From 9d83d3b66823a8dcd93ed7e4500834c502df15fd Mon Sep 17 00:00:00 2001 From: Dot-Rar Date: Tue, 24 Mar 2020 17:39:42 +0000 Subject: [PATCH] fix permission check --- app/http/endpoints/manage/blacklist.go | 4 ++-- app/http/endpoints/manage/blacklistremove.go | 4 ++-- app/http/endpoints/manage/logs.go | 4 ++-- app/http/endpoints/manage/panelcreate.go | 4 ++-- app/http/endpoints/manage/paneldelete.go | 4 ++-- app/http/endpoints/manage/panels.go | 4 ++-- app/http/endpoints/manage/sendmessage.go | 4 ++-- app/http/endpoints/manage/settings.go | 4 ++-- app/http/endpoints/manage/ticketclose.go | 4 ++-- app/http/endpoints/manage/ticketlist.go | 4 ++-- app/http/endpoints/manage/ticketview.go | 4 ++-- app/http/endpoints/manage/updatesettings.go | 4 ++-- app/http/endpoints/manage/viewlog.go | 4 ++-- app/http/endpoints/manage/webchatws.go | 4 ++-- app/http/endpoints/root/index.go | 2 +- utils/permissionutils.go | 2 +- 16 files changed, 30 insertions(+), 30 deletions(-) diff --git a/app/http/endpoints/manage/blacklist.go b/app/http/endpoints/manage/blacklist.go index 3094d06..df94fb1 100644 --- a/app/http/endpoints/manage/blacklist.go +++ b/app/http/endpoints/manage/blacklist.go @@ -44,8 +44,8 @@ func BlacklistHandler(ctx *gin.Context) { // Verify the user has permissions to be here isAdmin := make(chan bool) - go utils.IsAdmin(store, guild, guildId, userId, isAdmin) - if <-isAdmin { + go utils.IsAdmin(guild, guildId, userId, isAdmin) + if !<-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/blacklistremove.go b/app/http/endpoints/manage/blacklistremove.go index 9b6c7de..6332774 100644 --- a/app/http/endpoints/manage/blacklistremove.go +++ b/app/http/endpoints/manage/blacklistremove.go @@ -45,8 +45,8 @@ func BlacklistRemoveHandler(ctx *gin.Context) { // Verify the user has permissions to be here isAdmin := make(chan bool) - go utils.IsAdmin(store, guild, guildId, userId, isAdmin) - if <-isAdmin { + go utils.IsAdmin(guild, guildId, userId, isAdmin) + if !<-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/logs.go b/app/http/endpoints/manage/logs.go index 6eb9b6c..468b021 100644 --- a/app/http/endpoints/manage/logs.go +++ b/app/http/endpoints/manage/logs.go @@ -53,8 +53,8 @@ func LogsHandler(ctx *gin.Context) { // Verify the user has permissions to be here isAdmin := make(chan bool) - go utils.IsAdmin(store, guild, guildId, userId, isAdmin) - if <-isAdmin { + go utils.IsAdmin(guild, guildId, userId, isAdmin) + if !<-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/panelcreate.go b/app/http/endpoints/manage/panelcreate.go index fb80d6b..45b56b2 100644 --- a/app/http/endpoints/manage/panelcreate.go +++ b/app/http/endpoints/manage/panelcreate.go @@ -47,8 +47,8 @@ func PanelCreateHandler(ctx *gin.Context) { // Verify the user has permissions to be here isAdmin := make(chan bool) - go utils.IsAdmin(store, guild, guildId, userId, isAdmin) - if <-isAdmin { + go utils.IsAdmin(guild, guildId, userId, isAdmin) + if !<-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/paneldelete.go b/app/http/endpoints/manage/paneldelete.go index aa9b152..886da49 100644 --- a/app/http/endpoints/manage/paneldelete.go +++ b/app/http/endpoints/manage/paneldelete.go @@ -51,8 +51,8 @@ func PanelDeleteHandler(ctx *gin.Context) { // Verify the user has permissions to be here isAdmin := make(chan bool) - go utils.IsAdmin(store, guild, guildId, userId, isAdmin) - if <-isAdmin { + go utils.IsAdmin(guild, guildId, userId, isAdmin) + if !<-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/panels.go b/app/http/endpoints/manage/panels.go index d008f84..4399931 100644 --- a/app/http/endpoints/manage/panels.go +++ b/app/http/endpoints/manage/panels.go @@ -52,8 +52,8 @@ func PanelHandler(ctx *gin.Context) { // Verify the user has permissions to be here isAdmin := make(chan bool) - go utils.IsAdmin(store, guild, guildId, userId, isAdmin) - if <-isAdmin { + go utils.IsAdmin(guild, guildId, userId, isAdmin) + if !<-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/sendmessage.go b/app/http/endpoints/manage/sendmessage.go index 3e64c31..aebaa0e 100644 --- a/app/http/endpoints/manage/sendmessage.go +++ b/app/http/endpoints/manage/sendmessage.go @@ -47,8 +47,8 @@ func SendMessage(ctx *gin.Context) { // Verify the user has permissions to be here isAdmin := make(chan bool) - go utils.IsAdmin(store, guild, guildId, userId, isAdmin) - if <-isAdmin { + go utils.IsAdmin(guild, guildId, userId, isAdmin) + if !