Compare commits
2 commits
46bd2cbb2b
...
62be5f7091
| Author | SHA1 | Date | |
|---|---|---|---|
| 62be5f7091 | |||
| 21c7b35136 |
8 changed files with 167 additions and 92 deletions
|
|
@ -69,7 +69,8 @@ block body
|
|||
.grid--row-start2
|
||||
button.s-btn.s-btn__filled#invite-button Invite
|
||||
div
|
||||
!= svg
|
||||
.s-card.d-flex.ai-center.jc-center(style="min-width: 130px; min-height: 130px;")
|
||||
button.s-btn.s-btn__filled(hx-get=`/qr?guild_id=${guild_id}` hx-indicator="closest button" hx-swap="outerHTML" hx-disabled-elt="this") Show QR
|
||||
|
||||
if space_id
|
||||
h2.mt48.fs-headline1 Matrix setup
|
||||
|
|
@ -133,19 +134,19 @@ block body
|
|||
| How people can join on Matrix
|
||||
span#privacy-level-loading
|
||||
.s-toggle-switch.s-toggle-switch__multiple.s-toggle-switch__incremental.d-grid.gx16.ai-center(style="grid-template-columns: auto 1fr")
|
||||
input(type="radio" name="level" value="directory" id="privacy-level-directory" checked=(privacy_level === 2))
|
||||
input(type="radio" name="privacy_level" value="directory" id="privacy-level-directory" checked=(privacy_level === 2))
|
||||
label.d-flex.gx8.jc-center.grid--row-start3(for="privacy-level-directory")
|
||||
!= icons.Icons.IconPlusSm
|
||||
!= icons.Icons.IconInternationalSm
|
||||
.fl-grow1 Directory
|
||||
|
||||
input(type="radio" name="level" value="link" id="privacy-level-link" checked=(privacy_level === 1))
|
||||
input(type="radio" name="privacy_level" value="link" id="privacy-level-link" checked=(privacy_level === 1))
|
||||
label.d-flex.gx8.jc-center.grid--row-start2(for="privacy-level-link")
|
||||
!= icons.Icons.IconPlusSm
|
||||
!= icons.Icons.IconLinkSm
|
||||
.fl-grow1 Link
|
||||
|
||||
input(type="radio" name="level" value="invite" id="privacy-level-invite" checked=(privacy_level === 0))
|
||||
input(type="radio" name="privacy_level" value="invite" id="privacy-level-invite" checked=(privacy_level === 0))
|
||||
label.d-flex.gx8.jc-center.grid--row-start1(for="privacy-level-invite")
|
||||
svg.svg-icon(width="14" height="14" viewBox="0 0 14 14")
|
||||
!= icons.Icons.IconLockSm
|
||||
|
|
|
|||
|
|
@ -20,77 +20,75 @@ function getCreateSpace(event) {
|
|||
return event.context.createSpace || sync.require("../../d2m/actions/create-space")
|
||||
}
|
||||
|
||||
/** @type {["invite", "link", "directory"]} */
|
||||
const levels = ["invite", "link", "directory"]
|
||||
const schema = {
|
||||
autocreate: z.object({
|
||||
guild_id: z.string(),
|
||||
autocreate: z.string().optional()
|
||||
}),
|
||||
urlPreview: z.object({
|
||||
guild_id: z.string(),
|
||||
url_preview: z.string().optional()
|
||||
}),
|
||||
presence: z.object({
|
||||
guild_id: z.string(),
|
||||
presence: z.string().optional()
|
||||
}),
|
||||
privacyLevel: z.object({
|
||||
guild_id: z.string(),
|
||||
level: z.enum(levels)
|
||||
/**
|
||||
* @typedef Options
|
||||
* @prop {(value: string?) => number} transform
|
||||
* @prop {(event: H3Event, guildID: string) => any} [after]
|
||||
* @prop {keyof import("../../db/orm-defs").Models} table
|
||||
*/
|
||||
|
||||
/**
|
||||
* @template {string} T
|
||||
* @param {T} key
|
||||
* @param {Partial<Options>} [inputOptions]
|
||||
*/
|
||||
function defineToggle(key, inputOptions) {
|
||||
/** @type {Options} */
|
||||
const options = {
|
||||
transform: x => +!!x, // convert toggle to 0 or 1
|
||||
table: "guild_space"
|
||||
}
|
||||
Object.assign(options, inputOptions)
|
||||
return defineEventHandler(async event => {
|
||||
const bodySchema = z.object({
|
||||
guild_id: z.string(),
|
||||
[key]: z.string().optional()
|
||||
})
|
