You've already forked obsidian-visualiser
Add public characters and visibility flag
This commit is contained in:
@@ -61,7 +61,7 @@ export default defineEventHandler(async (e): Promise<Return> => {
|
||||
else
|
||||
{
|
||||
const hash = await Bun.password.hash(body.data.password);
|
||||
db.insert(usersTable).values({ username: sql.placeholder('username'), email: sql.placeholder('email'), hash: sql.placeholder('hash'), state: sql.placeholder('state') }).prepare().run({ username: body.data.username, email: body.data.email, hash, state: 1 });
|
||||
db.insert(usersTable).values({ username: sql.placeholder('username'), email: sql.placeholder('email'), hash: sql.placeholder('hash'), state: sql.placeholder('state') }).prepare().run({ username: body.data.username, email: body.data.email, hash, state: 0 });
|
||||
const id = db.select({ id: usersTable.id }).from(usersTable).where(eq(usersTable.username, sql.placeholder('username'))).prepare().get({ username: body.data.username });
|
||||
|
||||
if(!id || !id.id)
|
||||
@@ -72,7 +72,7 @@ export default defineEventHandler(async (e): Promise<Return> => {
|
||||
|
||||
db.insert(usersDataTable).values({ id: sql.placeholder('id') }).prepare().run({ id: id.id });
|
||||
|
||||
logSession(e, await setUserSession(e, { user: { id: id.id, username: body.data.username, email: body.data.email, state: 1, signin: new Date(), permissions: [], lastTimestamp: new Date(), logCount: 1 } }) as UserSessionRequired);
|
||||
logSession(e, await setUserSession(e, { user: { id: id.id, username: body.data.username, email: body.data.email, state: 0, signin: new Date(), permissions: [], lastTimestamp: new Date(), logCount: 1 } }) as UserSessionRequired);
|
||||
|
||||
const emailId = Bun.hash('register' + id.id + hash, Date.now());
|
||||
const timestamp = Date.now() + 1000 * 60 * 60;
|
||||
|
||||
@@ -1,27 +1,82 @@
|
||||
import { and, eq, sql } from 'drizzle-orm';
|
||||
import useDatabase from '~/composables/useDatabase';
|
||||
import { characterTable } from '~/db/schema';
|
||||
import { characterTable, userPermissionsTable } from '~/db/schema';
|
||||
import { hasPermissions } from '~/shared/auth.util';
|
||||
import type { Character } from '~/types/character';
|
||||
|
||||
export default defineEventHandler(async (e) => {
|
||||
const session = await getUserSession(e);
|
||||
let { visibility } = getQuery(e) as { visibility?: "public" | "own" | "admin" };
|
||||
|
||||
if(!session.user)
|
||||
if(!visibility)
|
||||
{
|
||||
setResponseStatus(e, 401);
|
||||
return;
|
||||
visibility = "own";
|
||||
}
|
||||
|
||||
const db = useDatabase();
|
||||
const character = db.select({
|
||||
id: characterTable.id,
|
||||
name: characterTable.name,
|
||||
progress: characterTable.progress,
|
||||
}).from(characterTable).where(eq(characterTable.owner, session.user.id)).all();
|
||||
|
||||
if(character !== undefined)
|
||||
if(visibility === "own")
|
||||
{
|
||||
return character as Character[];
|
||||
const session = await getUserSession(e);
|
||||
if(!session.user)
|
||||
{
|
||||
setResponseStatus(e, 401);
|
||||
return;
|
||||
}
|
||||
|
||||
const db = useDatabase();
|
||||
const characters = db.select({
|
||||
id: characterTable.id,
|
||||
name: characterTable.name,
|
||||
progress: characterTable.progress,
|
||||
visibility: characterTable.visibility,
|
||||
}).from(characterTable).where(eq(characterTable.owner, session.user.id)).all();
|
||||
|
||||
if(characters !== undefined)
|
||||
{
|
||||
return characters as Character[];
|
||||
}
|
||||
}
|
||||
else if(visibility === 'public')
|
||||
{
|
||||
const db = useDatabase();
|
||||
const characters = db.select({
|
||||
id: characterTable.id,
|
||||
name: characterTable.name,
|
||||
progress: characterTable.progress,
|
||||
visibility: characterTable.visibility,
|
||||
}).from(characterTable).where(eq(characterTable.visibility, "public")).all();
|
||||
|
||||
if(characters !== undefined)
|
||||
{
|
||||
return characters as Character[];
|
||||
}
|
||||
}
|
||||
else if(visibility === 'admin')
|
||||
{
|
||||
const session = await getUserSession(e);
|
||||
if(!session.user)
|
||||
{
|
||||
setResponseStatus(e, 401);
|
||||
return;
|
||||
}
|
||||
const db = useDatabase();
|
||||
|
||||
const rights = db.select({ right: userPermissionsTable.permission }).from(userPermissionsTable).where(eq(userPermissionsTable.id, session.user.id)).all();
|
||||
if(rights.length === 0 || !hasPermissions(rights.map(e => e.right), ['admin']))
|
||||
{
|
||||
setResponseStatus(e, 403);
|
||||
return;
|
||||
}
|
||||
|
||||
const characters = db.select({
|
||||
id: characterTable.id,
|
||||
name: characterTable.name,
|
||||
progress: characterTable.progress,
|
||||
visibility: characterTable.visibility,
|
||||
}).from(characterTable).all();
|
||||
|
||||
if(characters !== undefined)
|
||||
{
|
||||
return characters as Character[];
|
||||
}
|
||||
}
|
||||
|
||||
setResponseStatus(e, 404);
|
||||
|
||||
@@ -25,7 +25,8 @@ export default defineEventHandler(async (e) => {
|
||||
id: characterTable.id,
|
||||
name: characterTable.name,
|
||||
progress: characterTable.progress,
|
||||
owner: characterTable.owner
|
||||
owner: characterTable.owner,
|
||||
visibility: characterTable.visibility,
|
||||
}).from(characterTable).where(and(eq(characterTable.id, id), eq(characterTable.owner, session.user.id))).get();
|
||||
|
||||
if(character !== undefined)
|
||||
|
||||
Reference in New Issue
Block a user