func banPlayer(w http.ResponseWriter, r *http.Request, banType models.PlayerBanType) error {
err := r.ParseForm()
if err != nil {
return err
}
values := r.Form
confirm := values.Get("confirm")
steamid := values.Get("steamid")
reason := values.Get("reason")
player, tperr := models.GetPlayerBySteamID(steamid)
if tperr != nil {
return tperr
}
switch confirm {
case "yes":
if err := verifyToken(r, "banPlayer"); err != nil {
return err
}
until, err := parseTime(values.Get("until"))
if err != nil {
return err
}
player.BanUntil(*until, banType, reason)
default:
title := fmt.Sprintf("Ban %s (%s) from %s?", player.Name, player.SteamID, banString[banType])
confirmReq(w, r, "banPlayer", title)
}
return nil
}
func (Player) PlayerNotReady(so *wsevent.Client, _ struct{}) interface{} {
player, tperr := models.GetPlayerBySteamID(chelpers.GetSteamId(so.ID))
if tperr != nil {
return tperr
}
lobbyid, tperr := player.GetLobbyID(false)
if tperr != nil {
return tperr
}
lobby, tperr := models.GetLobbyByID(lobbyid)
if tperr != nil {
return tperr
}
if lobby.State != models.LobbyStateReadyingUp {
return helpers.NewTPError("Lobby hasn't been filled up yet.", 4)
}
tperr = lobby.UnreadyPlayer(player)
lobby.RemovePlayer(player)
hooks.AfterLobbyLeave(lobby, player)
lobby.AddSpectator(player)
hooks.AfterLobbySpec(socket.AuthServer, so, lobby)
if tperr != nil {
return tperr
}
lobby.UnreadyAllPlayers()
return chelpers.EmptySuccessJS
}
func (Player) PlayerSettingsSet(so *wsevent.Client, args struct {
Key *string `json:"key"`
Value *string `json:"value"`
}) interface{} {
player, _ := models.GetPlayerBySteamID(chelpers.GetSteamId(so.ID))
err := player.SetSetting(*args.Key, *args.Value)
if err != nil {
return helpers.NewTPErrorFromError(err)
}
switch *args.Key {
case "siteAlias":
profile := models.DecoratePlayerProfileJson(player)
so.EmitJSON(helpers.NewRequest("playerProfile", profile))
if lobbyID, _ := player.GetLobbyID(true); lobbyID != 0 {
lobby, _ := models.GetLobbyByID(lobbyID)
lobbyData := lobby.LobbyData(true)
lobbyData.Send()
}
case "mumbleNick":
if !reMumbleNick.MatchString(*args.Value) {
return helpers.NewTPError("Invalid Mumble nick.", -1)
}
}
return chelpers.EmptySuccessJS
}
//SocketInit initializes the websocket connection for the provided socket
func SocketInit(so *wsevent.Client) error {
chelpers.AuthenticateSocket(so.ID, so.Request)
loggedIn := chelpers.IsLoggedInSocket(so.ID)
if loggedIn {
steamid := chelpers.GetSteamId(so.ID)
sessions.AddSocket(steamid, so)
}
if loggedIn {
hooks.AfterConnect(socket.AuthServer, so)
player, err := models.GetPlayerBySteamID(chelpers.GetSteamId(so.ID))
if err != nil {
logrus.Warning(
"User has a cookie with but a matching player record doesn't exist: %s",
chelpers.GetSteamId(so.ID))
chelpers.DeauthenticateSocket(so.ID)
hooks.AfterConnect(socket.UnauthServer, so)
return ErrRecordNotFound
}
hooks.AfterConnectLoggedIn(so, player)
} else {
hooks.AfterConnect(socket.UnauthServer, so)
so.EmitJSON(helpers.NewRequest("playerSettings", "{}"))
so.EmitJSON(helpers.NewRequest("playerProfile", "{}"))
}
so.EmitJSON(helpers.NewRequest("socketInitialized", "{}"))
return nil
}
func changeRole(w http.ResponseWriter, r *http.Request, role authority.AuthRole) error {
player, terr := models.GetPlayerBySteamID(r.URL.Query().Get("steamid"))
if terr != nil {
return terr
}
err := r.ParseForm()
if err != nil {
return err
}
switch r.Form.Get("confirm") {
case "yes":
if err := verifyToken(r, "changeRole"); err != nil {
return err
}
player.Role = role
