fix(api): don't require '@me' string on own-system-only endpoints
This commit is contained in:
parent
e85073665e
commit
318b9b5b66
@ -14,10 +14,13 @@ public class DiscordControllerV2: PKControllerBase
|
|||||||
public DiscordControllerV2(IServiceProvider svc) : base(svc) { }
|
public DiscordControllerV2(IServiceProvider svc) : base(svc) { }
|
||||||
|
|
||||||
|
|
||||||
[HttpGet("systems/@me/guilds/{guild_id}")]
|
[HttpGet("systems/{systemRef}/guilds/{guild_id}")]
|
||||||
public async Task<IActionResult> SystemGuildGet(ulong guild_id)
|
public async Task<IActionResult> SystemGuildGet(string systemRef, ulong guild_id)
|
||||||
{
|
{
|
||||||
var system = await ResolveSystem("@me");
|
var system = await ResolveSystem(systemRef);
|
||||||
|
if (ContextFor(system) != LookupContext.ByOwner)
|
||||||
|
throw Errors.GenericMissingPermissions;
|
||||||
|
|
||||||
var settings = await _repo.GetSystemGuild(guild_id, system.Id, false);
|
var settings = await _repo.GetSystemGuild(guild_id, system.Id, false);
|
||||||
if (settings == null)
|
if (settings == null)
|
||||||
throw Errors.SystemGuildNotFound;
|
throw Errors.SystemGuildNotFound;
|
||||||
@ -29,10 +32,13 @@ public class DiscordControllerV2: PKControllerBase
|
|||||||
return Ok(settings.ToJson(member?.Hid));
|
return Ok(settings.ToJson(member?.Hid));
|
||||||
}
|
}
|
||||||
|
|
||||||
[HttpPatch("systems/@me/guilds/{guild_id}")]
|
[HttpPatch("systems/{systemRef}/guilds/{guild_id}")]
|
||||||
public async Task<IActionResult> DoSystemGuildPatch(ulong guild_id, [FromBody] JObject data)
|
public async Task<IActionResult> DoSystemGuildPatch(string systemRef, ulong guild_id, [FromBody] JObject data)
|
||||||
{
|
{
|
||||||
var system = await ResolveSystem("@me");
|
var system = await ResolveSystem(systemRef);
|
||||||
|
if (ContextFor(system) != LookupContext.ByOwner)
|
||||||
|
throw Errors.GenericMissingPermissions;
|
||||||
|
|
||||||
var settings = await _repo.GetSystemGuild(guild_id, system.Id, false);
|
var settings = await _repo.GetSystemGuild(guild_id, system.Id, false);
|
||||||
if (settings == null)
|
if (settings == null)
|
||||||
throw Errors.SystemGuildNotFound;
|
throw Errors.SystemGuildNotFound;
|
||||||
|
@ -77,14 +77,16 @@ public class SwitchControllerV2: PKControllerBase
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
[HttpPost("systems/@me/switches")]
|
[HttpPost("systems/{systemRef}/switches")]
|
||||||
public async Task<IActionResult> SwitchCreate([FromBody] PostSwitchParams data)
|
public async Task<IActionResult> SwitchCreate(string systemRef, [FromBody] PostSwitchParams data)
|
||||||
{
|
{
|
||||||
|
var system = await ResolveSystem(systemRef);
|
||||||
|
if (ContextFor(system) != LookupContext.ByOwner)
|
||||||
|
throw Errors.GenericMissingPermissions;
|
||||||
|
|
||||||
if (data.Members.Distinct().Count() != data.Members.Count)
|
if (data.Members.Distinct().Count() != data.Members.Count)
|
||||||
throw Errors.DuplicateMembersInList;
|
throw Errors.DuplicateMembersInList;
|
||||||
|
|
||||||
var system = await ResolveSystem("@me");
|
|
||||||
|
|
||||||
if (data.Timestamp != null && await _repo.GetSwitches(system.Id).Select(x => x.Timestamp)
|
if (data.Timestamp != null && await _repo.GetSwitches(system.Id).Select(x => x.Timestamp)
|
||||||
.ContainsAsync(data.Timestamp.Value))
|
.ContainsAsync(data.Timestamp.Value))
|
||||||
throw Errors.SameSwitchTimestampError;
|
throw Errors.SameSwitchTimestampError;
|
||||||
@ -155,11 +157,15 @@ public class SwitchControllerV2: PKControllerBase
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
[HttpPatch("systems/@me/switches/{switchRef}")]
|
[HttpPatch("systems/{systemRef}/switches/{switchRef}")]
|
||||||
public async Task<IActionResult> SwitchPatch(string switchRef, [FromBody] JObject data)
|
public async Task<IActionResult> SwitchPatch(string systemRef, string switchRef, [FromBody] JObject data)
|
||||||
{
|
{
|
||||||
// for now, don't need to make a PatchObject for this, since it's only one param
|
// for now, don't need to make a PatchObject for this, since it's only one param
|
||||||
|
|
||||||
|
var system = await ResolveSystem(systemRef);
|
||||||
|
if (ContextFor(system) != LookupContext.ByOwner)
|
||||||
|
throw Errors.GenericMissingPermissions;
|
||||||
|
|
||||||
if (!Guid.TryParse(switchRef, out var switchId))
|
if (!Guid.TryParse(switchRef, out var switchId))
|
||||||
throw Errors.InvalidSwitchId;
|
throw Errors.InvalidSwitchId;
|
||||||
|
|
||||||
@ -169,10 +175,6 @@ public class SwitchControllerV2: PKControllerBase
|
|||||||
|
|
||||||
