diff --git a/src/main/kotlin/subit/database/Permissions.kt b/src/main/kotlin/subit/database/Permissions.kt index 26ff0f9..a6a1866 100644 --- a/src/main/kotlin/subit/database/Permissions.kt +++ b/src/main/kotlin/subit/database/Permissions.kt @@ -19,12 +19,12 @@ interface Permissions suspend fun getPermission(block: BlockId, user: UserId): PermissionLevel } -inline fun Context.checkPermission( +inline fun Context.withPermission( user: DatabaseUser? = getLoginUser()?.toDatabaseUser(), body: CheckPermissionInContextScope.()->T ): T = CheckPermissionInContextScope(this, user).body() -inline fun checkPermission( +inline fun withPermission( user: DatabaseUser?, body: CheckPermissionScope.()->T ): T = CheckPermissionScope(user).body() @@ -143,7 +143,7 @@ open class CheckPermissionScope @PublishedApi internal constructor(val user: Dat } val selfPermission = getPermission(block.id) if (selfPermission < PermissionLevel.ADMIN) return false - val otherPermission = checkPermission(other) { getPermission(block.id) } + val otherPermission = withPermission(other) { getPermission(block.id) } return selfPermission > otherPermission && selfPermission > permission } } @@ -271,7 +271,7 @@ class CheckPermissionInContextScope @PublishedApi internal constructor(val conte message = "修改他人在板块${block.name}的权限要求拥有该板块管理员权限" ) ) - val otherPermission = checkPermission(other) { getPermission(block.id) } + val otherPermission = withPermission(other) { getPermission(block.id) } if (selfPermission > otherPermission && selfPermission > permission) return else return finish( diff --git a/src/main/kotlin/subit/router/Admin.kt b/src/main/kotlin/subit/router/Admin.kt index bf1c5e3..6830cdc 100644 --- a/src/main/kotlin/subit/router/Admin.kt +++ b/src/main/kotlin/subit/router/Admin.kt @@ -71,7 +71,6 @@ private data class ProhibitUser(val id: UserId, val prohibit: Boolean, val time: private suspend fun Context.prohibitUser() { - val users = get() val prohibits = get() val operations = get() val loginUser = getLoginUser() ?: return call.respond(HttpStatus.Unauthorized) @@ -94,7 +93,7 @@ private suspend fun Context.prohibitUser() private suspend fun Context.prohibitList() { - checkPermission { checkHasGlobalAdmin() } + withPermission { checkHasGlobalAdmin() } val (begin, count) = call.getPage() call.respond(HttpStatus.OK, get().getProhibitList(begin, count)) } @@ -108,7 +107,7 @@ private suspend fun Context.changePermission() val loginUser = getLoginUser() ?: return call.respond(HttpStatus.Unauthorized) val changePermission = receiveAndCheckBody() val user = SSO.getDbUser(changePermission.id) ?: return call.respond(HttpStatus.NotFound) - checkPermission { checkChangePermission(null, user, changePermission.permission) } + withPermission { checkChangePermission(null, user, changePermission.permission) } users.changePermission(changePermission.id, changePermission.permission) get().addOperation(loginUser.id, changePermission) if (loginUser.id != changePermission.id) get().createNotice( diff --git a/src/main/kotlin/subit/router/BannedWords.kt b/src/main/kotlin/subit/router/BannedWords.kt index 2847eb5..9c3a782 100644 --- a/src/main/kotlin/subit/router/BannedWords.kt +++ b/src/main/kotlin/subit/router/BannedWords.kt @@ -7,7 +7,7 @@ import io.ktor.server.application.* import io.ktor.server.routing.* import kotlinx.serialization.Serializable import subit.database.BannedWords -import subit.database.checkPermission +import subit.database.withPermission import subit.database.receiveAndCheckBody import subit.router.* import subit.utils.HttpStatus @@ -89,7 +89,7 @@ private suspend fun Context.getBannedWords() { val (begin, count) = call.getPage() val bannedWords = get() - checkPermission { checkHasGlobalAdmin() } + withPermission { checkHasGlobalAdmin() } call.respond(HttpStatus.OK, bannedWords.getBannedWords(begin, count)) } @@ -100,7 +100,7 @@ private suspend fun Context.newBannedWord() { val newBannedWord = receiveAndCheckBody() val bannedWords = get() - checkPermission { checkHasGlobalAdmin() } + withPermission { checkHasGlobalAdmin() } bannedWords.addBannedWord(newBannedWord.word) call.respond(HttpStatus.OK) } @@ -109,7 +109,7 @@ private suspend fun Context.deleteBannedWord() { val word = call.parameters["word"] ?: return call.respond(HttpStatus.BadRequest) val bannedWords = get() - checkPermission { checkHasGlobalAdmin() } + withPermission { checkHasGlobalAdmin() } bannedWords.removeBannedWord(word) call.respond(HttpStatus.OK) } @@ -119,7 +119,7 @@ private suspend fun Context.editBannedWord() val word = call.parameters["word"] ?: return call.respond(HttpStatus.BadRequest) val newBannedWord = receiveAndCheckBody() val bannedWords = get() - checkPermission { checkHasGlobalAdmin() } + withPermission { checkHasGlobalAdmin() } bannedWords.updateBannedWord(word, newBannedWord.word) call.respond(HttpStatus.OK) } \ No newline at end of file diff --git a/src/main/kotlin/subit/router/Block.kt b/src/main/kotlin/subit/router/Block.kt index 6e9bdc1..65380d0 100644 --- a/src/main/kotlin/subit/router/Block.kt +++ b/src/main/kotlin/subit/router/Block.kt @@ -167,10 +167,10 @@ private suspend fun Context.newBlock() val blocks = get() if (newBlock.parent != null) { - checkPermission { checkHasAdminIn(newBlock.parent) } + withPermission { checkHasAdminIn(newBlock.parent) } blocks.getBlock(newBlock.parent) ?: return call.respond(HttpStatus.BadRequest) } - else checkPermission { checkHasGlobalAdmin() } + else withPermission { checkHasGlobalAdmin() } val id = blocks.createBlock( name = newBlock.name, description = newBlock.description, @@ -201,7 +201,7 @@ private suspend fun Context.editBlockInfo() val loginUser = getLoginUser() ?: return call.respond(HttpStatus.Unauthorized) val id = call.parameters["id"]?.toBlockIdOrNull() ?: return call.respond(HttpStatus.BadRequest) val editBlockInfo = receiveAndCheckBody() - checkPermission { checkHasAdminIn(id) } + withPermission { checkHasAdminIn(id) } get().setPermission( block = id, posting = editBlockInfo.postingPermission, @@ -217,7 +217,7 @@ private suspend fun Context.getBlockInfo() { val id = call.parameters["id"]?.toBlockIdOrNull() ?: return call.respond(HttpStatus.BadRequest) val block = get().getBlock(id) ?: return call.respond(HttpStatus.NotFound) - checkPermission { checkCanRead(block) } + withPermission { checkCanRead(block) } call.respond(HttpStatus.OK, block) } @@ -225,7 +225,7 @@ private suspend fun Context.deleteBlock() { val loginUser = getLoginUser() ?: return call.respond(HttpStatus.Unauthorized) val id = call.parameters["id"]?.toBlockIdOrNull() ?: return call.respond(HttpStatus.BadRequest) - checkPermission { checkHasAdminIn(id) } + withPermission { checkHasAdminIn(id) } val blocks = get() val block = blocks.getBlock(id) ?: return call.respond(HttpStatus.NotFound) blocks.setState(id, State.DELETED) @@ -252,7 +252,7 @@ private suspend fun Context.changePermission() val changePermission = receiveAndCheckBody() val block = get().getBlock(changePermission.block) ?: return call.respond(HttpStatus.NotFound) val user = SSO.getDbUser(changePermission.user) ?: return call.respond(HttpStatus.NotFound) - checkPermission { checkChangePermission(block, user, changePermission.permission) } + withPermission { checkChangePermission(block, user, changePermission.permission) } get().setPermission( bid = changePermission.block, uid = changePermission.user, @@ -275,11 +275,11 @@ private suspend fun Context.getPermission() val uid = call.parameters["user"]?.toUserIdOrNull() ?: return call.respond(HttpStatus.BadRequest) val blocks = get() val user = SSO.getDbUser(uid) ?: return call.respond(HttpStatus.NotFound) - checkPermission { + withPermission { checkCanRead(blocks.getBlock(bid) ?: return call.respond(HttpStatus.NotFound)) checkHasAdminIn(bid) } - call.respond(HttpStatus.OK, checkPermission(user) { getPermission(bid) }) + call.respond(HttpStatus.OK, withPermission(user) { getPermission(bid) }) } private suspend fun Context.getChildren() @@ -289,7 +289,7 @@ private suspend fun Context.getChildren() val (begin, count) = call.getPage() val blocks = get() - checkPermission() + withPermission() { val block = id?.let { blocks.getBlock(it) } if (block != null) checkCanRead(block) diff --git a/src/main/kotlin/subit/router/Comment.kt b/src/main/kotlin/subit/router/Comment.kt index c2f06c5..778a4c3 100644 --- a/src/main/kotlin/subit/router/Comment.kt +++ b/src/main/kotlin/subit/router/Comment.kt @@ -122,7 +122,7 @@ private suspend fun Context.commentPost() val posts = get() val parent = posts.getPostInfo(postId) ?: return call.respond(HttpStatus.NotFound) - checkPermission { checkCanComment(parent) } + withPermission { checkCanComment(parent) } val commentId = posts.createPost(parent = postId, author = loginUser.id, block = parent.block, anonymous = newComment.anonymous) ?: return call.respond(HttpStatus.NotFound) if (newComment.wordMarking != null) { @@ -156,7 +156,7 @@ private suspend fun Context.getPostComments() val (begin, count) = call.getPage() val posts = get() val post = posts.getPostInfo(postId) ?: return call.respond(HttpStatus.NotFound) - checkPermission { checkCanRead(post) } + withPermission { checkCanRead(post) } val comments = posts.getChildPosts(postId, type, begin, count) if (getLoginUser().hasGlobalAdmin()) call.respond(HttpStatus.OK, comments) @@ -173,7 +173,7 @@ private suspend fun Context.getCommentComments() val (begin, count) = call.getPage() val posts = get() val comment = posts.getPostInfo(commentId) ?: return call.respond(HttpStatus.NotFound) - checkPermission { checkCanRead(comment) } + withPermission { checkCanRead(comment) } val comments = posts.getDescendants(commentId, type, begin, count) if (getLoginUser().hasGlobalAdmin()) call.respond(HttpStatus.OK, comments) @@ -186,6 +186,6 @@ private suspend fun Context.getComment() val commentId = call.parameters["commentId"]?.toPostIdOrNull() ?: return call.respond(HttpStatus.BadRequest) val posts = get() val comment = posts.getPostFull(commentId) ?: return call.respond(HttpStatus.NotFound) - checkPermission { checkCanRead(comment.toPostInfo()) } + withPermission { checkCanRead(comment.toPostInfo()) } call.respond(HttpStatus.OK, if (comment.anonymous) comment.copy(author = UserId(0)) else comment) } diff --git a/src/main/kotlin/subit/router/Files.kt b/src/main/kotlin/subit/router/Files.kt index 48ec3db..345fd84 100644 --- a/src/main/kotlin/subit/router/Files.kt +++ b/src/main/kotlin/subit/router/Files.kt @@ -286,7 +286,7 @@ private suspend fun Context.changePermission() val loginUser = getLoginUser() ?: return call.respond(HttpStatus.Unauthorized) val changePermission = receiveAndCheckBody() val user = SSO.getDbUser(changePermission.id) ?: return call.respond(HttpStatus.NotFound) - checkPermission { checkChangePermission(null, user, changePermission.filePermission) } + withPermission { checkChangePermission(null, user, changePermission.filePermission) } get().changeFilePermission(changePermission.id, changePermission.filePermission) get().addOperation(loginUser.id, changePermission) call.respond(HttpStatus.OK) diff --git a/src/main/kotlin/subit/router/Posts.kt b/src/main/kotlin/subit/router/Posts.kt index b2d72bc..aba6820 100644 --- a/src/main/kotlin/subit/router/Posts.kt +++ b/src/main/kotlin/subit/router/Posts.kt @@ -256,7 +256,7 @@ private suspend fun Context.getPost() val id = call.parameters["id"]?.toPostIdOrNull() ?: return call.respond(HttpStatus.BadRequest) val postFull = get().getPostFull(id) ?: return