diff --git a/app/http/endpoints/manage/blacklist.go b/app/http/endpoints/manage/blacklist.go index f0f6bc0..3094d06 100644 --- a/app/http/endpoints/manage/blacklist.go +++ b/app/http/endpoints/manage/blacklist.go @@ -43,7 +43,9 @@ func BlacklistHandler(ctx *gin.Context) { } // Verify the user has permissions to be here - if !utils.Contains(config.Conf.Admins, userIdStr) && !guild.Owner && !table.IsAdmin(guildId, userId) { + isAdmin := make(chan bool) + go utils.IsAdmin(store, guild, guildId, userId, isAdmin) + if <-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/blacklistremove.go b/app/http/endpoints/manage/blacklistremove.go index f3e8bef..9b6c7de 100644 --- a/app/http/endpoints/manage/blacklistremove.go +++ b/app/http/endpoints/manage/blacklistremove.go @@ -44,7 +44,9 @@ func BlacklistRemoveHandler(ctx *gin.Context) { } // Verify the user has permissions to be here - if !utils.Contains(config.Conf.Admins, userIdStr) && !guild.Owner && !table.IsAdmin(guildId, userId) { + isAdmin := make(chan bool) + go utils.IsAdmin(store, guild, guildId, userId, isAdmin) + if <-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/logs.go b/app/http/endpoints/manage/logs.go index 671782b..6eb9b6c 100644 --- a/app/http/endpoints/manage/logs.go +++ b/app/http/endpoints/manage/logs.go @@ -52,7 +52,9 @@ func LogsHandler(ctx *gin.Context) { } // Verify the user has permissions to be here - if !utils.Contains(config.Conf.Admins, userIdStr) && !guild.Owner && !table.IsAdmin(guildId, userId) { + isAdmin := make(chan bool) + go utils.IsAdmin(store, guild, guildId, userId, isAdmin) + if <-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/panelcreate.go b/app/http/endpoints/manage/panelcreate.go index ade0d02..fb80d6b 100644 --- a/app/http/endpoints/manage/panelcreate.go +++ b/app/http/endpoints/manage/panelcreate.go @@ -46,7 +46,9 @@ func PanelCreateHandler(ctx *gin.Context) { } // Verify the user has permissions to be here - if !utils.Contains(config.Conf.Admins, userIdStr) && !guild.Owner && !table.IsAdmin(guildId, userId) { + isAdmin := make(chan bool) + go utils.IsAdmin(store, guild, guildId, userId, isAdmin) + if <-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/paneldelete.go b/app/http/endpoints/manage/paneldelete.go index adc135e..aa9b152 100644 --- a/app/http/endpoints/manage/paneldelete.go +++ b/app/http/endpoints/manage/paneldelete.go @@ -50,7 +50,9 @@ func PanelDeleteHandler(ctx *gin.Context) { } // Verify the user has permissions to be here - if !utils.Contains(config.Conf.Admins, userIdStr) && !guild.Owner && !table.IsAdmin(guildId, userId) { + isAdmin := make(chan bool) + go utils.IsAdmin(store, guild, guildId, userId, isAdmin) + if <-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/panels.go b/app/http/endpoints/manage/panels.go index 68f8a7c..d008f84 100644 --- a/app/http/endpoints/manage/panels.go +++ b/app/http/endpoints/manage/panels.go @@ -51,7 +51,9 @@ func PanelHandler(ctx *gin.Context) { } // Verify the user has permissions to be here - if !utils.Contains(config.Conf.Admins, userIdStr) && !guild.Owner && !table.IsAdmin(guildId, userId) { + isAdmin := make(chan bool) + go utils.IsAdmin(store, guild, guildId, userId, isAdmin) + if <-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/sendmessage.go b/app/http/endpoints/manage/sendmessage.go index b95022a..3e64c31 100644 --- a/app/http/endpoints/manage/sendmessage.go +++ b/app/http/endpoints/manage/sendmessage.go @@ -46,7 +46,9 @@ func SendMessage(ctx *gin.Context) { } // Verify the user has permissions to be here - if !utils.Contains(config.Conf.Admins, userIdStr) && !guild.Owner && !table.IsAdmin(guildId, userId) { + isAdmin := make(chan bool) + go