From e628f93dce403f027baab4d00f61a47f08276f21 Mon Sep 17 00:00:00 2001 From: test Date: Sat, 22 Jun 2024 06:35:14 +1000 Subject: [PATCH] Api key check for trade + fix deposits typo deposits include expire and ignore switched for legacy command --- .../discord/apiv3/enums/ApiKeyPermission.java | 26 +++++++++++++++++++ .../v2/impl/pw/commands/BankCommands.java | 2 +- .../v2/impl/pw/commands/IACommands.java | 7 +++++ .../locutus/discord/db/entities/DBNation.java | 19 ++++++++++++++ .../locutus/discord/util/offshore/Auth.java | 4 +-- 5 files changed, 55 insertions(+), 3 deletions(-) create mode 100644 src/main/java/link/locutus/discord/apiv3/enums/ApiKeyPermission.java diff --git a/src/main/java/link/locutus/discord/apiv3/enums/ApiKeyPermission.java b/src/main/java/link/locutus/discord/apiv3/enums/ApiKeyPermission.java new file mode 100644 index 00000000..9a3335ca --- /dev/null +++ b/src/main/java/link/locutus/discord/apiv3/enums/ApiKeyPermission.java @@ -0,0 +1,26 @@ +package link.locutus.discord.apiv3.enums; + +public enum ApiKeyPermission { + NATION_VIEW_RESOURCES, + NATION_DEPOSIT_TO_BANK, + NATION_MILITARY_BUYS, + NATION_SEE_RESET_TIMERS, + NATION_SEE_SPIES, + NATION_VIEW_TRADES, + NATION_ACCEPT_TRADE, + NATION_SEND_MESSAGE, // To be used in the `/api/send-message` endpoint + ALLIANCE_VIEW_BANK, + ALLIANCE_WITHDRAW_BANK, + ALLIANCE_CHANGE_PERMISSIONS, + ALLIANCE_SEE_SPIES, + ALLIANCE_SEE_RESET_TIMERS, + ALLIANCE_TAX_BRACKETS, + ALLIANCE_ACCEPT_APPLICANTS, + ALLIANCE_REMOVE_MEMBERS, + ALLIANCE_MANAGE_TREATIES, + ALLIANCE_PROMOTE_SELF_TO_LEADER; + + public boolean has(int permission) { + return (permission & (1 << this.ordinal())) > 0; + } +} diff --git a/src/main/java/link/locutus/discord/commands/manager/v2/impl/pw/commands/BankCommands.java b/src/main/java/link/locutus/discord/commands/manager/v2/impl/pw/commands/BankCommands.java index 95bdaf51..b16c2d40 100644 --- a/src/main/java/link/locutus/discord/commands/manager/v2/impl/pw/commands/BankCommands.java +++ b/src/main/java/link/locutus/discord/commands/manager/v2/impl/pw/commands/BankCommands.java @@ -3627,7 +3627,7 @@ public static String deposits(@Me Guild guild, @Me GuildDB db, @Me IMessageIO ch DBNation nation = nationOrAllianceOrGuild.asNation(); if (nation != me && !Roles.INTERNAL_AFFAIRS.has(author, guild) && !Roles.INTERNAL_AFFAIRS_STAFF.has(author, guild) && !Roles.ECON.has(author, guild) && !Roles.ECON_STAFF.has(author, guild)) return "You do not have permission to check other nation's deposits"; // txList - accountDeposits = nation.getDeposits(db, offshoreIds, !includeBaseTaxes, !ignoreInternalOffsets, 0L, timeCutoff, includeIgnored, includeExpired, f -> true, true); + accountDeposits = nation.getDeposits(db, offshoreIds, !includeBaseTaxes, !ignoreInternalOffsets, 0L, timeCutoff, includeExpired, includeIgnored, f -> true, true); if (!hideEscrowed) { Map.Entry escoredPair = db.getEscrowed(nation); if (escoredPair != null) { diff --git a/src/main/java/link/locutus/discord/commands/manager/v2/impl/pw/commands/IACommands.java b/src/main/java/link/locutus/discord/commands/manager/v2/impl/pw/commands/IACommands.java index af2e65da..c1bb9021 100644 --- a/src/main/java/link/locutus/discord/commands/manager/v2/impl/pw/commands/IACommands.java +++ b/src/main/java/link/locutus/discord/commands/manager/v2/impl/pw/commands/IACommands.java @@ -1212,6 +1212,13 @@ public String reply(@Me GuildDB db, @Me DBNation me, @Me User author, @Me IMessa return "Mail: " + result; } +// @Command(desc = "Read a message for an