chore(webui): adjust checks for guild view requests (#2807)

Reviewed-on: OpenWF/SpaceNinjaServer#2807 Reviewed-by: Sainan <63328889+sainan@users.noreply.github.com> Co-authored-by: AMelonInsideLemon <166175391+AMelonInsideLemon@users.noreply.github.com> Co-committed-by: AMelonInsideLemon <166175391+AMelonInsideLemon@users.noreply.github.com>
2025-09-24 08:41:04 -07:00 · 2025-09-24 08:41:04 -07:00 · 86a63ace41
commit 86a63ace41
parent 32c95b6715
4 changed files with 14 additions and 41 deletions
--- a/src/controllers/custom/addVaultDecoRecipeController.ts
+++ b/src/controllers/custom/addVaultDecoRecipeController.ts
@ -1,16 +1,16 @@
 import { getAccountIdForRequest } from "../../services/loginService.ts";
 import { getInventory } from "../../services/inventoryService.ts";
 import type { RequestHandler } from "express";
-import { hasAccessToDojo, getGuildForRequestEx, hasGuildPermission } from "../../services/guildService.ts";
+import { getGuildForRequestEx, hasGuildPermission } from "../../services/guildService.ts";
 import { GuildPermission } from "../../types/guildTypes.ts";
 import type { ITypeCount } from "../../types/commonTypes.ts";
 export const addVaultDecoRecipeController: RequestHandler = async (req, res) => {
    const accountId = await getAccountIdForRequest(req);
    const requests = req.body as ITypeCount[];
-    const inventory = await getInventory(accountId, "LevelKeys GuildId");
+    const inventory = await getInventory(accountId, "GuildId");
    const guild = await getGuildForRequestEx(req, inventory);
-    if (!hasAccessToDojo(inventory) || !(await hasGuildPermission(guild, accountId, GuildPermission.Architect))) {
+    if (!(await hasGuildPermission(guild, accountId, GuildPermission.Architect))) {
        res.status(400).send("-1").end();
        return;
    }
--- a/src/controllers/custom/setGuildCheatController.ts
+++ b/src/controllers/custom/setGuildCheatController.ts
@ -1,5 +1,5 @@
 import { GuildMember } from "../../models/guildModel.ts";
-import { getGuildForRequestEx, hasAccessToDojo } from "../../services/guildService.ts";
+import { getGuildForRequestEx } from "../../services/guildService.ts";
 import { getInventory } from "../../services/inventoryService.ts";
 import { getAccountIdForRequest } from "../../services/loginService.ts";
 import type { IGuildCheats } from "../../types/guildTypes.ts";
@ -8,12 +8,12 @@ import type { RequestHandler } from "express";
 export const setGuildCheatController: RequestHandler = async (req, res) => {
    const accountId = await getAccountIdForRequest(req);
    const payload = req.body as ISetGuildCheatRequest;
-    const inventory = await getInventory(accountId, `${payload.key} GuildId LevelKeys`);
+    const inventory = await getInventory(accountId, `GuildId`);
    const guild = await getGuildForRequestEx(req, inventory);
    const member = await GuildMember.findOne({ accountId: accountId, guildId: guild._id });
    if (member) {
-        if (!hasAccessToDojo(inventory) || member.rank > 1) {
+        if (member.rank > 1) {
            res.end();
            return;
        }
--- a/src/controllers/custom/techProjectController.ts
+++ b/src/controllers/custom/techProjectController.ts
@ -2,7 +2,6 @@ import { getAccountIdForRequest } from "../../services/loginService.ts";
 import { getInventory } from "../../services/inventoryService.ts";
 import type { RequestHandler } from "express";
 import {
    hasAccessToDojo,
    getGuildForRequestEx,
    setGuildTechLogState,
    processFundedGuildTechProject,
@ -19,9 +18,9 @@ import { GuildMember } from "../../models/guildModel.ts";
 export const addTechProjectController: RequestHandler = async (req, res) => {
    const accountId = await getAccountIdForRequest(req);