||||
/** @type {Record<T, string?> & Record<"guild_id", string> & Record<string, unknown>} */ // @ts-ignore
|
||||
const parsedBody = await readValidatedBody(event, bodySchema.parse)
|
||||
const managed = await auth.getManagedGuilds(event)
|
||||
if (!managed.has(parsedBody.guild_id)) throw createError({status: 403, message: "Forbidden", data: "Can't change settings for a guild you don't have Manage Server permissions in"})
|
||||
|
||||
const value = options.transform(parsedBody[key])
|
||||
assert(typeof value === "number")
|
||||
db.prepare(`UPDATE ${options.table} SET ${key} = ? WHERE guild_id = ?`).run(value, parsedBody.guild_id)
|
||||
|
||||
return (options.after && await options.after(event, parsedBody.guild_id)) || null
|
||||
})
|
||||
}
|
||||
|
||||
as.router.post("/api/autocreate", defineEventHandler(async event => {
|
||||
const parsedBody = await readValidatedBody(event, schema.autocreate.parse)
|
||||
const managed = await auth.getManagedGuilds(event)
|
||||
if (!managed.has(parsedBody.guild_id)) throw createError({status: 403, message: "Forbidden", data: "Can't change settings for a guild you don't have Manage Server permissions in"})
|
||||
|
||||
db.prepare("UPDATE guild_active SET autocreate = ? WHERE guild_id = ?").run(+!!parsedBody.autocreate, parsedBody.guild_id)
|
||||
|
||||
// If showing a partial page due to incomplete setup, need to refresh the whole page to show the alternate version
|
||||
const spaceID = select("guild_space", "space_id", {guild_id: parsedBody.guild_id}).pluck().get()
|
||||
if (!spaceID) {
|
||||
if (getRequestHeader(event, "HX-Request")) {
|
||||
setResponseHeader(event, "HX-Refresh", "true")
|
||||
} else {
|
||||
return sendRedirect(event, "", 302)
|
||||
as.router.post("/api/autocreate", defineToggle("autocreate", {
|
||||
table: "guild_active",
|
||||
after(event, guild_id) {
|
||||
// If showing a partial page due to incomplete setup, need to refresh the whole page to show the alternate version
|
||||
const spaceID = select("guild_space", "space_id", {guild_id}).pluck().get()
|
||||
if (!spaceID) {
|
||||
if (getRequestHeader(event, "HX-Request")) {
|
||||
setResponseHeader(event, "HX-Refresh", "true")
|
||||
} else {
|
||||
return sendRedirect(event, "", 302)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return null // 204
|
||||
}))
|
||||
|
||||
as.router.post("/api/url-preview", defineEventHandler(async event => {
|
||||
const parsedBody = await readValidatedBody(event, schema.urlPreview.parse)
|
||||
const managed = await auth.getManagedGuilds(event)
|
||||
if (!managed.has(parsedBody.guild_id)) throw createError({status: 403, message: "Forbidden", data: "Can't change settings for a guild you don't have Manage Server permissions in"})
|
||||
as.router.post("/api/url-preview", defineToggle("url_preview"))
|
||||
|
||||
db.prepare("UPDATE guild_space SET url_preview = ? WHERE guild_id = ?").run(+!!parsedBody.url_preview, parsedBody.guild_id)
|
||||
|
||||
return null // 204
|
||||
as.router.post("/api/presence", defineToggle("presence", {
|
||||
after() {
|
||||
setPresence.guildPresenceSetting.update()
|
||||
}
|
||||
}))
|
||||
|
||||
as.router.post("/api/presence", defineEventHandler(async event => {
|
||||
const parsedBody = await readValidatedBody(event, schema.presence.parse)
|
||||
const managed = await auth.getManagedGuilds(event)
|
||||
if (!managed.has(parsedBody.guild_id)) throw createError({status: 403, message: "Forbidden", data: "Can't change settings for a guild you don't have Manage Server permissions in"})
|
||||
|
||||