player.Save()
fmt.Fprintf(w, "%s (%s) has been made a %s", player.Name, player.SteamID, helpers.RoleNames[role])
default:
title := fmt.Sprintf("Make %s (%s) a %s?", player.Name, player.SteamID, helpers.RoleNames[role])
confirmReq(w, r, "changeRole", title)
}
return nil
}
func removePlayerFromLobby(lobbyId uint, steamId string) (*models.Lobby, *models.Player, *helpers.TPError) {
player, tperr := models.GetPlayerBySteamID(steamId)
if tperr != nil {
return nil, nil, tperr
}
lob, tperr := models.GetLobbyByID(lobbyId)
if tperr != nil {
return nil, nil, tperr
}
switch lob.State {
case models.LobbyStateInProgress:
return lob, player, helpers.NewTPError("Lobby is in progress.", 1)
case models.LobbyStateEnded:
return lob, player, helpers.NewTPError("Lobby has closed.", 1)
}
_, err := lob.GetPlayerSlot(player)
if err != nil {
return lob, player, helpers.NewTPError("Player not playing", 2)
}
if err := lob.RemovePlayer(player); err != nil {
return lob, player, err
}
return lob, player, lob.AddSpectator(player)
}
// shitlord
func CheckPrivilege(so *wsevent.Client, action authority.AuthAction) (err *helpers.TPError) {
//Checks if the client has the neccesary authority to perform action
player, _ := models.GetPlayerBySteamID(GetSteamId(so.ID))
if !player.Role.Can(action) {
return helpers.NewTPError("You are not authorized to perform this action", -1)
}
return
}
//OnDisconnect is connected when a player with a given socketID disconnects
func OnDisconnect(socketID string) {
pprof.Clients.Add(-1)
defer chelpers.DeauthenticateSocket(socketID)
if chelpers.IsLoggedInSocket(socketID) {
steamid := chelpers.GetSteamId(socketID)
sessions.RemoveSocket(socketID, steamid)
player, tperr := models.GetPlayerBySteamID(steamid)
if tperr != nil || player == nil {
logrus.Error(tperr.Error())
return
}
ids, tperr := player.GetSpectatingIds()
if tperr != nil {
logrus.Error(tperr.Error())
return
}
for _, id := range ids {
//if this _specific_ socket is spectating this lobby, remove them from it
//player might be spectating other lobbies in another tab, but we don't care
if sessions.IsSpectating(socketID, id) {
lobby, _ := models.GetLobbyByID(id)
err := lobby.RemoveSpectator(player, true)
if err != nil {
logrus.Error(err.Error())
continue
}
sessions.RemoveSpectator(socketID)
//logrus.Debug("removing %s from %d", player.SteamId, id)
}
}
id, _ := player.GetLobbyID(true)
//if player is in a waiting lobby, and hasn't connected for > 30 seconds,
//remove him from it. Here, connected = player isn't connected from any tab/window
if id != 0 && sessions.ConnectedSockets(player.SteamID) == 0 {
time.AfterFunc(time.Second*30, func() {
if !sessions.IsConnected(player.SteamID) {
//player may have changed lobbies during this time
//fetch lobby ID again
id, err := player.GetLobbyID(true)
if err != nil {
return
}
lobby := &models.Lobby{}
db.DB.First(lobby, id)
lobby.RemovePlayer(player)
}
})
}
}
}
func playerCanKick(lobbyId uint, steamId string) (bool, *helpers.TPError) {
lob, tperr := models.GetLobbyByID(lobbyId)
if tperr != nil {
return false, tperr
}
player, tperr2 := models.GetPlayerBySteamID(steamId)
if tperr2 != nil {
return false, tperr2
}
if steamId != lob.CreatedBySteamID && player.Role != helpers.RoleAdmin {
return false, helpers.NewTPError("Not authorized to kick players", 1)
}
return true, nil
}
func verifyToken(r *http.Request, method string) error {
token := r.Form.Get("xsrf-token")
if token == "" {
return errors.New("No XSRF token present in form")
}
session, _ := controllerhelpers.GetSessionHTTP(r)