<-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/settings.go b/app/http/endpoints/manage/settings.go index 242a145..0c4a675 100644 --- a/app/http/endpoints/manage/settings.go +++ b/app/http/endpoints/manage/settings.go @@ -44,8 +44,8 @@ func SettingsHandler(ctx *gin.Context) { // Verify the user has permissions to be here isAdmin := make(chan bool) - go utils.IsAdmin(store, guild, guildId, userId, isAdmin) - if <-isAdmin { + go utils.IsAdmin(guild, guildId, userId, isAdmin) + if !<-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/ticketclose.go b/app/http/endpoints/manage/ticketclose.go index 10b1d55..ff8cffd 100644 --- a/app/http/endpoints/manage/ticketclose.go +++ b/app/http/endpoints/manage/ticketclose.go @@ -46,8 +46,8 @@ func TicketCloseHandler(ctx *gin.Context) { // Verify the user has permissions to be here isAdmin := make(chan bool) - go utils.IsAdmin(store, guild, guildId, userId, isAdmin) - if <-isAdmin { + go utils.IsAdmin(guild, guildId, userId, isAdmin) + if !<-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/ticketlist.go b/app/http/endpoints/manage/ticketlist.go index fa74148..ea4d40c 100644 --- a/app/http/endpoints/manage/ticketlist.go +++ b/app/http/endpoints/manage/ticketlist.go @@ -45,8 +45,8 @@ func TicketListHandler(ctx *gin.Context) { // Verify the user has permissions to be here isAdmin := make(chan bool) - go utils.IsAdmin(store, guild, guildId, userId, isAdmin) - if <-isAdmin { + go utils.IsAdmin(guild, guildId, userId, isAdmin) + if !<-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/ticketview.go b/app/http/endpoints/manage/ticketview.go index 998e1d8..57a6a81 100644 --- a/app/http/endpoints/manage/ticketview.go +++ b/app/http/endpoints/manage/ticketview.go @@ -50,8 +50,8 @@ func TicketViewHandler(ctx *gin.Context) { // Verify the user has permissions to be here isAdmin := make(chan bool) - go utils.IsAdmin(store, guild, guildId, userId, isAdmin) - if <-isAdmin { + go utils.IsAdmin(guild, guildId, userId, isAdmin) + if !<-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/updatesettings.go b/app/http/endpoints/manage/updatesettings.go index 1da9ddc..5c0427f 100644 --- a/app/http/endpoints/manage/updatesettings.go +++ b/app/http/endpoints/manage/updatesettings.go @@ -45,8 +45,8 @@ func UpdateSettingsHandler(ctx *gin.Context) { // Verify the user has permissions to be here isAdmin := make(chan bool) - go utils.IsAdmin(store, guild, guildId, userId, isAdmin) - if <-isAdmin { + go utils.IsAdmin(guild, guildId, userId, isAdmin) + if !<-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/viewlog.go b/app/http/endpoints/manage/viewlog.go index 362a121..107cc56 100644 --- a/app/http/endpoints/manage/viewlog.go +++ b/app/http/endpoints/manage/viewlog.go @@ -48,8 +48,8 @@ func LogViewHandler(ctx *gin.Context) { // Verify the user has permissions to be here isAdmin := make(chan bool) - go utils.IsAdmin(store, guild, guildId, userId, isAdmin) - if <-isAdmin { + go utils.IsAdmin(guild, guildId, userId, isAdmin) + if !<-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/webchatws.go b/app/http/endpoints/manage/webchatws.go index 8bc7b1b..16fad4c 100644 --- a/app/http/endpoints/manage/webchatws.go +++ b/app/http/endpoints/manage/webchatws.go @@ -137,8 +137,8 @@ func WebChatWs(ctx *gin.Context) { // Verify the user has permissions to be here isAdmin := make(chan bool) - go utils.IsAdmin(store, guild, guildIdParsed, userId, isAdmin) - if <-isAdmin { + go utils.IsAdmin(guild, guildIdParsed, userId, isAdmin) + if !<-isAdmin { fmt.Println(err.Error()) conn.Close() return diff --git a/app/http/endpoints/root/index.go b/app/http/endpoints/root/index.go index d8ead4a..cbdfb41 100644 --- a/app/http/endpoints/root/index.go +++ b/app/http/endpoints/root/index.go @@ -33,7 +33,7 @@ func IndexHandler(ctx *gin.Context) { } isAdmin := make(chan bool) - go utils.IsAdmin(store, guild, guildId, userId, isAdmin) + go utils.IsAdmin(guild, guildId, userId, isAdmin) if <-isAdmin { adminGuilds = append(adminGuilds, guild) } diff --git a/utils/permissionutils.go b/utils/permissionutils.go index c9cf55c..1a56136 100644 --- a/utils/permissionutils.go +++ b/utils/permissionutils.go @@ -14,7 +14,7 @@ import ( var roleCache = cache.New(time.Minute, time.Minute) -func IsAdmin(store sessions.Session, guild objects.Guild, guildId, userId int64, res chan bool) { +func IsAdmin(guild objects.Guild, guildId, userId int64, res chan bool) { if Contains(config.Conf.Admins, strconv.Itoa(int(userId))) { res <- true }