OpenWF/SpaceNinjaServer
12
6
Fork 15
Code Issues 44 Pull Requests 5 Actions Packages Projects Releases Activity

fix(webui): ensure that all requests using authz revalidate it #1911

Merged
Sainan merged 1 commits from authz-fix into main 2025-04-29 12:27:39 -07:00
Conversation 0 Commits 1 Files Changed 1 +147 -134
1 changed files with 147 additions and 134 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

281
static/webui/script.js
View File

@ -375,6 +375,7 @@ function fetchItemList() {
} }
fetchItemList(); fetchItemList();
// Assumes that caller revalidates authz
function updateInventory() { function updateInventory() {
const req = $.get("/api/inventory.php?" + window.authz + "&xpBasedLevelCapDisabled=1"); const req = $.get("/api/inventory.php?" + window.authz + "&xpBasedLevelCapDisabled=1");
req.done(data => { req.done(data => {
@ -487,25 +488,27 @@ function updateInventory() {
a.href = "#"; a.href = "#";
a.onclick = function (event) { a.onclick = function (event) {
event.preventDefault(); event.preventDefault();
if (item.XP < maxXP) { revalidateAuthz(() => {
addGearExp(category, item.ItemId.$oid, maxXP - item.XP); if (item.XP < maxXP) {
} addGearExp(category, item.ItemId.$oid, maxXP - item.XP);
if ("exalted" in itemMap[item.ItemType]) { }
for (const exaltedType of itemMap[item.ItemType].exalted) { if ("exalted" in itemMap[item.ItemType]) {
const exaltedItem = data.SpecialItems.find(x => x.ItemType == exaltedType); for (const exaltedType of itemMap[item.ItemType].exalted) {
if (exaltedItem) { const exaltedItem = data.SpecialItems.find(x => x.ItemType == exaltedType);
const exaltedCap = if (exaltedItem) {
itemMap[exaltedType]?.type == "weapons" ? 800_000 : 1_600_000; const exaltedCap =
if (exaltedItem.XP < exaltedCap) { itemMap[exaltedType]?.type == "weapons" ? 800_000 : 1_600_000;
addGearExp( if (exaltedItem.XP < exaltedCap) {
"SpecialItems", addGearExp(
exaltedItem.ItemId.$oid, "SpecialItems",
exaltedCap - exaltedItem.XP exaltedItem.ItemId.$oid,
); exaltedCap - exaltedItem.XP
);
}
} }
} }
} }
} });
}; };
a.title = loc("code_maxRank"); a.title = loc("code_maxRank");
a.innerHTML = `<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 384 512"><!--!Font Awesome Free 6.5.2 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free Copyright 2024 Fonticons, Inc.--><path d="M214.6 41.4c-12.5-12.5-32.8-12.5-45.3 0l-160 160c-12.5 12.5-12.5 32.8 0 45.3s32.8 12.5 45.3 0L160 141.2V448c0 17.7 14.3 32 32 32s32-14.3 32-32V141.2L329.4 246.6c12.5 12.5 32.8 12.5 45.3 0s12.5-32.8 0-45.3l-160-160z"/></svg>`; a.innerHTML = `<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 384 512"><!--!Font Awesome Free 6.5.2 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free Copyright 2024 Fonticons, Inc.--><path d="M214.6 41.4c-12.5-12.5-32.8-12.5-45.3 0l-160 160c-12.5 12.5-12.5 32.8 0 45.3s32.8 12.5 45.3 0L160 141.2V448c0 17.7 14.3 32 32 32s32-14.3 32-32V141.2L329.4 246.6c12.5 12.5 32.8 12.5 45.3 0s12.5-32.8 0-45.3l-160-160z"/></svg>`;
@ -1229,76 +1232,22 @@ function addMissingEvolutionProgress() {
} }
function maxRankAllEvolutions() { function maxRankAllEvolutions() {
const req = $.get("/api/inventory.php?" + window.authz + "&xpBasedLevelCapDisabled=1"); revalidateAuthz(() => {
const req = $.get("/api/inventory.php?" + window.authz + "&xpBasedLevelCapDisabled=1");
req.done(data => {
const requests = [];
