OpenWF/SpaceNinjaServer
28
29
Fork 35
Code Issues 23 Pull Requests 1 Actions Packages Projects Releases Activity

feat: add administrators, require administrator perms to change server config in webui #628

Merged
Sainan merged 6 commits from permissions into main 2024-12-23 13:44:01 -08:00
Conversation 2 Commits 6 Files Changed 11 +17 -9
3 changed files with 17 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 6b9fd766e0 - Show all commits

1
config.json.example
View File

@ -8,6 +8,7 @@
"myAddress": "localhost",
"httpPort": 80,
"httpsPort": 443,
"administratorNames": [],
"autoCreateAccount": true,
"skipStoryModeChoice": true,
"skipTutorial": true,

1
src/services/configService.ts
View File

@ -25,6 +25,7 @@ interface IConfig {
httpPort?: number;
httpsPort?: number;
myIrcAddresses?: string[];
administratorNames?: string[];
autoCreateAccount?: boolean;
skipStoryModeChoice?: boolean;
skipTutorial?: boolean;

24
src/services/loginService.ts
View File

@ -2,11 +2,12 @@ import { Account } from "@/src/models/loginModel";
import { createInventory } from "@/src/services/inventoryService";
import { IDatabaseAccount, IDatabaseAccountJson } from "@/src/types/loginTypes";
import { createShip } from "./shipService";
import { Types } from "mongoose";
import { Document, Types } from "mongoose";
import { Loadout } from "@/src/models/inventoryModels/loadoutModel";
import { PersonalRooms } from "@/src/models/personalRoomsModel";
import new_personal_rooms from "@/static/fixed_responses/personalRooms.json";
import { Request } from "express";
import { config } from "@/src/services/configService";
export const isCorrectPassword = (requestPassword: string, databasePassword: string): boolean => {
return requestPassword === databasePassword;
@ -48,20 +49,21 @@ export const createPersonalRooms = async (accountId: Types.ObjectId, shipId: Typ
await personalRooms.save();
};
export const getAccountForRequest = async (req: Request) => {
// eslint-disable-next-line @typescript-eslint/ban-types
type TAccountDocument = Document<unknown, {}, IDatabaseAccountJson> &
IDatabaseAccountJson & { _id: Types.ObjectId; __v: number };
export const getAccountForRequest = async (req: Request): Promise<TAccountDocument> => {
if (!req.query.accountId) {
throw new Error("Request is missing accountId parameter");
}
if (!req.query.nonce || parseInt(req.query.nonce as string) === 0) {
throw new Error("Request is missing nonce parameter");
}
const account = await Account.findOne(
{
_id: req.query.accountId,
Nonce: req.query.nonce
},
"_id"
);
const account = await Account.findOne({
_id: req.query.accountId,
Nonce: req.query.nonce
});
if (!account) {
throw new Error("Invalid accountId-nonce pair");
}
@ -71,3 +73,7 @@ export const getAccountForRequest = async (req: Request) => {
export const getAccountIdForRequest = async (req: Request): Promise<string> => {
return (await getAccountForRequest(req))._id.toString();
};
export const isAdministrator = (account: TAccountDocument): boolean => {
return !!config.administratorNames?.find(x => x == account.DisplayName);
};