id") +// @RolePermission(Roles.MAIL) +// @IsAlliance +// public String viewMail(@Me ) + + // todo add mail search SearchMailTask + @Command(desc = "Generate a list of nations and their expected raid loot\n" + "e.g. `{prefix}sheets_milcom lootvaluesheet #cities<10,#position>1,#active_m<2880,someAlliance`") @RolePermission(Roles.MILCOM) diff --git a/src/main/java/link/locutus/discord/db/entities/DBNation.java b/src/main/java/link/locutus/discord/db/entities/DBNation.java index 9bdd351d..9f3f1337 100644 --- a/src/main/java/link/locutus/discord/db/entities/DBNation.java +++ b/src/main/java/link/locutus/discord/db/entities/DBNation.java @@ -1,6 +1,7 @@ package link.locutus.discord.db.entities; import com.google.gson.JsonSyntaxException; +import com.politicsandwar.graphql.model.ApiKeyDetails; import com.politicsandwar.graphql.model.Bankrec; import com.politicsandwar.graphql.model.Nation; import com.politicsandwar.graphql.model.Trade; @@ -16,6 +17,7 @@ import link.locutus.discord.apiv1.enums.city.building.PowerBuilding; import link.locutus.discord.apiv3.PoliticsAndWarV3; import link.locutus.discord.apiv3.enums.AlliancePermission; +import link.locutus.discord.apiv3.enums.ApiKeyPermission; import link.locutus.discord.apiv3.enums.GameTimers; import link.locutus.discord.commands.manager.v2.binding.ValueStore; import link.locutus.discord.commands.manager.v2.binding.annotation.Arg; @@ -4132,6 +4134,23 @@ private Map.Entry createAndOffshoreDeposit(GuildDB currentDB, StringBuilder response = new StringBuilder("Checking trades..."); List trades = tradeSupplier.get(); + if (trades.isEmpty()) { + ApiKeyDetails stats = receiverApi.getApiKeyStats(); + int bits = stats.getPermission_bits(); + List errors = new ArrayList<>(); + if (!ApiKeyPermission.NATION_VIEW_TRADES.has(bits)) { + errors.add("Missing `" + ApiKeyPermission.NATION_VIEW_TRADES + "`"); + } + if (!ApiKeyPermission.NATION_ACCEPT_TRADE.has(bits)) { + errors.add("Missing `" + ApiKeyPermission.NATION_ACCEPT_TRADE + "`"); + } + if (!errors.isEmpty()) { + // for the key starting with and ending with `` + String key = stats.getKey(); + String redacted = key.substring(0, 1) + "..." + key.substring(key.length() - 1); + throw new IllegalArgumentException("Error: " + String.join(", ", errors) + " for key: `" + redacted + "` at "); + } + } double[] toDeposit = ResourceType.getBuffer(); for (Auth.TradeResult trade : trades) { diff --git a/src/main/java/link/locutus/discord/util/offshore/Auth.java b/src/main/java/link/locutus/discord/util/offshore/Auth.java index e6554882..0551e0e6 100644 --- a/src/main/java/link/locutus/discord/util/offshore/Auth.java +++ b/src/main/java/link/locutus/discord/util/offshore/Auth.java @@ -230,13 +230,13 @@ public String createDepositTrade(DBNation receiver, ResourceType resource, int n public String createTrade(DBNation receiver, ResourceType resource, int amount, int ppu, boolean isBuy) { String leadername = receiver.getLeader(); String leaderUrlEscape = URLEncoder.encode(leadername, StandardCharsets.UTF_8); - String url = "" + Settings.INSTANCE.PNW_URL() + "/nation/trade/create?leadername=" + leaderUrlEscape; + String url = "" + Settings.INSTANCE.PNW_URL() + "/nation/trade/create"; Map post = new HashMap<>(); post.put("resourceoffer", resource.name().toLowerCase()); post.put("offeramount", "" + amount); post.put("wantamount", "" + ppu); post.put("offertype", "personal"); - post.put("leaderpersonal", leadername); + post.put("leaderpersonal", leaderUrlEscape); post.put("submit", isBuy ? "Buy" : "Sell"); return PW.withLogin(() -> {