utils.IsAdmin(store, guild, guildId, userId, isAdmin) + if <-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/settings.go b/app/http/endpoints/manage/settings.go index 0852d5c..242a145 100644 --- a/app/http/endpoints/manage/settings.go +++ b/app/http/endpoints/manage/settings.go @@ -43,7 +43,9 @@ func SettingsHandler(ctx *gin.Context) { } // Verify the user has permissions to be here - if !utils.Contains(config.Conf.Admins, userIdStr) && !guild.Owner && !table.IsAdmin(guildId, userId) { + isAdmin := make(chan bool) + go utils.IsAdmin(store, guild, guildId, userId, isAdmin) + if <-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/ticketclose.go b/app/http/endpoints/manage/ticketclose.go index cf88140..10b1d55 100644 --- a/app/http/endpoints/manage/ticketclose.go +++ b/app/http/endpoints/manage/ticketclose.go @@ -45,7 +45,9 @@ func TicketCloseHandler(ctx *gin.Context) { } // Verify the user has permissions to be here - if !utils.Contains(config.Conf.Admins, userIdStr) && !guild.Owner && !table.IsAdmin(guildId, userId) { + isAdmin := make(chan bool) + go utils.IsAdmin(store, guild, guildId, userId, isAdmin) + if <-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/ticketlist.go b/app/http/endpoints/manage/ticketlist.go index 261a198..fa74148 100644 --- a/app/http/endpoints/manage/ticketlist.go +++ b/app/http/endpoints/manage/ticketlist.go @@ -44,7 +44,9 @@ func TicketListHandler(ctx *gin.Context) { } // Verify the user has permissions to be here - if !utils.Contains(config.Conf.Admins, userIdStr) && !guild.Owner && !table.IsAdmin(guildId, userId) { + isAdmin := make(chan bool) + go utils.IsAdmin(store, guild, guildId, userId, isAdmin) + if <-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/ticketview.go b/app/http/endpoints/manage/ticketview.go index 520a627..998e1d8 100644 --- a/app/http/endpoints/manage/ticketview.go +++ b/app/http/endpoints/manage/ticketview.go @@ -49,7 +49,9 @@ func TicketViewHandler(ctx *gin.Context) { } // Verify the user has permissions to be here - if !utils.Contains(config.Conf.Admins, userIdStr) && !guild.Owner && !table.IsAdmin(guildId, userId) { + isAdmin := make(chan bool) + go utils.IsAdmin(store, guild, guildId, userId, isAdmin) + if <-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/updatesettings.go b/app/http/endpoints/manage/updatesettings.go index cf11a6e..1da9ddc 100644 --- a/app/http/endpoints/manage/updatesettings.go +++ b/app/http/endpoints/manage/updatesettings.go @@ -44,7 +44,9 @@ func UpdateSettingsHandler(ctx *gin.Context) { } // Verify the user has permissions to be here - if !utils.Contains(config.Conf.Admins, userIdStr) && !guild.Owner && !table.IsAdmin(guildId, userId) { + isAdmin := make(chan bool) + go utils.IsAdmin(store, guild, guildId, userId, isAdmin) + if <-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/viewlog.go b/app/http/endpoints/manage/viewlog.go index ff36d36..362a121 100644 --- a/app/http/endpoints/manage/viewlog.go +++ b/app/http/endpoints/manage/viewlog.go @@ -47,7 +47,9 @@ func LogViewHandler(ctx *gin.Context) { } // Verify the user has permissions to be here - if !utils.Contains(config.Conf.Admins, userIdStr) && !guild.Owner && !table.IsAdmin(guildId, userId) { + isAdmin := make(chan bool) + go utils.IsAdmin(store, guild, guildId, userId, isAdmin) + if <-isAdmin { ctx.Redirect(302, config.Conf.Server.BaseUrl) // TODO: 403 Page return } diff --git a/app/http/endpoints/manage/webchatws.go b/app/http/endpoints/manage/webchatws.go index cae00ed..e388981 100644 --- a/app/http/endpoints/manage/webchatws.go +++ b/app/http/endpoints/manage/webchatws.go @@ -137,7 +137,9 @@ func WebChatWs(ctx *gin.Context) { } // Verify the user has permissions to be here - if !utils.Contains(config.Conf.Admins, userIdStr) && !guild.Owner && !table.IsAdmin(guildIdParsed, userId) { + isAdmin := make(chan bool) + go utils.IsAdmin(store, guild, guildIdParsed, userId, isAdmin) + if <-isAdmin { fmt.Println(err.Error()) conn.Close() return diff --git a/app/http/endpoints/root/index.go b/app/http/endpoints/root/index.go index a523817..d8ead4a 100644 --- a/app/http/endpoints/root/index.go +++ b/app/http/endpoints/root/index.go @@ -26,14 +26,15 @@ func IndexHandler(ctx *gin.Context) { } adminGuilds := make([]objects.Guild, 0) - adminGuildIds := table.GetAdminGuilds(userId) for _, guild := range table.GetGuilds(userIdStr) { guildId, err := strconv.ParseInt(guild.Id, 10, 64) if err != nil { // I think this happens when a server was deleted? We should just skip though. continue } - if guild.Owner || utils.Contains(adminGuildIds, guildId) { + isAdmin := make(chan bool) + go utils.IsAdmin(store, guild, guildId, userId, isAdmin) + if <-isAdmin { adminGuilds = append(adminGuilds, guild) } } diff --git a/utils/discord/objects/member.go b/utils/discord/objects/member.go index d73336a..8f303a7 100644 --- a/utils/discord/objects/member.go +++ b/utils/discord/objects/member.go @@ -3,7 +3,7 @@ package objects type Member struct { User User Nick string - Roles []string + Roles []int64 `json:"roles,string"` JoinedAt string Deaf bool Mute bool diff --git a/utils/permissionutils.go b/utils/permissionutils.go index daa088d..d836971 100644 --- a/utils/permissionutils.go +++ b/utils/permissionutils.go @@ -1,19 +1,21 @@ package utils import ( + "fmt" "github.com/TicketsBot/GoPanel/config" "github.com/TicketsBot/GoPanel/database/table" "github.com/TicketsBot/GoPanel/utils/discord/endpoints/guild" "github.com/TicketsBot/GoPanel/utils/discord/objects" - "github.com/apex/log" "github.com/gin-gonic/contrib/sessions" + "github.com/robfig/go-cache" "strconv" + "time" ) -func IsAdmin(guild objects.Guild, guildId, user int64, res chan bool) { - userIdStr := strconv.Itoa(int(user)) +var roleCache = cache.New(time.Minute, time.Minute) - if Contains(config.Conf.Admins, userIdStr) { +func IsAdmin(store sessions.Session, guild objects.Guild, guildId, userId int64, res chan bool) { + if Contains(config.Conf.Admins, strconv.Itoa(int(userId))) { res <- true } @@ -21,30 +23,51 @@ func IsAdmin(guild objects.Guild, guildId, user int64, res chan bool) { res <- true } - if table.IsAdmin(guildId, user) { + if table.IsAdmin(guildId, userId) { + res <- true + } + + if guild.Permissions & 0x8 != 0 { + res <- true + } + + userRoles := GetRoles(store, guildId, userId) + + adminRolesChan := make(chan []int64) + go table.GetAdminRoles(strconv.Itoa(int(guildId)), adminRolesChan) + adminRoles := <- adminRolesChan + + hasAdminRole := false + for _, userRole := range userRoles { + for _, adminRole := range adminRoles { + if userRole == adminRole { + hasAdminRole = true + break + } + } + } + + if hasAdminRole { res <- true } res <- false } -func GetRolesRest(store sessions.Session, guildId, userId int64, res chan *[]int64) { +func GetRoles(store sessions.Session, guildId, userId int64) []int64 { + key := fmt.Sprintf("%d-%d", guildId, userId) + if cached, ok := roleCache.Get(key); ok { + return cached.([]int64) + } + var member objects.Member endpoint := guild.GetGuildMember(int(guildId), int(userId)) if err, _ := endpoint.Request(store, nil, nil, &member); err != nil { - res <- nil + return nil } - roles := make([]int64, 0) - for _, role := range member.Roles { - int, err := strconv.ParseInt(role, 10, 64); if err != nil { - log.Error(err.Error()) - continue - } + roleCache.Set(key, &member.Roles, time.Minute) - roles = append(roles, int) - } - - res <- &roles + return member.Roles }