db.prepare("UPDATE guild_space SET presence = ? WHERE guild_id = ?").run(+!!parsedBody.presence, parsedBody.guild_id)
|
||||
setPresence.guildPresenceSetting.update()
|
||||
|
||||
return null // 204
|
||||
}))
|
||||
|
||||
as.router.post("/api/privacy-level", defineEventHandler(async event => {
|
||||
const parsedBody = await readValidatedBody(event, schema.privacyLevel.parse)
|
||||
const managed = await auth.getManagedGuilds(event)
|
||||
if (!managed.has(parsedBody.guild_id)) throw createError({status: 403, message: "Forbidden", data: "Can't change settings for a guild you don't have Manage Server permissions in"})
|
||||
|
||||
const createSpace = getCreateSpace(event)
|
||||
const i = levels.indexOf(parsedBody.level)
|
||||
assert.notEqual(i, -1)
|
||||
db.prepare("UPDATE guild_space SET privacy_level = ? WHERE guild_id = ?").run(i, parsedBody.guild_id)
|
||||
await createSpace.syncSpaceFully(parsedBody.guild_id) // this is inefficient but OK to call infrequently on user request
|
||||
return null // 204
|
||||
as.router.post("/api/privacy-level", defineToggle("privacy_level", {
|
||||
transform(value) {
|
||||
assert(value)
|
||||
const i = ["invite", "link", "directory"].indexOf(value)
|
||||
assert.notEqual(i, -1)
|
||||
return i
|
||||
},
|
||||
async after(event, guildID) {
|
||||
const createSpace = getCreateSpace(event)
|
||||
await createSpace.syncSpaceFully(guildID) // this is inefficient but OK to call infrequently on user request
|
||||
}
|
||||
}))
|
||||
|
|
|
|||
|
|
@ -54,7 +54,7 @@ test("web privacy level: checks permissions", async t => {
|
|||
const [error] = await tryToCatch(() => router.test("post", "/api/privacy-level", {
|
||||
body: {
|
||||
guild_id: "112760669178241024",
|
||||
level: "directory"
|
||||
privacy_level: "directory"
|
||||
}
|
||||
}))
|
||||
t.equal(error.data, "Can't change settings for a guild you don't have Manage Server permissions in")
|
||||
|
|
@ -68,7 +68,7 @@ test("web privacy level: updates privacy level", async t => {
|
|||
},
|
||||
body: {
|
||||
guild_id: "112760669178241024",
|
||||
level: "directory"
|
||||
privacy_level: "directory"
|
||||
},
|
||||
createSpace: {
|
||||
async syncSpaceFully(guildID) {
|
||||
|
|
@ -81,3 +81,16 @@ test("web privacy level: updates privacy level", async t => {
|
|||
t.equal(called, 1)
|
||||
t.equal(select("guild_space", "privacy_level", {guild_id: "112760669178241024"}).pluck().get(), 2) // directory = 2
|
||||
})
|
||||
|
||||
test("web presence: updates presence", async t => {
|
||||
await router.test("post", "/api/presence", {
|
||||
sessionData: {
|
||||
managedGuilds: ["112760669178241024"]
|
||||
},
|
||||
body: {
|
||||
guild_id: "112760669178241024"
|
||||
// presence is on by default - turn it off
|
||||
}
|
||||
})
|
||||
t.equal(select("guild_space", "presence", {guild_id: "112760669178241024"}).pluck().get(), 0)
|
||||
})
|
||||
|
|
|
|||
|
|
@ -21,6 +21,9 @@ const schema = {
|
|||
guild: z.object({
|
||||
guild_id: z.string().optional()
|
||||
}),
|
||||
qr: z.object({
|
||||
guild_id: z.string().optional()
|
||||
}),
|
||||
invite: z.object({
|
||||
mxid: z.string().regex(/@([^:]+):([a-z0-9:-]+\.[a-z0-9.:-]+)/),
|
||||
permissions: z.enum(["default", "moderator", "admin"]),
|
||||
|
|
@ -127,6 +130,33 @@ as.router.get("/guild", defineEventHandler(async event => {
|
|||
return pugSync.render(event, "guild_not_linked.pug", {guild, guild_id, spaces})
|
||||
}
|
||||
|
||||
// Easy mode guild that hasn't been linked yet - need to remove elements that would require an existing space
|
||||
if (!row.space_id) {
|
||||
const links = getChannelRoomsLinks(guild_id, [])
|
||||
