zeppelin/src/api/guilds.ts

import express from "express";
import passport from "passport";
import { AllowedGuilds } from "../data/AllowedGuilds";
import { ApiPermissions } from "../data/ApiPermissions";
import { clientError, error, ok, serverError, unauthorized } from "./responses";
import { Configs } from "../data/Configs";
import { ApiRoles } from "../data/ApiRoles";
import { validateGuildConfig } from "../configValidator";
import yaml, { YAMLException } from "js-yaml";
import { apiTokenAuthHandlers } from "./auth";

export function initGuildsAPI(app: express.Express) {
  const allowedGuilds = new AllowedGuilds();
  const apiPermissions = new ApiPermissions();
  const configs = new Configs();

  app.get("/guilds/available", ...apiTokenAuthHandlers(), async (req, res) => {
    const guilds = await allowedGuilds.getForApiUser(req.user.userId);
    res.json(guilds);
  });

  app.get("/guilds/:guildId/config", ...apiTokenAuthHandlers(), async (req, res) => {
    const permissions = await apiPermissions.getByGuildAndUserId(req.params.guildId, req.user.userId);
    if (!permissions) return unauthorized(res);

    const config = await configs.getActiveByKey(`guild-${req.params.guildId}`);
    res.json({ config: config ? config.config : "" });
  });

  app.post("/guilds/:guildId/config", ...apiTokenAuthHandlers(), async (req, res) => {
    const permissions = await apiPermissions.getByGuildAndUserId(req.params.guildId, req.user.userId);
    if (!permissions || ApiRoles[permissions.role] < ApiRoles.Editor) return unauthorized(res);

    let config = req.body.config;
    if (config == null) return clientError(res, "No config supplied");

    config = config.trim() + "\n"; // Normalize start/end whitespace in the config

    const currentConfig = await configs.getActiveByKey(`guild-${req.params.guildId}`);
    if (config === currentConfig.config) {
      return ok(res);
    }

    // Validate config
    let parsedConfig;
    try {
      parsedConfig = yaml.safeLoad(config);
    } catch (e) {
      if (e instanceof YAMLException) {
        return error(res, e.message, 400);
      }

      console.error("Error when loading YAML: " + e.message);
      return serverError(res, "Server error");
    }

    if (parsedConfig == null) {
      parsedConfig = {};
    }

    const errors = validateGuildConfig(parsedConfig);
    if (errors) {
      return res.status(422).json({ errors });
    }

