
||||||
|
return Err500
|
||||||
|
}
|
||||||
|
var r tokenResponse
|
||||||
|
for rows.Next() {
|
||||||
|
var t token
|
||||||
|
err = rows.Scan(&t.ID, &t.Privileges, &t.Description)
|
||||||
|
if err != nil {
|
||||||
|
md.Err(err)
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
r.Tokens = append(r.Tokens, t)
|
||||||
|
}
|
||||||
|
r.Code = 200
|
||||||
|
return r
|
||||||
|
}
|
||||||
|
|
||||||
|
// TokenFixPrivilegesGET fixes the privileges on the token of the given user,
|
||||||
|
// or of all the users if no user is given.
|
||||||
|
func TokenFixPrivilegesGET(md common.MethodData) common.CodeMessager {
|
||||||
|
id := common.Int(md.C.Query("id"))
|
||||||
|
if md.C.Query("id") == "self" {
|
||||||
|
id = md.ID()
|
||||||
|
}
|
||||||
|
go fixPrivileges(id, md.DB)
|
||||||
|
return common.SimpleResponse(200, "Privilege fixing started!")
|
||||||
|
}
|
||||||
|
|
||||||
|
func fixPrivileges(user int, db *sql.DB) {
|
||||||
|
var wc string
|
||||||
|
var params = make([]interface{}, 0, 1)
|
||||||
|
if user != 0 {
|
||||||
|
// dirty, but who gives a shit
|
||||||
|
wc = "WHERE user = ?"
|
||||||
|
params = append(params, user)
|
||||||
|
}
|
||||||
|
rows, err := db.Query(`
|
||||||
|
SELECT
|
||||||
|
tokens.id, tokens.privileges, users.rank
|
||||||
|
FROM tokens
|
||||||
|
LEFT JOIN users ON users.id = tokens.user
|
||||||
|
`+wc, params...)
|
||||||
|
if err != nil {
|
||||||
|
fmt.Println(err)
|
||||||
|
schiavo.Bunker.Send(err.Error())
|
||||||
|
return
|
||||||
|
}
|
||||||
|
for rows.Next() {
|
||||||
|
var (
|
||||||
|
id int
|
||||||
|
privsRaw uint64
|
||||||
|
privs common.Privileges
|
||||||
|
newPrivs common.Privileges
|
||||||
|
rank int
|
||||||
|
)
|
||||||
|
rows.Scan(&id, &privsRaw, &rank)
|
||||||
|
privs = common.Privileges(privsRaw)
|
||||||
|
newPrivs = privs.CanOnly(rank)
|
||||||
|
if newPrivs != privs {
|
||||||
|
_, err := db.Exec("UPDATE tokens SET privileges = ? WHERE id = ? LIMIT 1", uint64(newPrivs), id)
|
||||||
|
if err != nil {
|
||||||
|
fmt.Println(err)
|
||||||
|
schiavo.Bunker.Send(err.Error())
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user