admin api: more account features (create, delete, update tier, api ke…

…ys, ...), updated admin web app
s5-dev · Aug 26, 2023 · 013487f · 013487f
1 parent b981527
commit 013487f
Show file tree

Hide file tree

Showing 4 changed files with 32 additions and 4 deletions.
diff --git a/lib/accounts/account.dart b/lib/accounts/account.dart
@@ -3,13 +3,14 @@ class Account {
   final int createdAt;
   final String? email;
   final bool isRestricted;
-  int get tier => 1;
+  final int tier;
 
   Account({
     required this.id,
     required this.createdAt,
     required this.email,
     required this.isRestricted,
+    required this.tier,
   });
   toJson() => {
         'id': id,

diff --git a/lib/http_api/admin.dart b/lib/http_api/admin.dart
@@ -4,7 +4,6 @@ import 'package:alfred/alfred.dart';
 import 'package:base_codecs/base_codecs.dart';
 import 'package:lib5/util.dart';
 import 'package:s5_server/node.dart';
-import 'package:s5_server/service/accounts.dart';
 
 class AdminAPI {
   // ! /s5/admin
@@ -45,6 +44,13 @@ class AdminAPI {
       };
     });
 
+    app.get('/s5/admin/accounts/tiers', (req, res) async {
+      checkAuth(req);
+      return {
+        'tiers': node.accounts!.tiers.values.toList(),
+      };
+    });
+
     app.get('/s5/admin/accounts/full', (req, res) async {
       checkAuth(req);
       final res = await node.accounts!.getAllAccounts();
@@ -84,6 +90,15 @@ class AdminAPI {
       return '';
     });
 
+    app.post('/s5/admin/accounts/set_tier', (req, res) async {
+      checkAuth(req);
+      await node.accounts!.setTier(
+        int.parse(req.uri.queryParameters['id']!),
+        int.parse(req.requestedUri.queryParameters['tier']!),
+      );
+      return '';
+    });
+
     app.post('/s5/admin/accounts/new_auth_token', (req, res) async {
       checkAuth(req);
       final accountId = int.parse(req.uri.queryParameters['id']!);

diff --git a/lib/http_api/http_api.dart b/lib/http_api/http_api.dart
@@ -858,7 +858,7 @@ class HttpAPIServer {
           'access-control-allow-methods':
               'GET, POST, HEAD, OPTIONS, PUT, PATCH, DELETE',
           'access-control-allow-headers':
-              'User-Agent,X-Requested-With,If-Modified-Since,If-None-Match,Cache-Control,Content-Type,Range,X-HTTP-Method-Override,upload-offset,upload-metadata,upload-length,tus-version,tus-resumable,tus-extension,tus-max-size,upload-concat,location',
+              'User-Agent,X-Requested-With,If-Modified-Since,If-None-Match,Cache-Control,Content-Type,Range,X-HTTP-Method-Override,upload-offset,upload-metadata,upload-length,tus-version,tus-resumable,tus-extension,tus-max-size,upload-concat,location,authorization',
           'access-control-expose-headers':
               'Content-Length,Content-Range,ETag,Accept-Ranges,upload-offset,upload-metadata,upload-length,tus-version,tus-resumable,tus-extension,tus-max-size,upload-concat,location',
           'access-control-allow-credentials': 'true',
@@ -929,7 +929,7 @@ class HttpAPIServer {
 
         if (cid == null && request.uri.path.startsWith('/s5/admin/app')) {
           // ! Admin Web UI
-          cid = CID.decode('zrjD3HKdKj56sTsHcFd5XhcVf72SGFVZQnMDq2RuYCe7Hiw');
+          cid = CID.decode('zrjLLzNHhqKvoDhqmDxTXb71gnvwGT6ypLmHcofnUPeS6Xp');
           checkAuth = false;
         }
 

diff --git a/lib/service/accounts.dart b/lib/service/accounts.dart
@@ -568,6 +568,7 @@ WHERE object_hash = ?''',
       createdAt: account['created_at'] as int,
       email: account['email'] as String?,
       isRestricted: account['is_restricted'] == 1,
+      tier: account['tier'] as int,
     );
   }
 
@@ -581,6 +582,7 @@ WHERE object_hash = ?''',
               createdAt: account['created_at'] as int,
               email: account['email'] as String?,
               isRestricted: account['is_restricted'] == 1,
+              tier: account['tier'] as int,
             ))
         .toList();
   }
@@ -604,6 +606,7 @@ WHERE ID = (
       createdAt: account['created_at'] as int,
       email: account['email'] as String?,
       isRestricted: account['is_restricted'] == 1,
+      tier: account['tier'] as int,
     );
   }
 
@@ -637,6 +640,15 @@ WHERE ID = (
       whereArgs: [id],
     );
   }
+
+  Future<void> setTier(int id, int tier) async {
+    await sql.db.update(
+      'Account',
+      {'tier': tier},
+      where: 'id = ?',
+      whereArgs: [id],
+    );
+  }
 }
 
 extension UnauthorizedExtension on HttpResponse {