req.done(data => { data.EvolutionProgress.forEach(item => {
const requests = []; if (item.Rank < 5) {
requests.push({
data.EvolutionProgress.forEach(item => { ItemType: item.ItemType,
if (item.Rank < 5) { Rank: 5
requests.push({ });
ItemType: item.ItemType, }
Rank: 5
});
}
});
if (Object.keys(requests).length > 0) {
return setEvolutionProgress(requests);
}
toast(loc("code_noEquipmentToRankUp"));
});
}
function maxRankAllEquipment(categories) {
const req = $.get("/api/inventory.php?" + window.authz + "&xpBasedLevelCapDisabled=1");
req.done(data => {
window.itemListPromise.then(itemMap => {
const batchData = {};
categories.forEach(category => {
data[category].forEach(item => {
const maxXP =
category === "Suits" ||
category === "SpaceSuits" ||
category === "Sentinels" ||
category === "Hoverboards"
? 1_600_000
: 800_000;
if (item.XP < maxXP) {
if (!batchData[category]) {
batchData[category] = [];
}
batchData[category].push({
ItemId: { $oid: item.ItemId.$oid },
XP: maxXP
});
}
if (category === "Suits") {
if ("exalted" in itemMap[item.ItemType]) {
for (const exaltedType of itemMap[item.ItemType].exalted) {
const exaltedItem = data["SpecialItems"].find(x => x.ItemType == exaltedType);
if (exaltedItem) {
const exaltedCap = itemMap[exaltedType]?.type == "weapons" ? 800_000 : 1_600_000;
if (exaltedItem.XP < exaltedCap) {
batchData["SpecialItems"] ??= [];
batchData["SpecialItems"].push({
ItemId: { $oid: exaltedItem.ItemId.$oid },
XP: exaltedCap
});
}
}
}
}
}
});
}); });
if (Object.keys(batchData).length > 0) { if (Object.keys(requests).length > 0) {
return sendBatchGearExp(batchData); return setEvolutionProgress(requests);
} }
toast(loc("code_noEquipmentToRankUp")); toast(loc("code_noEquipmentToRankUp"));
@ -1306,6 +1255,64 @@ function maxRankAllEquipment(categories) {
}); });
} }
function maxRankAllEquipment(categories) {
revalidateAuthz(() => {
const req = $.get("/api/inventory.php?" + window.authz + "&xpBasedLevelCapDisabled=1");
req.done(data => {
window.itemListPromise.then(itemMap => {
const batchData = {};
categories.forEach(category => {
data[category].forEach(item => {
const maxXP =
category === "Suits" ||
category === "SpaceSuits" ||
category === "Sentinels" ||
category === "Hoverboards"
? 1_600_000
: 800_000;
if (item.XP < maxXP) {
if (!batchData[category]) {
batchData[category] = [];
}
batchData[category].push({
ItemId: { $oid: item.ItemId.$oid },
XP: maxXP
});
}
if (category === "Suits") {
if ("exalted" in itemMap[item.ItemType]) {
for (const exaltedType of itemMap[item.ItemType].exalted) {
const exaltedItem = data["SpecialItems"].find(x => x.ItemType == exaltedType);
if (exaltedItem) {
const exaltedCap =
itemMap[exaltedType]?.type == "weapons" ? 800_000 : 1_600_000;
if (exaltedItem.XP < exaltedCap) {
batchData["SpecialItems"] ??= [];
batchData["SpecialItems"].push({
ItemId: { $oid: exaltedItem.ItemId.$oid },
XP: exaltedCap
});
}
}
}
}
}
});
});
if (Object.keys(batchData).length > 0) {
return sendBatchGearExp(batchData);
}
toast(loc("code_noEquipmentToRankUp"));
});
});
});
}
// Assumes that caller revalidates authz
function addGearExp(category, oid, xp) { function addGearExp(category, oid, xp) {
const data = {}; const data = {};
data[category] = [ data[category] = [
@ -1314,16 +1321,14 @@ function addGearExp(category, oid, xp) {
XP: xp XP: xp
} }
]; ];
revalidateAuthz(() => { $.post({
$.post({ url: "/custom/addXp?" + window.authz,