return pugSync.render(event, "guild.pug", {guild, guild_id, ...links, ...row})
|
||||
}
|
||||
|
||||
// Linked guild
|
||||
const api = getAPI(event)
|
||||
const mods = await api.getStateEvent(row.space_id, "m.room.power_levels", "")
|
||||
const banned = await api.getMembers(row.space_id, "ban")
|
||||
const rooms = await api.getFullHierarchy(row.space_id)
|
||||
const links = getChannelRoomsLinks(guild_id, rooms)
|
||||
return pugSync.render(event, "guild.pug", {guild, guild_id, mods, banned, ...links, ...row})
|
||||
}))
|
||||
|
||||
as.router.get("/qr", defineEventHandler(async event => {
|
||||
const {guild_id} = await getValidatedQuery(event, schema.qr.parse)
|
||||
const managed = await auth.getManagedGuilds(event)
|
||||
const row = from("guild_active").join("guild_space", "guild_id", "left").select("space_id", "privacy_level", "autocreate").where({guild_id}).get()
|
||||
// @ts-ignore
|
||||
const guild = discord.guilds.get(guild_id)
|
||||
|
||||
// Permission problems
|
||||
if (!guild_id || !guild || !managed.has(guild_id) || !row) {
|
||||
return pugSync.render(event, "guild_access_denied.pug", {guild_id, row})
|
||||
}
|
||||
|
||||
const nonce = randomUUID()
|
||||
validNonce.set(nonce, guild_id)
|
||||
|
||||
|
|
@ -137,19 +167,7 @@ as.router.get("/guild", defineEventHandler(async event => {
|
|||
const svg = generatedSvg.replace(/viewBox="0 0 ([0-9]+) ([0-9]+)"/, `data-nonce="${nonce}" width="$1" height="$2" $&`)
|
||||
assert.notEqual(svg, generatedSvg)
|
||||
|
||||
// Easy mode guild that hasn't been linked yet - need to remove elements that would require an existing space
|
||||
if (!row.space_id) {
|
||||
const links = getChannelRoomsLinks(guild_id, [])
|
||||
return pugSync.render(event, "guild.pug", {guild, guild_id, svg, ...links, ...row})
|
||||
}
|
||||
|
||||
// Linked guild
|
||||
const api = getAPI(event)
|
||||
const mods = await api.getStateEvent(row.space_id, "m.room.power_levels", "")
|
||||
const banned = await api.getMembers(row.space_id, "ban")
|
||||
const rooms = await api.getFullHierarchy(row.space_id)
|
||||
const links = getChannelRoomsLinks(guild_id, rooms)
|
||||
return pugSync.render(event, "guild.pug", {guild, guild_id, svg, mods, banned, ...links, ...row})
|
||||
return svg
|
||||
}))
|
||||
|
||||
as.router.get("/invite", defineEventHandler(async event => {
|
||||
|
|
|
|||
|
|
@ -34,6 +34,16 @@ test("web guild: access denied when guild id messed up", async t => {
|
|||
t.has(html, "the selected server doesn't exist")
|
||||
})
|
||||
|
||||
test("web qr: access denied when guild id messed up", async t => {
|
||||
const html = await router.test("get", "/qr?guild_id=1", {
|
||||
sessionData: {
|
||||
userID: "1",
|
||||
managedGuilds: []
|
||||
},
|
||||
})
|
||||
t.has(html, "the selected server doesn't exist")
|
||||
})
|
||||
|
||||
test("web invite: access denied with invalid nonce", async t => {
|
||||
const html = await router.test("get", "/invite?nonce=1")
|
||||
t.match(html, /This QR code has expired./)
|
||||
|
|
@ -85,7 +95,7 @@ test("web guild: unbridged self-service guild shows available spaces", async t =
|
|||
})
|
||||
|
||||
|
||||
test("web guild: can view bridged guild", async t => {
|
||||
test("web guild: can view bridged guild when logged in with discord", async t => {
|
||||
const html = await router.test("get", "/guild?guild_id=112760669178241024", {
|
||||
sessionData: {
|
||||
managedGuilds: ["112760669178241024"]
|
||||
|
|
@ -103,6 +113,34 @@ test("web guild: can view bridged guild", async t => {
|
|||
}
|
||||
})
|
||||
t.has(html, `<h1 class="s-page-title--header">Psychonauts 3</h1>`)
|
