Add public characters and visibility flag

This commit is contained in:
Clément Pons
2025-04-29 17:48:49 +02:00
parent 1ee895ab42
commit 871861e66e
15 changed files with 623 additions and 60 deletions

View File

@@ -61,7 +61,7 @@ export default defineEventHandler(async (e): Promise<Return> => {
else
{
const hash = await Bun.password.hash(body.data.password);
db.insert(usersTable).values({ username: sql.placeholder('username'), email: sql.placeholder('email'), hash: sql.placeholder('hash'), state: sql.placeholder('state') }).prepare().run({ username: body.data.username, email: body.data.email, hash, state: 1 });
db.insert(usersTable).values({ username: sql.placeholder('username'), email: sql.placeholder('email'), hash: sql.placeholder('hash'), state: sql.placeholder('state') }).prepare().run({ username: body.data.username, email: body.data.email, hash, state: 0 });
const id = db.select({ id: usersTable.id }).from(usersTable).where(eq(usersTable.username, sql.placeholder('username'))).prepare().get({ username: body.data.username });
if(!id || !id.id)
@@ -72,7 +72,7 @@ export default defineEventHandler(async (e): Promise<Return> => {
db.insert(usersDataTable).values({ id: sql.placeholder('id') }).prepare().run({ id: id.id });
logSession(e, await setUserSession(e, { user: { id: id.id, username: body.data.username, email: body.data.email, state: 1, signin: new Date(), permissions: [], lastTimestamp: new Date(), logCount: 1 } }) as UserSessionRequired);
logSession(e, await setUserSession(e, { user: { id: id.id, username: body.data.username, email: body.data.email, state: 0, signin: new Date(), permissions: [], lastTimestamp: new Date(), logCount: 1 } }) as UserSessionRequired);
const emailId = Bun.hash('register' + id.id + hash, Date.now());
const timestamp = Date.now() + 1000 * 60 * 60;

View File

@@ -1,27 +1,82 @@
import { and, eq, sql } from 'drizzle-orm';
import useDatabase from '~/composables/useDatabase';
import { characterTable } from '~/db/schema';
import { characterTable, userPermissionsTable } from '~/db/schema';
import { hasPermissions } from '~/shared/auth.util';
import type { Character } from '~/types/character';
export default defineEventHandler(async (e) => {
const session = await getUserSession(e);
let { visibility } = getQuery(e) as { visibility?: "public" | "own" | "admin" };
if(!session.user)
if(!visibility)
{
setResponseStatus(e, 401);
return;
visibility = "own";
}
const db = useDatabase();
const character = db.select({
id: characterTable.id,
name: characterTable.name,
progress: characterTable.progress,
}).from(characterTable).where(eq(characterTable.owner, session.user.id)).all();
if(character !== undefined)
if(visibility === "own")
{
return character as Character[];
const session = await getUserSession(e);
if(!session.user)
{
setResponseStatus(e, 401);
return;
}
const db = useDatabase();
const characters = db.select({
id: characterTable.id,
name: characterTable.name,
progress: characterTable.progress,
visibility: characterTable.visibility,
}).from(characterTable).where(eq(characterTable.owner, session.user.id)).all();
if(characters !== undefined)
{
return characters as Character[];
}
}
else if(visibility === 'public')
{
const db = useDatabase();
const characters = db.select({
id: characterTable.id,
name: characterTable.name,
progress: characterTable.progress,
visibility: characterTable.visibility,
}).from(characterTable).where(eq(characterTable.visibility, "public")).all();
if(characters !== undefined)
{
return characters as Character[];
}
}
else if(visibility === 'admin')
{
const session = await getUserSession(e);
if(!session.user)
{
setResponseStatus(e, 401);
return;
}
const db = useDatabase();
const rights = db.select({ right: userPermissionsTable.permission }).from(userPermissionsTable).where(eq(userPermissionsTable.id, session.user.id)).all();
if(rights.length === 0 || !hasPermissions(rights.map(e => e.right), ['admin']))
{
setResponseStatus(e, 403);
return;
}
const characters = db.select({
id: characterTable.id,
name: characterTable.name,
progress: characterTable.progress,
visibility: characterTable.visibility,
}).from(characterTable).all();
if(characters !== undefined)
{
return characters as Character[];
}
}
setResponseStatus(e, 404);

View File

@@ -25,7 +25,8 @@ export default defineEventHandler(async (e) => {
id: characterTable.id,
name: characterTable.name,
progress: characterTable.progress,
owner: characterTable.owner
owner: characterTable.owner,
visibility: characterTable.visibility,
}).from(characterTable).where(and(eq(characterTable.id, id), eq(characterTable.owner, session.user.id))).get();
if(character !== undefined)