From 841941d21cad7eff944965ae1890eda0f21860c7 Mon Sep 17 00:00:00 2001 From: Daan Breur Date: Thu, 25 Jul 2024 20:23:22 +0200 Subject: [PATCH] Adds checks to register command and some cleanup Some general cleanup and fixes of todo's. Also implemented the required checks and used data from the environment variables. This command implements what showcased in issue message: https://github.com/TFNS/CTFNote/pull/301#issuecomment-2251140196 --- api/src/discord/commands/register.ts | 48 +++++++++++++++++++++++----- api/src/discord/database/users.ts | 4 ++- 2 files changed, 43 insertions(+), 9 deletions(-) diff --git a/api/src/discord/commands/register.ts b/api/src/discord/commands/register.ts index ad905b8f..b35cd176 100644 --- a/api/src/discord/commands/register.ts +++ b/api/src/discord/commands/register.ts @@ -1,14 +1,19 @@ -import { ApplicationCommandType, Client, CommandInteraction } from "discord.js"; +import { + ApplicationCommandType, + Client, + CommandInteraction, + GuildMemberRoleManager, +} from "discord.js"; import { Command } from "../command"; import { - createInvitationURLForDiscordId, + createInvitationTokenForDiscordId, + getInvitationTokenForDiscordId, getUserByDiscordId, } from "../database/users"; import config from "../../config"; async function getInvitationUrl(invitation_code: string | null = null) { if (config.pad.domain == "") return ""; - if (invitation_code == null) return ""; const ssl = config.pad.useSSL == "false" ? "" : "s"; @@ -16,12 +21,39 @@ async function getInvitationUrl(invitation_code: string | null = null) { return `http${ssl}://${config.pad.domain}/#/auth/register/${invitation_code}`; } +//? Refactor this to not have this type in two places. +type AllowedRoles = + | "user_guest" + | "user_friend" + | "user_member" + | "user_manager" + | "user_admin"; + async function createAccountLogic( client: Client, interaction: CommandInteraction ) { - // TODO: check if user has role - // TODO: check if feature is enabled in environment variables + if (config.discord.registrationEnabled.toLowerCase() === "false") { + await interaction.editReply({ + content: + "The functionality to create your own account this way has been disabled by an administrator", + }); + return; + } + + if (config.discord.registrationRoleId !== "") { + if ( + !(interaction.member?.roles as GuildMemberRoleManager).cache.has( + config.discord.registrationRoleId + ) + ) { + await interaction.editReply({ + content: + "You do not have the role required to create an account yourself.", + }); + return; + } + } const userId = await getUserByDiscordId(interaction.user.id); if (userId != null) { @@ -55,8 +87,8 @@ async function createAccountLogic( "Generating private invitation url... If you already have a CTFNote account you should link it using the /link command instead.", }); - const invitation_code = await createInvitationURLForDiscordId( - "user_friend", // TODO: use environment variable + const invitation_code = await createInvitationTokenForDiscordId( + (config.discord.registrationAccountRole as AllowedRoles) ?? "user_guest", interaction.user.id ); @@ -68,7 +100,7 @@ async function createAccountLogic( } const invitation_url = await getInvitationUrl(invitation_code); - if (invitation_url == null) { + if (invitation_url == "") { await interaction.editReply({ content: "Something went wrong.", // TODO: Meaningful error messages? }); diff --git a/api/src/discord/database/users.ts b/api/src/discord/database/users.ts index dcf384ea..548d92ac 100644 --- a/api/src/discord/database/users.ts +++ b/api/src/discord/database/users.ts @@ -73,10 +73,12 @@ export async function getInvitationTokenForDiscordId( } } +export async function createInvitationTokenForDiscordId( + role: AllowedRoles = "user_guest", discordId: string, pgClient: PoolClient | null = null ): Promise { - // TODO: Verify if valid role is passed. + role = (role as AllowedRoles) ?? "user_guest"; const useRequestClient = pgClient != null; if (pgClient == null) pgClient = await connectToDatabase();