||||
})
|
||||
|
||||
test("web guild: can view bridged guild when logged in with matrix", async t => {
|
||||
const html = await router.test("get", "/guild?guild_id=112760669178241024", {
|
||||
sessionData: {
|
||||
mxid: "@cadence:cadence.moe"
|
||||
},
|
||||
api: {
|
||||
async getStateEvent(roomID, type, key) {
|
||||
return {}
|
||||
},
|
||||
async getMembers(roomID, membership) {
|
||||
return {chunk: []}
|
||||
},
|
||||
async getFullHierarchy(roomID) {
|
||||
return []
|
||||
}
|
||||
}
|
||||
})
|
||||
t.has(html, `<h1 class="s-page-title--header">Psychonauts 3</h1>`)
|
||||
})
|
||||
|
||||
test("web qr: generates nonce", async t => {
|
||||
const html = await router.test("get", "/qr?guild_id=112760669178241024", {
|
||||
sessionData: {
|
||||
managedGuilds: ["112760669178241024"]
|
||||
}
|
||||
})
|
||||
nonce = html.match(/data-nonce="([a-f0-9-]+)"/)?.[1]
|
||||
t.ok(nonce)
|
||||
})
|
||||
|
|
|
|||
|
|
@ -79,10 +79,7 @@ as.router.post("/api/link-space", defineEventHandler(async event => {
|
|||
try {
|
||||
await api.joinRoom(parsedBody.space_id)
|
||||
} catch (e) {
|
||||
if (e instanceof mreq.MatrixServerError) {
|
||||
throw createError({status: 403, message: e.errcode, data: `${e.errcode} - ${e.message}`})
|
||||
}
|
||||
throw e
|
||||
throw createError({status: 403, message: e.errcode, data: `${e.errcode} - ${e.message}`})
|
||||
}
|
||||
|
||||
// Check bridge has PL 100
|
||||
|
|
@ -148,10 +145,7 @@ as.router.post("/api/link", defineEventHandler(async event => {
|
|||
try {
|
||||
await api.joinRoom(parsedBody.matrix)
|
||||
} catch (e) {
|
||||
if (e instanceof mreq.MatrixServerError) {
|
||||
throw createError({status: 403, message: e.errcode, data: `${e.errcode} - ${e.message}`})
|
||||
}
|
||||
throw e
|
||||
throw createError({status: 403, message: e.errcode, data: `${e.errcode} - ${e.message}`})
|
||||
}
|
||||
|
||||
// Check bridge has PL 100
|
||||
|
|
|
|||
|
|
@ -518,6 +518,18 @@ test("web link room: successfully calls createRoom", async t => {
|
|||
t.equal(roomID, "!zTMspHVUBhFLLSdmnS:cadence.moe")
|
||||
t.equal(key, "!NDbIqNpJyPvfKRnNcr:cadence.moe")
|
||||
return {via: ["cadence.moe"]}
|
||||
} else if (type === "m.room.name") {
|
||||
called++
|
||||
t.equal(roomID, "!NDbIqNpJyPvfKRnNcr:cadence.moe")
|
||||
return {}
|
||||
} else if (type === "m.room.avatar") {
|
||||
called++
|
||||
t.equal(roomID, "!NDbIqNpJyPvfKRnNcr:cadence.moe")
|
||||
return {}
|
||||
} else if (type === "m.room.topic") {
|
||||
called++
|
||||
t.equal(roomID, "!NDbIqNpJyPvfKRnNcr:cadence.moe")
|
||||
return {}
|
||||
}
|
||||
},
|
||||
async sendEvent(roomID, type, content) {
|
||||
|
|
@ -536,7 +548,7 @@ test("web link room: successfully calls createRoom", async t => {
|
|||
}
|
||||
}
|
||||
})
|
||||
t.equal(called, 5)
|
||||
t.equal(called, 8)
|
||||
})
|
||||
|
||||
// *****
|
||||
|
|
|
|||
|
|
@ -144,6 +144,7 @@ INSERT INTO emoji (emoji_id, name, animated, mxc_url) VALUES
|
|||
('288858540888686602', 'upstinky', 0, 'mxc://cadence.moe/mwZaCtRGAQQyOItagDeCocEO');
|
||||
|
||||
INSERT INTO member_cache (room_id, mxid, displayname, avatar_url, power_level) VALUES
|
||||
('!jjmvBegULiLucuWEHU:cadence.moe', '@cadence:cadence.moe', 'cadence [they]', NULL, 50),
|
||||
('!kLRqKKUQXcibIMtOpl:cadence.moe', '@cadence:cadence.moe', 'cadence [they]', NULL, 0),
|
||||
('!kLRqKKUQXcibIMtOpl:cadence.moe', '@test_auto_invite:example.org', NULL, NULL, 0),
|
||||
('!fGgIymcYWOqjbSRUdV:cadence.moe', '@cadence:cadence.moe', 'cadence [they]', 'mxc://cadence.moe/azCAhThKTojXSZJRoWwZmhvU', 0),
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue