give support reps access
This commit is contained in:
rxdn
parent
bef1a48420
commit
c780307872
36
app/http/endpoints/api/getpermissionlevel.go
Normal file
36
app/http/endpoints/api/getpermissionlevel.go
Normal file
@ -0,0 +1,36 @@
|
||||
package api
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"github.com/TicketsBot/GoPanel/utils"
|
||||
"github.com/TicketsBot/common/permission"
|
||||
"github.com/gin-gonic/gin"
|
||||
"strconv"
|
||||
"strings"
|
||||
)
|
||||
|
||||
func GetPermissionLevel(ctx *gin.Context) {
|
||||
userId := ctx.Keys["userid"].(uint64)
|
||||
|
||||
levels := make(map[string]permission.PermissionLevel)
|
||||
|
||||
for _, raw := range strings.Split(ctx.Query("guilds"), ",") {
|
||||
guildId, err := strconv.ParseUint(raw, 10, 64)
|
||||
if err != nil {
|
||||
ctx.JSON(400, gin.H{
|
||||
"success": false,
|
||||
"error": fmt.Sprintf("invalid guild id: %s", raw),
|
||||
})
|
||||
return
|
||||
}
|
||||
|
||||
level := utils.GetPermissionLevel(guildId, userId)
|
||||
levels[strconv.FormatUint(guildId, 10)] = level
|
||||
}
|
||||
|
||||
|
||||
ctx.JSON(200, gin.H{
|
||||
"success": true,
|
||||
"levels": levels,
|
||||
})
|
||||
}
|
||||
@ -11,7 +11,7 @@ import (
|
||||
)
|
||||
|
||||
// requires AuthenticateCookie middleware to be run before
|
||||
func AuthenticateGuild(isApiMethod bool) gin.HandlerFunc {
|
||||
func AuthenticateGuild(isApiMethod bool, requiredPermissionLevel permission.PermissionLevel) gin.HandlerFunc {
|
||||
return func(ctx *gin.Context) {
|
||||
if guildId, ok := ctx.Params.Get("id"); ok {
|
||||
parsed, err := strconv.ParseUint(guildId, 10, 64)
|
||||
@ -46,7 +46,7 @@ func AuthenticateGuild(isApiMethod bool) gin.HandlerFunc {
|
||||
|
||||
// Verify the user has permissions to be here
|
||||
userId := ctx.Keys["userid"].(uint64)
|
||||
if utils.GetPermissionLevel(guild.Id, userId) != permission.Admin {
|
||||
if utils.GetPermissionLevel(guild.Id, userId) < requiredPermissionLevel {
|
||||
if isApiMethod {
|
||||
ctx.AbortWithStatusJSON(403, gin.H{
|
||||
"success": false,
|
||||
|
||||
@ -7,6 +7,7 @@ import (
|
||||
"github.com/TicketsBot/GoPanel/app/http/endpoints/root"
|
||||
"github.com/TicketsBot/GoPanel/app/http/middleware"
|
||||
"github.com/TicketsBot/GoPanel/config"
|
||||
"github.com/TicketsBot/common/permission"
|
||||
"github.com/gin-contrib/multitemplate"
|
||||
"github.com/gin-contrib/static"
|
||||
"github.com/gin-gonic/contrib/sessions"
|
||||
@ -53,67 +54,70 @@ func StartServer() {
|
||||
{
|
||||
authorized.POST("/token", api.TokenHandler)
|
||||
|
||||
authenticateGuild := authorized.Group("/", middleware.AuthenticateGuild(false))
|
||||
authenticateGuildAdmin := authorized.Group("/", middleware.AuthenticateGuild(false, permission.Admin))
|
||||
authenticateGuildSupport := authorized.Group("/", middleware.AuthenticateGuild(false, permission.Support))
|
||||
|
||||
authorized.GET("/", root.IndexHandler)
|
||||
authorized.GET("/whitelabel", root.WhitelabelHandler)
|
||||
authorized.GET("/logout", root.LogoutHandler)
|
||||
|
||||
authenticateGuild.GET("/manage/:id/settings", manage.SettingsHandler)
|
||||
authenticateGuild.GET("/manage/:id/logs", manage.LogsHandler)
|
||||
