Room management, User management

2024-08-23 21:37:12 -04:00
parent fcc0ffb802
commit 3e1b5495f8
3 changed files with 128 additions and 9 deletions
--- a/server/migrations/20240727041731_create_everything.sql
+++ b/server/migrations/20240727041731_create_everything.sql
@@ -25,3 +25,8 @@ CREATE TABLE IF NOT EXISTS message (
                referencing_id INTEGER,
                emoji TEXT
            );
+
+CREATE TABLE IF NOT EXISTS banned (
+                id INTEGER PRIMARY KEY,
+                userid VARCHAR(255) NOT NULL
+            );
--- a/server/src/server.rs
+++ b/server/src/server.rs
@@ -5,7 +5,6 @@ use chrono::{DateTime, Utc};
 use moka::future::Cache;
 use sqlx::{FromRow, Pool, query_as, Sqlite};
 use sqlx::query;
-use sqlx::sqlite::SqliteRow;
 use tarpc::context::Context;
 use tracing::error;
 use realm_auth::types::RealmAuthClient;
@@ -52,6 +51,10 @@ impl RealmChatServer {
 	async fn is_stoken_valid(&self, userid: &str, stoken: &str) -> bool {
 		match self.cache.get(stoken).await {
 		    None => {
+				if !self.is_user_in_server(userid).await {
+					return false;
+				}
+				
 				let result = self.auth_client.server_token_validation(
 					tarpc::context::current(), stoken.to_string(), userid.to_string(), self.server_id.clone(), self.domain.clone(), self.port)
 					.await;
@@ -90,6 +93,15 @@ impl RealmChatServer {
 		false
 	}
 	
+	async fn is_user_in_server(&self, userid: &str) -> bool {
+		let result = query!("SELECT NOT EXISTS (SELECT 1 FROM user WHERE userid = ?) AS does_exist", userid).fetch_one(&self.db_pool).await;
+		
+		match result {
+			Ok(record) => record.does_exist != 0,
+			Err(_) => false
+		}
+	}
+
 	async fn inner_get_all_direct_replies(&self, stoken: &str, head: i64) -> Result<Vec<Message>, ErrorCode> {
 		let is_admin = self.is_user_admin(stoken).await;
 		let result = sqlx::query(&format!("{}{}", FETCH_MESSAGE, "AND message.referencing_id = ?"))
@@ -331,4 +343,107 @@ impl RealmChat for RealmChatServer {
 			Err(_) => Err(Error),
 		}
 	}
+
+	async fn join_server(self, _: Context, stoken: String, user: User) -> Result<User, ErrorCode> {
+		todo!()
+	}
+
+	async fn create_room(self, _: Context, stoken: String, room: Room) -> Result<Room, ErrorCode> {
+		if !self.is_user_admin(&stoken).await {
+			return Err(Unauthorized)
+		}
+
+		let result = query!("INSERT INTO room (roomid, name, admin_only_send, admin_only_view) VALUES (?,?,?,?)",
+			room.roomid, room.name, room.admin_only_send, room.admin_only_view)
+			.execute(&self.db_pool).await;
+
+		match result {
+			Ok(_) => {
+				// TODO: tell everyone
+				Ok(room)
+			}
+			Err(_) => Err(MalformedDBResponse)
+		}
+	}
+
+	async fn delete_room(self, _: Context, stoken: String, roomid: String) -> Result<(), ErrorCode> {
+		if !self.is_user_admin(&stoken).await {
+			return Err(Unauthorized)
+		}
+
+		let result = query!("DELETE FROM room WHERE roomid = ?", roomid).execute(&self.db_pool).await;
+
+		match result {
+			Ok(_) => {
+				// TODO: tell everyone
+				Ok(())
+			}
+			Err(_) => Err(MalformedDBResponse)
+		}
+	}
+
+	async fn rename_room(self, _: Context, stoken: String, roomid: String, new_name: String) -> Result<(), ErrorCode> {
+		if !self.is_user_admin(&stoken).await {
+			return Err(Unauthorized)
+		}
+
+		let result = query!("UPDATE room SET name = ? WHERE roomid = ?", new_name, roomid).execute(&self.db_pool).await;
+
+		match result {
+			Ok(_) => {
+				// TODO: tell everyone
+				Ok(())
+			}
+			Err(_) => Err(MalformedDBResponse)
+		}
+	}
+
+	async fn kick_user(self, _: Context, stoken: String, userid: String) -> Result<(), ErrorCode> {
+		if !self.is_user_admin(&stoken).await {
+			return Err(Unauthorized)
+		}
+
+		let result = query!("DELETE FROM user WHERE userid = ?", userid).execute(&self.db_pool).await;
+
+		match result {
+			Ok(_) => {
+				// TODO: tell everyone
+				Ok(())
+			}
+			Err(_) => Err(MalformedDBResponse)
+		}
+	}
+
+	async fn ban_user(self, _: Context, stoken: String, userid: String) -> Result<(), ErrorCode> {
+		if !self.is_user_admin(&stoken).await {
+			return Err(Unauthorized)
+		}
+
+		query!("DELETE FROM user WHERE userid = ?", userid).execute(&self.db_pool).await.unwrap();
+		let result = query!("INSERT INTO banned (userid) VALUES (?)", userid).execute(&self.db_pool).await;
+
+		match result {
+			Ok(_) => {
+				// TODO: tell everyone
+				Ok(())
+			}
+			Err(_) => Err(MalformedDBResponse)
+		}
+	}
+
+	async fn pardon_user(self, _: Context, stoken: String, userid: String) -> Result<(), ErrorCode> {
+		if !self.is_user_admin(&stoken).await {
+			return Err(Unauthorized)
+		}
+
+		let result = query!("DELETE FROM banned WHERE userid = ?", userid).execute(&self.db_pool).await;
+
+		match result {
+			Ok(_) => {
+				// TODO: tell everyone
+				Ok(())
+			}
+			Err(_) => Err(MalformedDBResponse)
+		}
+	}
 }
--- a/server/src/types.rs
+++ b/server/src/types.rs
@@ -27,14 +27,13 @@ pub trait RealmChat {
 	async fn get_user(userid: String) -> Result<User, ErrorCode>;
 	async fn get_users() -> Result<Vec<User>, ErrorCode>;
 	async fn get_online_users() -> Result<Vec<User>, ErrorCode>;
-
-	//TODO: Admin access only!
-	// async fn create_room() -> Result<Room, ErrorCode>;
-	// delete room
-	// delete any message
-	// kick user
-	// ban user
-	// unban user
+	async fn join_server(stoken: String, user: User) -> Result<User, ErrorCode>;
+	async fn create_room(stoken: String, room: Room) -> Result<Room, ErrorCode>;
+	async fn delete_room(stoken: String, roomid: String) -> Result<(), ErrorCode>;
+	async fn rename_room(stoken: String, roomid: String, new_name: String) -> Result<(), ErrorCode>;
+	async fn kick_user(stoken: String, userid: String) -> Result<(), ErrorCode>;
+	async fn ban_user(stoken: String, userid: String) -> Result<(), ErrorCode>;
+	async fn pardon_user(stoken: String, userid: String) -> Result<(), ErrorCode>;
 }

 #[derive(Debug, Clone, Serialize, Deserialize, FromRow)]