call.respond(HttpStatus.NotFound) val loginUser = getLoginUser() - checkPermission { checkCanRead(postFull.toPostInfo()) } + withPermission { checkCanRead(postFull.toPostInfo()) } if (!postFull.anonymous) call.respond(HttpStatus.OK, postFull) // 若不是匿名帖则直接返回 else if (loginUser == null || loginUser.permission < PermissionLevel.ADMIN) call.respond( HttpStatus.OK, @@ -397,7 +397,7 @@ private suspend fun Context.deletePost() val id = call.parameters["id"]?.toPostIdOrNull() ?: return call.respond(HttpStatus.BadRequest) val post = get().getPostInfo(id) ?: return call.respond(HttpStatus.NotFound) val loginUser = getLoginUser() ?: return call.respond(HttpStatus.Unauthorized) - checkPermission { checkCanDelete(post) } + withPermission { checkCanDelete(post) } get().setPostState(id, State.DELETED) if (post.author != loginUser.id) get().createNotice( Notice.makeSystemNotice( @@ -426,7 +426,7 @@ private suspend fun Context.likePost() val post = get().getPostInfo(id) ?: return call.respond(HttpStatus.NotFound) val type = receiveAndCheckBody().type val loginUser = getLoginUser() ?: return call.respond(HttpStatus.Unauthorized) - checkPermission { checkCanRead(post) } + withPermission { checkCanRead(post) } when (type) { LikeType.LIKE -> get().like(loginUser.id, id) @@ -460,10 +460,10 @@ private suspend fun Context.newPost() val loginUser = getLoginUser() ?: return call.respond(HttpStatus.Unauthorized) val block = get().getBlock(newPost.block) ?: return call.respond(HttpStatus.NotFound) - checkPermission { checkCanPost(block) } + withPermission { checkCanPost(block) } - if (newPost.anonymous) checkPermission { checkCanAnonymous(block) } - if (newPost.top) checkPermission { checkHasAdminIn(block.id) } + if (newPost.anonymous) withPermission { checkCanAnonymous(block) } + if (newPost.top) withPermission { checkHasAdminIn(block.id) } val id = get().createPost( author = loginUser.id, anonymous = newPost.anonymous, @@ -495,7 +495,7 @@ private suspend fun Context.getBlockPosts() { val block = call.parameters["block"]?.toBlockIdOrNull() ?: return call.respond(HttpStatus.BadRequest) val blockFull = get().getBlock(block) ?: return call.respond(HttpStatus.NotFound) - checkPermission { checkCanRead(blockFull) } + withPermission { checkCanRead(blockFull) } val type = call.parameters["sort"] ?.runCatching { Posts.PostListSort.valueOf(this) } ?.getOrNull() ?: return call.respond(HttpStatus.BadRequest) @@ -508,7 +508,7 @@ private suspend fun Context.getBlockTopPosts() { val block = call.parameters["block"]?.toBlockIdOrNull() ?: return call.respond(HttpStatus.BadRequest) val blockFull = get().getBlock(block) ?: return call.respond(HttpStatus.NotFound) - checkPermission { checkCanRead(blockFull) } + withPermission { checkCanRead(blockFull) } val (begin, count) = call.getPage() val posts = get().getBlockTopPosts(block, begin, count) call.respond(HttpStatus.OK, posts) @@ -519,7 +519,7 @@ private suspend fun Context.setBlockTopPosts() val pid = call.parameters["id"]?.toPostIdOrNull() ?: return call.respond(HttpStatus.BadRequest) val top = call.parameters["top"]?.toBooleanStrictOrNull() ?: return call.respond(HttpStatus.BadRequest) val postInfo = get().getPostInfo(pid) ?: return call.respond(HttpStatus.NotFound) - checkPermission { + withPermission { checkCanRead(postInfo) checkHasAdminIn(postInfo.block) } diff --git a/src/main/kotlin/subit/router/Report.kt b/src/main/kotlin/subit/router/Report.kt index 119f4b3..061e3a1 100644 --- a/src/main/kotlin/subit/router/Report.kt +++ b/src/main/kotlin/subit/router/Report.kt @@ -10,7 +10,7 @@ import subit.JWTAuth.getLoginUser import subit.dataClasses.* import subit.dataClasses.ReportId.Companion.toReportIdOrNull import subit.database.Reports -import subit.database.checkPermission +import subit.database.withPermission import subit.database.receiveAndCheckBody import subit.router.