admin, _ := models.GetPlayerBySteamID(session.Values["steam_id"].(string))
valid := xsrftoken.Valid(token, config.Constants.CookieStoreSecret, admin.SteamID, method)
if !valid {
return errors.New("XSRF token is invalid")
}
return nil
}
func confirmReq(w http.ResponseWriter, r *http.Request, method, title string) {
templ, err := template.ParseFiles("views/admin/templates/confirm.html")
if err != nil {
logrus.Error(err.Error())
return
}
session, _ := controllerhelpers.GetSessionHTTP(r)
admin, _ := models.GetPlayerBySteamID(session.Values["steam_id"].(string))
token := xsrftoken.Generate(config.Constants.CookieStoreSecret, admin.SteamID, method)
templ.Execute(w, struct {
URL string
Title string
XSRFToken string
}{r.URL.String(), title, token})
}
func Remove(w http.ResponseWriter, r *http.Request) {
err := r.ParseForm()
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
}
steamid := r.Form.Get("steamid")
player, err := models.GetPlayerBySteamID(steamid)
if err != nil {
http.Error(w, err.Error(), 400)
return
}
player.Role = authority.AuthRole(0)
player.Save()
fmt.Fprintf(w, "%s (%s) is no longer an admin/mod", player.Name, player.SteamID)
}
func TestLogin(t *testing.T) {
// t.Parallel()
var count int
steamid := strconv.Itoa(rand.Int())
client := testhelpers.NewClient()
resp, err := testhelpers.Login(steamid, client)
assert.NoError(t, err)
assert.NotNil(t, resp)
bytes, _ := ioutil.ReadAll(resp.Body)
t.Log(string(bytes))
player, tperr := models.GetPlayerBySteamID(steamid)
assert.NoError(t, tperr)
assert.NotNil(t, player)
assert.Equal(t, player.SteamID, steamid)
assert.Nil(t, db.DB.Table("http_sessions").Count(&count).Error)
assert.NotEqual(t, count, 0)
assert.NotNil(t, client.Jar)
}
func (Player) PlayerSettingsGet(so *wsevent.Client, args struct {
Key *string `json:"key"`
}) interface{} {
var err error
player, _ := models.GetPlayerBySteamID(chelpers.GetSteamId(so.ID))
var settings []models.PlayerSetting
var setting models.PlayerSetting
if *args.Key == "*" {
settings, err = player.GetSettings()
} else {
setting, err = player.GetSetting(*args.Key)
settings = append(settings, setting)
}
if err != nil {
return helpers.NewTPErrorFromError(err)
}
result := models.DecoratePlayerSettingsJson(settings)
return chelpers.NewResponse(result)
}
func FilterHTTPRequest(action authority.AuthAction, f func(http.ResponseWriter, *http.Request)) func(http.ResponseWriter, *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
session, err := GetSessionHTTP(r)
if err != nil {
http.Error(w, "Internal Server Error: No session found", 500)
return
}
steamid, ok := session.Values["steam_id"]
if !ok {
http.Error(w, "Player not logged in", 401)
return
}
player, _ := models.GetPlayerBySteamID(steamid.(string))
if !(player.Role.Can(action)) {
http.Error(w, "Not authorized", 403)
return
}
f(w, r)
}
}
func (Player) PlayerReady(so *wsevent.Client, _ struct{}) interface{} {
steamid := chelpers.GetSteamId(so.ID)
player, tperr := models.GetPlayerBySteamID(steamid)
if tperr != nil {
return tperr
}
lobbyid, tperr := player.GetLobbyID(false)
if tperr != nil {
return tperr
}
lobby, tperr := models.GetLobbyByIDServer(lobbyid)
if tperr != nil {
return tperr
}
if lobby.State != models.LobbyStateReadyingUp {
return helpers.NewTPError("Lobby hasn't been filled up yet.", 4)
}
tperr = lobby.ReadyPlayer(player)
if tperr != nil {
return tperr
}
if lobby.IsEveryoneReady() {
lobby.Start()
hooks.BroadcastLobbyStart(lobby)
models.BroadcastLobbyList()
}
return chelpers.EmptySuccessJS
}