3
0
Fork 0
mirror of https://github.com/ZeppelinBot/Zeppelin.git synced 2025-03-16 14:11:50 +00:00
zeppelin/backend/src/api/guilds.ts

73 lines
2.8 KiB
TypeScript
Raw Normal View History

2019-11-08 00:04:24 +02:00
import express, { Request, Response } from "express";
import { AllowedGuilds } from "../data/AllowedGuilds";
2019-11-08 00:04:24 +02:00
import { clientError, ok, serverError, unauthorized } from "./responses";
import { Configs } from "../data/Configs";
import { validateGuildConfig } from "../configValidator";
import yaml, { YAMLException } from "js-yaml";
import { apiTokenAuthHandlers } from "./auth";
2019-11-08 00:04:24 +02:00
import { ApiPermissions, hasPermission, permissionArrToSet } from "@shared/apiPermissions";
import { ApiPermissionAssignments } from "../data/ApiPermissionAssignments";
export function initGuildsAPI(app: express.Express) {
const allowedGuilds = new AllowedGuilds();
2019-11-08 00:04:24 +02:00
const apiPermissionAssignments = new ApiPermissionAssignments();
const configs = new Configs();
2019-11-08 00:04:24 +02:00
app.get("/guilds/available", ...apiTokenAuthHandlers(), async (req: Request, res: Response) => {
2019-06-23 19:18:41 +03:00
const guilds = await allowedGuilds.getForApiUser(req.user.userId);
res.json(guilds);
});
2019-11-08 00:04:24 +02:00
app.get("/guilds/:guildId/config", ...apiTokenAuthHandlers(), async (req: Request, res: Response) => {
const permAssignment = await apiPermissionAssignments.getByGuildAndUserId(req.params.guildId, req.user.userId);
if (!permAssignment || !hasPermission(permissionArrToSet(permAssignment.permissions), ApiPermissions.ReadConfig)) {
return unauthorized(res);
}
const config = await configs.getActiveByKey(`guild-${req.params.guildId}`);
res.json({ config: config ? config.config : "" });
});
app.post("/guilds/:guildId/config", ...apiTokenAuthHandlers(), async (req, res) => {
2019-11-08 00:04:24 +02:00
const permAssignment = await apiPermissionAssignments.getByGuildAndUserId(req.params.guildId, req.user.userId);
if (!permAssignment || !hasPermission(permissionArrToSet(permAssignment.permissions), ApiPermissions.EditConfig)) {
return unauthorized(res);
}
let config = req.body.config;
if (config == null) return clientError(res, "No config supplied");
config = config.trim() + "\n"; // Normalize start/end whitespace in the config
const currentConfig = await configs.getActiveByKey(`guild-${req.params.guildId}`);
if (config === currentConfig.config) {
return ok(res);
}
// Validate config
let parsedConfig;
try {
parsedConfig = yaml.safeLoad(config);
} catch (e) {
if (e instanceof YAMLException) {
return res.status(400).json({ errors: [e.message] });
}
console.error("Error when loading YAML: " + e.message);
return serverError(res, "Server error");
}
if (parsedConfig == null) {
parsedConfig = {};
}
const errors = validateGuildConfig(parsedConfig);
if (errors) {
return res.status(422).json({ errors });
}
await configs.saveNewRevision(`guild-${req.params.guildId}`, config, req.user.userId);
ok(res);
});
}