Skip to content

Commit

Permalink
fix: check server ownership for text channel
Browse files Browse the repository at this point in the history 
refactor: minor cleanup of code
  • Loading branch information
@insertish
insertish committed Oct 25, 2023
1 parent d012a6d commit 17b769b
Show file tree
Hide file tree
Showing 7 changed files with 155 additions and 19 deletions.
145 changes: 145 additions & 0 deletions crates/core/database/src/models/channels/model.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -624,3 +624,148 @@ impl IntoDocumentPath for FieldsChannel {
})
}
}

#[cfg(test)]
mod tests {
use std::collections::HashMap;

use revolt_permissions::{calculate_channel_permissions, ChannelPermission, OverrideField};

use crate::{
util::permissions::DatabasePermissionQuery, Channel, Member, MemberCompositeKey, Role,
Server, User,
};

#[async_std::test]
async fn permissions_text_channel() {
database_test!(|db| async move {
let owner = User::create(&db, "Owner".to_string(), None, None)
.await
.unwrap();

let moderator = User::create(&db, "Moderator".to_string(), None, None)
.await
.unwrap();

let user = User::create(&db, "User".to_string(), None, None)
.await
.unwrap();

let server_id = ulid::Ulid::new().to_string();

let channel = Channel::TextChannel {
id: ulid::Ulid::new().to_string(),
server: server_id.clone(),
name: "Channel".to_string(),
description: None,
icon: None,
last_message_id: None,
default_permissions: Some(OverrideField {
d: 1048576, // TODO: bitfield
..Default::default()
}),
role_permissions: HashMap::from([(
"01F9HFTSBWTNA2F4TMSV7VM3FG".to_string(),
OverrideField {
a: 1048576, // TODO: bitfield
..Default::default()
},
)]),
nsfw: false,
};

let server = Server {
id: server_id,
owner: owner.id.clone(),
name: "My Server".to_string(),
description: None,
channels: vec![channel.id()],
categories: None,
system_messages: None,
roles: HashMap::from([
(
"01F9HFTSBWTNA2F4TMSV7VM3FG".to_string(),
Role {
name: "Moderator".to_string(),
permissions: OverrideField {
a: 545270208, // TODO: explicit
..Default::default()
},
colour: None,
hoist: true,
rank: 3,
},
),
(
"01FBF9DNHSRPVTWFMNB3JNB8FK".to_string(),
Role {
name: "Owner".to_string(),
permissions: Default::default(),
colour: None,
hoist: true,
rank: 0,
},
),
]),
default_permissions: 4000322560, // TODO: use bitfield
icon: None,
banner: None,
flags: None,
nsfw: false,
analytics: false,
discoverable: false,
};

// TODO: proper creation
db.insert_channel(&channel).await.unwrap();
server.create(&db).await.unwrap();

db.insert_member(&Member {
id: MemberCompositeKey {
user: owner.id.clone(),
server: server.id.clone(),
},
roles: vec!["01FBF9DNHSRPVTWFMNB3JNB8FK".to_string()],
..Default::default()
})
.await
.unwrap();

db.insert_member(&Member {
id: MemberCompositeKey {
user: moderator.id.clone(),
server: server.id.clone(),
},
roles: vec!["01F9HFTSBWTNA2F4TMSV7VM3FG".to_string()],
..Default::default()
})
.await
.unwrap();

db.insert_member(&Member {
id: MemberCompositeKey {
user: user.id.clone(),
server: server.id.clone(),
},
..Default::default()
})
.await
.unwrap();

let mut query = DatabasePermissionQuery::new(&db, &owner).channel(&channel);
assert!(calculate_channel_permissions(&mut query)
.await
.has_channel_permission(ChannelPermission::SendMessage));

let mut query = DatabasePermissionQuery::new(&db, &moderator).channel(&channel);
assert!(calculate_channel_permissions(&mut query)
.await
.has_channel_permission(ChannelPermission::SendMessage));