    await configs.saveNewRevision(`guild-${req.params.guildId}`, config, req.user.userId);
    ok(res);
  });
}
Dashboard work. Move configs to DB. Some script reorganization. Add nodemon configs. 2019-06-22 18:52:24 +03:00			`import express from "express";`
			`import passport from "passport";`
			`import { AllowedGuilds } from "../data/AllowedGuilds";`
Dashboard work and related 2019-06-23 19:18:41 +03:00			`import { ApiPermissions } from "../data/ApiPermissions";`
Switch from ajv to io-ts for config validation; validate configs on save in the API/dashboard; start work on creating io-ts schemas for all plugins 2019-07-11 12:23:57 +03:00			`import { clientError, error, ok, serverError, unauthorized } from "./responses";`
dashboard: auth fixes, guild listing, config editing 2019-06-23 03:40:53 +03:00			`import { Configs } from "../data/Configs";`
Dashboard work and related 2019-06-23 19:18:41 +03:00			`import { ApiRoles } from "../data/ApiRoles";`
Switch from ajv to io-ts for config validation; validate configs on save in the API/dashboard; start work on creating io-ts schemas for all plugins 2019-07-11 12:23:57 +03:00			`import { validateGuildConfig } from "../configValidator";`
			`import yaml, { YAMLException } from "js-yaml";`
Fix overzealous auth requirement in API 2019-07-22 00:49:05 +03:00			`import { apiTokenAuthHandlers } from "./auth";`
Dashboard work. Move configs to DB. Some script reorganization. Add nodemon configs. 2019-06-22 18:52:24 +03:00
			`export function initGuildsAPI(app: express.Express) {`
			`const allowedGuilds = new AllowedGuilds();`
Dashboard work and related 2019-06-23 19:18:41 +03:00			`const apiPermissions = new ApiPermissions();`
dashboard: auth fixes, guild listing, config editing 2019-06-23 03:40:53 +03:00			`const configs = new Configs();`
Dashboard work. Move configs to DB. Some script reorganization. Add nodemon configs. 2019-06-22 18:52:24 +03:00
Fix overzealous auth requirement in API 2019-07-22 00:49:05 +03:00			`app.get("/guilds/available", ...apiTokenAuthHandlers(), async (req, res) => {`
Dashboard work and related 2019-06-23 19:18:41 +03:00			`const guilds = await allowedGuilds.getForApiUser(req.user.userId);`
dashboard: auth fixes, guild listing, config editing 2019-06-23 03:40:53 +03:00			`res.json(guilds);`
Dashboard work. Move configs to DB. Some script reorganization. Add nodemon configs. 2019-06-22 18:52:24 +03:00			`});`
dashboard: auth fixes, guild listing, config editing 2019-06-23 03:40:53 +03:00
Fix overzealous auth requirement in API 2019-07-22 00:49:05 +03:00			`app.get("/guilds/:guildId/config", ...apiTokenAuthHandlers(), async (req, res) => {`
Dashboard work and related 2019-06-23 19:18:41 +03:00			`const permissions = await apiPermissions.getByGuildAndUserId(req.params.guildId, req.user.userId);`
			`if (!permissions) return unauthorized(res);`
dashboard: auth fixes, guild listing, config editing 2019-06-23 03:40:53 +03:00
			const config = await configs.getActiveByKey(`guild-${req.params.guildId}`);
			`res.json({ config: config ? config.config : "" });`
			`});`

Fix overzealous auth requirement in API 2019-07-22 00:49:05 +03:00			`app.post("/guilds/:guildId/config", ...apiTokenAuthHandlers(), async (req, res) => {`
Dashboard work and related 2019-06-23 19:18:41 +03:00			`const permissions = await apiPermissions.getByGuildAndUserId(req.params.guildId, req.user.userId);`
			`if (!permissions \|\| ApiRoles[permissions.role] < ApiRoles.Editor) return unauthorized(res);`
dashboard: auth fixes, guild listing, config editing 2019-06-23 03:40:53 +03:00
Don't save identical configs as new revisions 2019-07-22 00:14:24 +03:00			`let config = req.body.config;`
dashboard: auth fixes, guild listing, config editing 2019-06-23 03:40:53 +03:00			`if (config == null) return clientError(res, "No config supplied");`

Don't save identical configs as new revisions 2019-07-22 00:14:24 +03:00			`config = config.trim() + "\n"; // Normalize start/end whitespace in the config`

			const currentConfig = await configs.getActiveByKey(`guild-${req.params.guildId}`);
			`if (config === currentConfig.config) {`
			`return ok(res);`
			`}`

Switch from ajv to io-ts for config validation; validate configs on save in the API/dashboard; start work on creating io-ts schemas for all plugins 2019-07-11 12:23:57 +03:00			`// Validate config`
			`let parsedConfig;`
			`try {`
			`parsedConfig = yaml.safeLoad(config);`
			`} catch (e) {`
			`if (e instanceof YAMLException) {`
			`return error(res, e.message, 400);`
			`}`

			`console.error("Error when loading YAML: " + e.message);`
			`return serverError(res, "Server error");`
			`}`

			`if (parsedConfig == null) {`
			`parsedConfig = {};`
			`}`

			`const errors = validateGuildConfig(parsedConfig);`
			`if (errors) {`
			`return res.status(422).json({ errors });`
			`}`

dashboard: auth fixes, guild listing, config editing 2019-06-23 03:40:53 +03:00			await configs.saveNewRevision(`guild-${req.params.guildId}`, config, req.user.userId);
			`ok(res);`
			`});`
Dashboard work. Move configs to DB. Some script reorganization. Add nodemon configs. 2019-06-22 18:52:24 +03:00			`}`