authenticateGuild.GET("/manage/:id/logs/modmail", manage.ModmailLogsHandler)
|
||||
authenticateGuild.GET("/manage/:id/blacklist", manage.BlacklistHandler)
|
||||
authenticateGuild.GET("/manage/:id/panels", manage.PanelHandler)
|
||||
authenticateGuild.GET("/manage/:id/tags", manage.TagsHandler)
|
||||
authenticateGuildAdmin.GET("/manage/:id/settings", manage.SettingsHandler)
|
||||
authenticateGuildSupport.GET("/manage/:id/logs", manage.LogsHandler)
|
||||
authenticateGuildSupport.GET("/manage/:id/logs/modmail", manage.ModmailLogsHandler)
|
||||
authenticateGuildSupport.GET("/manage/:id/blacklist", manage.BlacklistHandler)
|
||||
authenticateGuildAdmin.GET("/manage/:id/panels", manage.PanelHandler)
|
||||
authenticateGuildSupport.GET("/manage/:id/tags", manage.TagsHandler)
|
||||
|
||||
authenticateGuild.GET("/manage/:id/tickets", manage.TicketListHandler)
|
||||
authenticateGuild.GET("/manage/:id/tickets/view/:ticketId", manage.TicketViewHandler)
|
||||
authenticateGuildSupport.GET("/manage/:id/tickets", manage.TicketListHandler)
|
||||
authenticateGuildSupport.GET("/manage/:id/tickets/view/:ticketId", manage.TicketViewHandler)
|
||||
|
||||
authorized.GET("/webchat", manage.WebChatWs)
|
||||
}
|
||||
|
||||
apiGroup := router.Group("/api", middleware.AuthenticateToken)
|
||||
guildAuthApi := apiGroup.Group("/:id", middleware.AuthenticateGuild(true))
|
||||
guildAuthApiAdmin := apiGroup.Group("/:id", middleware.AuthenticateGuild(true, permission.Admin))
|
||||
guildAuthApiSupport := apiGroup.Group("/:id", middleware.AuthenticateGuild(true, permission.Support))
|
||||
{
|
||||
guildAuthApi.GET("/channels", api.ChannelsHandler)
|
||||
guildAuthApi.GET("/premium", api.PremiumHandler)
|
||||
guildAuthApi.GET("/user/:user", api.UserHandler)
|
||||
guildAuthApi.GET("/roles", api.RolesHandler)
|
||||
guildAuthApiSupport.GET("/channels", api.ChannelsHandler)
|
||||
guildAuthApiSupport.GET("/premium", api.PremiumHandler)
|
||||
guildAuthApiSupport.GET("/user/:user", api.UserHandler)
|
||||
guildAuthApiSupport.GET("/roles", api.RolesHandler)
|
||||
|
||||
guildAuthApi.GET("/settings", api.GetSettingsHandler)
|
||||
guildAuthApi.POST("/settings", api.UpdateSettingsHandler)
|
||||
guildAuthApiAdmin.GET("/settings", api.GetSettingsHandler)
|
||||
guildAuthApiAdmin.POST("/settings", api.UpdateSettingsHandler)
|
||||
|
||||
guildAuthApi.GET("/blacklist", api.GetBlacklistHandler)
|
||||
guildAuthApi.PUT("/blacklist", api.AddBlacklistHandler)
|
||||
guildAuthApi.DELETE("/blacklist/:user", api.RemoveBlacklistHandler)
|
||||
guildAuthApiSupport.GET("/blacklist", api.GetBlacklistHandler)
|
||||
guildAuthApiSupport.PUT("/blacklist", api.AddBlacklistHandler)
|
||||
guildAuthApiSupport.DELETE("/blacklist/:user", api.RemoveBlacklistHandler)
|
||||
|
||||
guildAuthApi.GET("/panels", api.ListPanels)
|
||||
guildAuthApi.PUT("/panels", api.CreatePanel)
|
||||
guildAuthApi.PUT("/panels/:message", api.UpdatePanel)
|
||||
guildAuthApi.DELETE("/panels/:message", api.DeletePanel)
|
||||
guildAuthApiAdmin.GET("/panels", api.ListPanels)
|
||||
guildAuthApiAdmin.PUT("/panels", api.CreatePanel)
|
||||
guildAuthApiAdmin.PUT("/panels/:message", api.UpdatePanel)
|
||||
guildAuthApiAdmin.DELETE("/panels/:message", api.DeletePanel)