let mut query = DatabasePermissionQuery::new(&db, &user).channel(&channel);
assert!(!calculate_channel_permissions(&mut query)
.await
.has_channel_permission(ChannelPermission::SendMessage));
});
}
}
20 changes: 4 additions & 16 deletions crates/core/database/src/models/servers/model.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -458,8 +458,7 @@ mod tests {
use revolt_permissions::{calculate_server_permissions, ChannelPermission, OverrideField};

use crate::{
util::permissions::DatabasePermissionQuery, Channel, Member, MemberCompositeKey, Role,
Server, User,
util::permissions::DatabasePermissionQuery, Member, MemberCompositeKey, Role, Server, User,
};

#[async_std::test]
Expand All @@ -479,24 +478,14 @@ mod tests {

let server_id = ulid::Ulid::new().to_string();

let channel = Channel::TextChannel {
id: ulid::Ulid::new().to_string(),
server: server_id.clone(),
name: "Channel".to_string(),
description: None,
icon: None,
last_message_id: None,
default_permissions: None,
role_permissions: HashMap::new(),
nsfw: false,
};

// TODO: seeder functions
// e.g. seed!("channel", "file.json")
let server = Server {
id: server_id,
owner: owner.id.clone(),
name: "My Server".to_string(),
description: None,
channels: vec![channel.id()],
channels: vec![],
categories: None,
system_messages: None,
roles: HashMap::from([
Expand Down Expand Up @@ -534,7 +523,6 @@ mod tests {
};

// TODO: proper creation
db.insert_channel(&channel).await.unwrap();
server.create(&db).await.unwrap();

db.insert_member(&Member {
Expand Down
2 changes: 1 addition & 1 deletion crates/core/database/src/util/idempotency.rs
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
use std::num::NonZeroUsize;

use revolt_result::{create_error, Result};
use revolt_result::{create_error, Result, Error};

use async_std::sync::Mutex;
use once_cell::sync::Lazy;
Expand Down
1 change: 1 addition & 0 deletions crates/core/database/src/util/permissions.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -344,6 +344,7 @@ impl PermissionQuery for DatabasePermissionQuery<'_> {
| Cow::Owned(Channel::TextChannel { server, .. })
| Cow::Borrowed(Channel::VoiceChannel { server, .. })
| Cow::Owned(Channel::VoiceChannel { server, .. }) => {
// FIXME: may double fetch
if let Ok(server) = self.database.fetch_server(server).await {
self.server.replace(Cow::Owned(server));
}
Expand Down
4 changes: 3 additions & 1 deletion crates/core/permissions/src/impl.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,9 @@ pub async fn calculate_channel_permissions<P: PermissionQuery>(query: &mut P) ->
ChannelType::ServerChannel => {
query.set_server_from_channel().await;

if query.are_we_a_member().await {
if query.are_we_server_owner().await {
return ChannelPermission::GrantAllSafe.into();
} else if query.are_we_a_member().await {
let mut permissions = calculate_server_permissions(query).await;
permissions.apply(query.get_default_channel_permissions().await);

Expand Down
1 change: 0 additions & 1 deletion crates/core/presence/src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -221,7 +221,6 @@ mod tests {
// Create a few more sessions
let (first_session, second_session_id) = create_session(&user_id, 0).await;
assert!(!first_session);
dbg!(second_session_id);
assert_eq!(second_session_id as u8 & 1, 0);

let (first_session, other_session_id) = create_session(&other_id, 0).await;
Expand Down
1 change: 1 addition & 0 deletions crates/delta/src/routes/channels/group_remove_member.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -148,6 +148,7 @@ mod test {
.await;

dbg!(response.into_string().await);
// TODO: finish impl
// assert_eq!(response.status(), Status::NotFound);
}

Expand Down

0 comments on commit 17b769b

Please sign in to comment.