var value = Instant.FromDateTimeOffset(DateTime.Parse(valueStr).ToUniversalTime());
|
var value = Instant.FromDateTimeOffset(DateTime.Parse(valueStr).ToUniversalTime());
|
||||||
|
|
||||||
var system = await ResolveSystem("@me");
|
|
||||||
if (system == null)
|
|
||||||
throw Errors.SystemNotFound;
|
|
||||||
|
|
||||||
var sw = await _repo.GetSwitchByUuid(switchId);
|
var sw = await _repo.GetSwitchByUuid(switchId);
|
||||||
if (sw == null || system.Id != sw.System)
|
if (sw == null || system.Id != sw.System)
|
||||||
throw Errors.SwitchNotFoundPublic;
|
throw Errors.SwitchNotFoundPublic;
|
||||||
@ -191,16 +193,19 @@ public class SwitchControllerV2: PKControllerBase
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
[HttpPatch("systems/@me/switches/{switchRef}/members")]
|
[HttpPatch("systems/{systemRef}/switches/{switchRef}/members")]
|
||||||
public async Task<IActionResult> SwitchMemberPatch(string switchRef, [FromBody] JArray data)
|
public async Task<IActionResult> SwitchMemberPatch(string systemRef, string switchRef, [FromBody] JArray data)
|
||||||
{
|
{
|
||||||
|
var system = await ResolveSystem(systemRef);
|
||||||
|
if (ContextFor(system) != LookupContext.ByOwner)
|
||||||
|
throw Errors.GenericMissingPermissions;
|
||||||
|
|
||||||
if (!Guid.TryParse(switchRef, out var switchId))
|
if (!Guid.TryParse(switchRef, out var switchId))
|
||||||
|
throw Errors.SwitchNotFound;
|
||||||
|
|
||||||
if (data.Distinct().Count() != data.Count)
|
if (data.Distinct().Count() != data.Count)
|
||||||
throw Errors.DuplicateMembersInList;
|
throw Errors.DuplicateMembersInList;
|
||||||
|
|
||||||
var system = await ResolveSystem("@me");
|
|
||||||
|
|
||||||
var sw = await _repo.GetSwitchByUuid(switchId);
|
var sw = await _repo.GetSwitchByUuid(switchId);
|
||||||
if (sw == null)
|
if (sw == null)
|
||||||
throw Errors.SwitchNotFound;
|
throw Errors.SwitchNotFound;
|
||||||
@ -235,13 +240,16 @@ public class SwitchControllerV2: PKControllerBase
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
[HttpDelete("systems/@me/switches/{switchRef}")]
|
[HttpDelete("systems/{systemRef}/switches/{switchRef}")]
|
||||||
public async Task<IActionResult> SwitchDelete(string switchRef)
|
public async Task<IActionResult> SwitchDelete(string systemRef, string switchRef)
|
||||||
{
|
{
|
||||||
|
var system = await ResolveSystem(systemRef);
|
||||||
|
if (ContextFor(system) != LookupContext.ByOwner)
|
||||||
|
throw Errors.GenericMissingPermissions;
|
||||||
|
|
||||||
if (!Guid.TryParse(switchRef, out var switchId))
|
if (!Guid.TryParse(switchRef, out var switchId))
|
||||||
throw Errors.InvalidSwitchId;
|
throw Errors.InvalidSwitchId;
|
||||||
|
|
||||||
var system = await ResolveSystem("@me");
|
|
||||||
var sw = await _repo.GetSwitchByUuid(switchId);
|
var sw = await _repo.GetSwitchByUuid(switchId);
|
||||||
if (sw == null || system.Id != sw.System)
|
if (sw == null || system.Id != sw.System)
|
||||||
throw Errors.SwitchNotFoundPublic;
|
throw Errors.SwitchNotFoundPublic;
|
||||||
|
@ -72,6 +72,7 @@ public static class Errors
|
|||||||
{
|
{
|
||||||
public static PKError GenericBadRequest = new(400, 0, "400: Bad Request");
|
public static PKError GenericBadRequest = new(400, 0, "400: Bad Request");
|
||||||
public static PKError GenericAuthError = new(401, 0, "401: Missing or invalid Authorization header");
|
public static PKError GenericAuthError = new(401, 0, "401: Missing or invalid Authorization header");
|
||||||
|
public static PKError GenericMissingPermissions = new(403, 0, "403: Missing permissions to access this resource");
|
||||||
|
|
||||||
public static PKError SystemNotFound = new(404, 20001, "System not found.");
|
public static PKError SystemNotFound = new(404, 20001, "System not found.");
|
||||||
public static PKError MemberNotFound = new(404, 20002, "Member not found.");
|
public static PKError MemberNotFound = new(404, 20002, "Member not found.");
|
||||||
|
@ -204,7 +204,8 @@ Takes an array of member references as input. (An empty list is accepted.) Retur
|
|||||||
---
|
---
|
||||||
## Switches
|
## Switches
|
||||||
|
|
||||||
*`switchRef` must be a switch's UUID. On POST/PATCH/DELETE endpoints, `systemRef` must be `@me`.*
|
*`switchRef` must be a switch's UUID. `systemRef` can be a system's short (5-character) ID, a system's UUID, the ID of a Discord account linked to the system, or the string `@me` to refer to the currently authenticated system.*
|
||||||
|
|
||||||
|
|
||||||
### Get System Switches
|
### Get System Switches
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user