url: "/custom/addXp?" + window.authz, contentType: "application/json",
contentType: "application/json", data: JSON.stringify(data)
data: JSON.stringify(data) }).done(function () {
}).done(function () { if (category != "SpecialItems") {
if (category != "SpecialItems") { updateInventory();
updateInventory(); }
}
});
}); });
} }
@ -1598,32 +1603,34 @@ function doAcquireMod() {
const uiConfigs = [...$("#server-settings input[id]")].map(x => x.id); const uiConfigs = [...$("#server-settings input[id]")].map(x => x.id);
function doChangeSettings() { function doChangeSettings() {
fetch("/custom/config?" + window.authz) revalidateAuthz(() => {
.then(response => response.json()) fetch("/custom/config?" + window.authz)
.then(json => { .then(response => response.json())
for (const i of uiConfigs) { .then(json => {
var x = document.getElementById(i); for (const i of uiConfigs) {
if (x != null) { var x = document.getElementById(i);
if (x.type == "checkbox") { if (x != null) {
if (x.checked === true) { if (x.type == "checkbox") {
json[i] = true; if (x.checked === true) {
} else { json[i] = true;
json[i] = false; } else {
json[i] = false;
}
} else if (x.type == "number") {
json[i] = parseInt(x.value);
} }
} else if (x.type == "number") {
json[i] = parseInt(x.value);
} }
} }
} $.post({
$.post({ url: "/custom/config?" + window.authz,
url: "/custom/config?" + window.authz, contentType: "text/plain",
contentType: "text/plain", data: JSON.stringify(json, null, 2)
data: JSON.stringify(json, null, 2) }).then(() => {
}).then(() => { // A few cheats affect the inventory response which in turn may change what values we need to show
// A few cheats affect the inventory response which in turn may change what values we need to show updateInventory();
updateInventory(); });
}); });
}); });
} }
// Cheats route // Cheats route
@ -1876,33 +1883,39 @@ function doChangeSupportedSyndicate() {
} }
function doAddCurrency(currency) { function doAddCurrency(currency) {
$.post({ revalidateAuthz(() => {
url: "/custom/addCurrency?" + window.authz, $.post({
contentType: "application/json", url: "/custom/addCurrency?" + window.authz,
data: JSON.stringify({ contentType: "application/json",
currency, data: JSON.stringify({
delta: document.getElementById(currency + "-delta").valueAsNumber currency,
}) delta: document.getElementById(currency + "-delta").valueAsNumber
}).then(function () { })
updateInventory(); }).then(function () {
updateInventory();
});
}); });
} }
function doQuestUpdate(operation, itemType) { function doQuestUpdate(operation, itemType) {
$.post({ revalidateAuthz(() => {
url: "/custom/manageQuests?" + window.authz + "&operation=" + operation + "&itemType=" + itemType, $.post({
contentType: "application/json" url: "/custom/manageQuests?" + window.authz + "&operation=" + operation + "&itemType=" + itemType,
}).then(function () { contentType: "application/json"
updateInventory(); }).then(function () {
updateInventory();
});
}); });
} }
function doBulkQuestUpdate(operation) { function doBulkQuestUpdate(operation) {
$.post({ revalidateAuthz(() => {
url: "/custom/manageQuests?" + window.authz + "&operation=" + operation, $.post({
contentType: "application/json" url: "/custom/manageQuests?" + window.authz + "&operation=" + operation,
}).then(function () { contentType: "application/json"
updateInventory(); }).then(function () {
updateInventory();
});
}); });
} }