|
||||
|
||||
guildAuthApi.GET("/logs/", api.GetLogs)
|
||||
guildAuthApi.GET("/modmail/logs/", api.GetModmailLogs)
|
||||
guildAuthApiSupport.GET("/logs/", api.GetLogs)
|
||||
guildAuthApiSupport.GET("/modmail/logs/", api.GetModmailLogs)
|
||||
|
||||
guildAuthApi.GET("/tickets", api.GetTickets)
|
||||
guildAuthApi.GET("/tickets/:ticketId", api.GetTicket)
|
||||
guildAuthApi.POST("/tickets/:ticketId", api.SendMessage)
|
||||
guildAuthApi.DELETE("/tickets/:ticketId", api.CloseTicket)
|
||||
guildAuthApiSupport.GET("/tickets", api.GetTickets)
|
||||
guildAuthApiSupport.GET("/tickets/:ticketId", api.GetTicket)
|
||||
guildAuthApiSupport.POST("/tickets/:ticketId", api.SendMessage)
|
||||
guildAuthApiSupport.DELETE("/tickets/:ticketId", api.CloseTicket)
|
||||
|
||||
guildAuthApi.GET("/tags", api.TagsListHandler)
|
||||
guildAuthApi.PUT("/tags", api.CreateTag)
|
||||
guildAuthApi.DELETE("/tags/:tag", api.DeleteTag)
|
||||
guildAuthApiSupport.GET("/tags", api.TagsListHandler)
|
||||
guildAuthApiSupport.PUT("/tags", api.CreateTag)
|
||||
guildAuthApiSupport.DELETE("/tags/:tag", api.DeleteTag)
|
||||
|
||||
guildAuthApi.GET("/claimsettings", api.GetClaimSettings)
|
||||
guildAuthApi.POST("/claimsettings", api.PostClaimSettings)
|
||||
guildAuthApiAdmin.GET("/claimsettings", api.GetClaimSettings)
|
||||
guildAuthApiAdmin.POST("/claimsettings", api.PostClaimSettings)
|
||||
|
||||
guildAuthApi.GET("/autoclose", api.GetAutoClose)
|
||||
guildAuthApi.POST("/autoclose", api.PostAutoClose)
|
||||
guildAuthApiAdmin.GET("/autoclose", api.GetAutoClose)
|
||||
guildAuthApiAdmin.POST("/autoclose", api.PostAutoClose)
|
||||
}
|
||||
|
||||
userGroup := router.Group("/user", middleware.AuthenticateToken)
|
||||
{
|
||||
userGroup.GET("/guilds", api.GetGuilds)
|
||||
userGroup.GET("/permissionlevel", api.GetPermissionLevel)
|
||||
|
||||
{
|
||||
whitelabelGroup := userGroup.Group("/whitelabel", middleware.VerifyWhitelabel(false))
|
||||
|
||||
@ -30,9 +30,22 @@
|
||||
</div>
|
||||
|
||||
<script>
|
||||
async function getPermissionLevels(guilds) {
|
||||
const res = await axios.get('/user/permissionlevel?guilds=' + guilds.map(guild => guild.id).join(","));
|
||||
if (res.status !== 200 || !res.data.success) {
|
||||
showToast('Error', res.data.error);
|
||||
return;
|
||||
}
|
||||
|
||||
return res.data.levels;
|
||||
}
|
||||
|
||||
async function loadData() {
|
||||
const res = await axios.get('/user/guilds');
|
||||
|
||||
const permissionLevels = await getPermissionLevels(res.data);
|
||||
console.log(permissionLevels)
|
||||
|
||||
if (res.data.length > 0) {
|
||||
document.getElementById('guild-table').style.display = 'table';
|
||||
|
||||
@ -43,7 +56,14 @@
|
||||
const td = document.createElement('td');
|
||||
|
||||
const link = document.createElement('a');
|
||||
link.href = `/manage/${guild.id}/settings`;
|
||||
|
||||
// admin
|
||||
if (permissionLevels[guild.id] === 2) {
|
||||
link.href = `/manage/${guild.id}/settings`;
|
||||
} else {
|
||||
link.href = `/manage/${guild.id}/logs`;
|
||||
}
|
||||
|
||||
link.classList.add('server');
|
||||
link.appendChild(document.createTextNode(guild.name));
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user