    const requests = req.body as ITechProjectRequest[];
-    const inventory = await getInventory(accountId, "LevelKeys GuildId");
+    const inventory = await getInventory(accountId, "GuildId");
    const guild = await getGuildForRequestEx(req, inventory);
-    if (!hasAccessToDojo(inventory) || !(await hasGuildPermission(guild, accountId, GuildPermission.Tech))) {
+    if (!(await hasGuildPermission(guild, accountId, GuildPermission.Tech))) {
        res.status(400).send("-1").end();
        return;
    }
@ -54,9 +53,9 @@ export const addTechProjectController: RequestHandler = async (req, res) => {
 export const removeTechProjectController: RequestHandler = async (req, res) => {
    const accountId = await getAccountIdForRequest(req);
    const requests = req.body as ITechProjectRequest[];
-    const inventory = await getInventory(accountId, "LevelKeys GuildId");
+    const inventory = await getInventory(accountId, "GuildId");
    const guild = await getGuildForRequestEx(req, inventory);
-    if (!hasAccessToDojo(inventory) || !(await hasGuildPermission(guild, accountId, GuildPermission.Tech))) {
+    if (!(await hasGuildPermission(guild, accountId, GuildPermission.Tech))) {
        res.status(400).send("-1").end();
        return;
    }
@ -74,13 +73,13 @@ export const removeTechProjectController: RequestHandler = async (req, res) => {
 export const fundTechProjectController: RequestHandler = async (req, res) => {
    const accountId = await getAccountIdForRequest(req);
    const requests = req.body as ITechProjectRequest[];
-    const inventory = await getInventory(accountId, "LevelKeys GuildId");
+    const inventory = await getInventory(accountId, "GuildId");
    const guild = await getGuildForRequestEx(req, inventory);
    const guildMember = (await GuildMember.findOne(
        { accountId, guildId: guild._id },
        "RegularCreditsContributed MiscItemsContributed"
    ))!;
-    if (!hasAccessToDojo(inventory)) {
+    if (!(await hasGuildPermission(guild, accountId, GuildPermission.Tech))) {
        res.status(400).send("-1").end();
        return;
    }
@ -105,9 +104,9 @@ export const fundTechProjectController: RequestHandler = async (req, res) => {
 export const completeTechProjectsController: RequestHandler = async (req, res) => {
    const accountId = await getAccountIdForRequest(req);
    const requests = req.body as ITechProjectRequest[];
-    const inventory = await getInventory(accountId, "LevelKeys GuildId");
+    const inventory = await getInventory(accountId, "GuildId");
    const guild = await getGuildForRequestEx(req, inventory);
-    if (!hasAccessToDojo(inventory)) {
+    if (!(await hasGuildPermission(guild, accountId, GuildPermission.Tech))) {
        res.status(400).send("-1").end();
        return;
    }
--- a/static/webui/script.js
+++ b/static/webui/script.js
@ -1992,32 +1992,6 @@ function updateInventory() {
    });
 }
 function addVaultDecoRecipe() {
    const uniqueName = getKey(document.getElementById("acquire-type-VaultDecoRecipes"));
    if (!guildId) {
        return;
    }
    if (!uniqueName) {
        $("acquire-type-VaultDecoRecipes").addClass("is-invalid").focus();
        return;
    }
    revalidateAuthz().then(() => {
        const req = $.post({
            url: "/custom/addVaultDecoRecipe?" + window.authz + "&guildId=" + window.guildId,
            contentType: "application/json",
            data: JSON.stringify([
                {
                    ItemType: uniqueName,
                    ItemCount: 1
                }
            ])
        });
        req.done(() => {
            updateInventory();
        });
    });
 }
 function changeGuildRank(guildId, targetId, rankChange) {
    revalidateAuthz().then(() => {
        const req = $.get(