* import subit.utils.HttpStatus @@ -114,7 +114,7 @@ private suspend fun Context.newReport() private suspend fun Context.getReports() { - checkPermission { checkHasGlobalAdmin() } + withPermission { checkHasGlobalAdmin() } val begin = call.parameters["begin"]?.toLongOrNull() ?: return call.respond(HttpStatus.BadRequest) val count = call.parameters["count"]?.toIntOrNull() ?: return call.respond(HttpStatus.BadRequest) val handled = when (call.parameters["filter"]) @@ -129,7 +129,7 @@ private suspend fun Context.getReports() private suspend fun Context.getReport() { - checkPermission { checkHasGlobalAdmin() } + withPermission { checkHasGlobalAdmin() } val id = call.parameters["id"]?.toReportIdOrNull() ?: return call.respond(HttpStatus.BadRequest) val report = get().getReport(id) ?: return call.respond(HttpStatus.NotFound) call.respond(HttpStatus.OK, report) @@ -137,7 +137,7 @@ private suspend fun Context.getReport() private suspend fun Context.handleReport() { - checkPermission { checkHasGlobalAdmin() } + withPermission { checkHasGlobalAdmin() } val loginUser = getLoginUser() ?: return call.respond(HttpStatus.Unauthorized) val id = call.parameters["id"]?.toReportIdOrNull() ?: return call.respond(HttpStatus.BadRequest) get().handleReport(id, loginUser.id) diff --git a/src/main/kotlin/subit/router/User.kt b/src/main/kotlin/subit/router/User.kt index 86b0604..88cfcff 100644 --- a/src/main/kotlin/subit/router/User.kt +++ b/src/main/kotlin/subit/router/User.kt @@ -150,7 +150,7 @@ private suspend fun Context.changeIntroduction() } else { - checkPermission { checkHasGlobalAdmin() } + withPermission { checkHasGlobalAdmin() } if (get().changeIntroduction(id, changeIntroduction.introduction)) { get().addOperation(loginUser.id, changeIntroduction) diff --git a/src/main/kotlin/subit/router/WordMarkings.kt b/src/main/kotlin/subit/router/WordMarkings.kt index e225957..59d4dbe 100644 --- a/src/main/kotlin/subit/router/WordMarkings.kt +++ b/src/main/kotlin/subit/router/WordMarkings.kt @@ -15,7 +15,7 @@ import subit.dataClasses.WordMarkingInfo import subit.database.PostVersions import subit.database.Posts import subit.database.WordMarkings -import subit.database.checkPermission +import subit.database.withPermission import subit.router.Context import subit.router.get import subit.utils.HttpStatus @@ -83,7 +83,7 @@ suspend fun Context.getWordMarkings() val postVersions = get() val postVersion = postVersions.getPostVersion(postVersionId) ?: return call.respond(HttpStatus.NotFound) val post = get().getPostInfo(postVersion.post) ?: return call.respond(HttpStatus.NotFound) - checkPermission { checkCanRead(post) } + withPermission { checkCanRead(post) } val wordMarkings = get().getWordMarkings(postVersionId) return call.respond(HttpStatus.OK, wordMarkings) } @@ -95,7 +95,7 @@ suspend fun Context.getWordMarking() val postVersions = get() val postVersion = postVersions.getPostVersion(postVersionId) ?: return call.respond(HttpStatus.NotFound) val post = get().getPostInfo(postVersion.post) ?: return call.respond(HttpStatus.NotFound) - checkPermission { checkCanRead(post) } + withPermission { checkCanRead(post) } val wordMarking = get().getWordMarking(postVersionId, commentId) ?: return call.respond(HttpStatus.NotFound) return call.respond(HttpStatus.OK, wordMarking) } @@ -106,6 +106,6 @@ suspend fun Context.getWordMarkingById() val wordMarking = get().getWordMarking(WordMarkingId(id)) ?: return call.respond(HttpStatus.NotFound) val postVersion = get().getPostVersion(wordMarking.postVersion) ?: return call.respond(HttpStatus.NotFound) val post = get().getPostInfo(postVersion.post) ?: return call.respond(HttpStatus.NotFound) - checkPermission { checkCanRead(post) } + withPermission { checkCanRead(post) } return call.respond(HttpStatus.OK, wordMarking) } \ No newline at end of file