Adds checks to register command and some cleanup

Some general cleanup and fixes of todo's. Also implemented the required checks and used data from the environment variables. This command implements what showcased in issue message: #301 (comment)
TFNS · Jul 25, 2024 · 841941d · 841941d
1 parent 59f64ff
commit 841941d
Show file tree

Hide file tree

Showing 2 changed files with 43 additions and 9 deletions.
diff --git a/api/src/discord/commands/register.ts b/api/src/discord/commands/register.ts
@@ -1,27 +1,59 @@
-import { ApplicationCommandType, Client, CommandInteraction } from "discord.js";
+import {
+  ApplicationCommandType,
+  Client,
+  CommandInteraction,
+  GuildMemberRoleManager,
+} from "discord.js";
 import { Command } from "../command";
 import {
-  createInvitationURLForDiscordId,
+  createInvitationTokenForDiscordId,
+  getInvitationTokenForDiscordId,
   getUserByDiscordId,
 } from "../database/users";
 import config from "../../config";
 
 async function getInvitationUrl(invitation_code: string | null = null) {
   if (config.pad.domain == "") return "";
-
   if (invitation_code == null) return "";
 
   const ssl = config.pad.useSSL == "false" ? "" : "s";
 
   return `http${ssl}://${config.pad.domain}/#/auth/register/${invitation_code}`;
 }
 
+//? Refactor this to not have this type in two places.
+type AllowedRoles =
+  | "user_guest"
+  | "user_friend"
+  | "user_member"
+  | "user_manager"
+  | "user_admin";
+
 async function createAccountLogic(
   client: Client,
   interaction: CommandInteraction
 ) {
-  // TODO: check if user has role
-  // TODO: check if feature is enabled in environment variables
+  if (config.discord.registrationEnabled.toLowerCase() === "false") {
+    await interaction.editReply({
+      content:
+        "The functionality to create your own account this way has been disabled by an administrator",
+    });
+    return;
+  }
+
+  if (config.discord.registrationRoleId !== "") {
+    if (
+      !(interaction.member?.roles as GuildMemberRoleManager).cache.has(
+        config.discord.registrationRoleId
+      )
+    ) {
+      await interaction.editReply({
+        content:
+          "You do not have the role required to create an account yourself.",
+      });
+      return;
+    }
+  }
 
   const userId = await getUserByDiscordId(interaction.user.id);
   if (userId != null) {
@@ -55,8 +87,8 @@ async function createAccountLogic(
       "Generating private invitation url... If you already have a CTFNote account you should link it using the /link command instead.",
   });
 
-  const invitation_code = await createInvitationURLForDiscordId(
-    "user_friend", // TODO: use environment variable
+  const invitation_code = await createInvitationTokenForDiscordId(
+    (config.discord.registrationAccountRole as AllowedRoles) ?? "user_guest",
     interaction.user.id
   );
 
@@ -68,7 +100,7 @@ async function createAccountLogic(
   }
 
   const invitation_url = await getInvitationUrl(invitation_code);
-  if (invitation_url == null) {
+  if (invitation_url == "") {
     await interaction.editReply({
       content: "Something went wrong.", // TODO: Meaningful error messages?
     });

diff --git a/api/src/discord/database/users.ts b/api/src/discord/database/users.ts
@@ -73,10 +73,12 @@ export async function getInvitationTokenForDiscordId(
   }
 }
 
+export async function createInvitationTokenForDiscordId(
+  role: AllowedRoles = "user_guest",
   discordId: string,
   pgClient: PoolClient | null = null
 ): Promise<string | null> {
-  // TODO: Verify if valid role is passed.
+  role = (role as AllowedRoles) ?? "user_guest";
 
   const useRequestClient = pgClient != null;
   if (pgClient == null) pgClient = await connectToDatabase();