Deploy permissions 🎉

Author: Smaug6739

__frontend/controllers/admin.js

@@ -1,6 +1,6 @@
 const axios = require('axios')
 const path = require('path');
-const { statusUser } = require('../functions');
+const { statusUser, hasPermissions } = require('../functions');
 const config = require('../config');
 const { WebhookClient } = require('discord.js')
 const WebhookReport = new WebhookClient(config.webhook.forumReport.id, config.webhook.forumReport.token);
@@ -54,10 +54,12 @@ exports.getCategorie = (req, res) => {
     axios.get(`http://localhost:8080/api/v1/forum/getCategorie/${req.params.categorieId}/${req.params.page}`)
         .then(async (responce) => {
             if (responce.data.status === 'success') {
+                const status = await statusUser(req.session)
                 res.render(path.join(__dirname, '../pages/forum/categorie.ejs'), {
-                    userConnected: await statusUser(req.session),
+                    userConnected: status,
                     topics: responce.data.result,
-                    categorieId: req.params.categorieId
+                    categorieId: req.params.categorieId,
+                    modo: hasPermissions(status.permissions, ['MODERATOR'])
                 })
             } else {
                 res.render(path.join(__dirname, '../pages/error.ejs'), {
@@ -169,7 +171,7 @@ exports.updateMessage = (req, res) => {
 
 
 exports.deleteMessage = (req, res) => {
-    axios.delete(`http://localhost:8080/api/v1/forum/message/${req.params.messageId}/${req.params.categorieId}/${req.session.user.id}`, {
+    axios.delete(`http://localhost:8080/api/v1/forum/message/${req.params.messageId}/${req.session.user.id}`, {
         headers: { 'Authorization': `${req.session.user.id} ${req.session.user.token}` },
     })
         .then(async (responce) => {
@@ -191,7 +193,7 @@ exports.deleteMessage = (req, res) => {
 }
 
 exports.deleteTopic = (req, res) => {
-    axios.delete(`http://localhost:8080/api/v1/forum/topic/${req.params.topicId}/${req.session.user.id}`, {
+    axios.delete(`http://localhost:8080/api/v1/forum/topic/${req.params.topicId}`, {
         headers: { 'Authorization': `${req.session.user.id} ${req.session.user.token}` }
     })
         .then(async (responce) => {

__frontend/controllers/forum.js

@@ -1,26 +1,61 @@
-const axios  = require('axios');
+const axios = require('axios');
 const config = require('./config')
 exports.statusUser = async (session) => {
     let userConnected = {
-        auth : false, 
-        userPermissions : -1
+        auth: false,
+        userPermissions: -1
     }
 
-    if(!session || !session.user) { //User non connecté
+    if (!session || !session.user) { //User non connecté
         return userConnected = {
-            auth : false,
-            userPermissions : -1,
+            auth: false,
+            userPermissions: -1,
             id: -1,
-            userAvatar : "default.png"
+            userAvatar: "default.png"
         }
-    }else{
-        const msgs = await axios.get(`${config.urlAPI}dm/nb-msgs-new/${session.user.id}`,{ headers : { 'Authorization' : `token ${session.user.token}`}})
+    } else {
+        const msgs = await axios.get(`${config.urlAPI}dm/nb-msgs-new/${session.user.id}`, { headers: { 'Authorization': `token ${session.user.token}` } })
         return userConnected = {
-            auth : true,
+            auth: true,
             id: session.user.id,
-            userPermissions : session.user.userPermissions,
-            userAvatar : session.user.userAvatar,
-            nbMsgs : msgs.data.result.nb_msgs || 0
+            userPermissions: session.user.userPermissions,
+            permissions: this.convertPermissions(session.user.userPermissions),
+            userAvatar: session.user.userAvatar,
+            nbMsgs: msgs.data.result.nb_msgs || 0
         }
     }
 }
+
+exports.convertPermissions = (userPermsNumber) => {
+    let userPermissions = [];
+    const permissions = [
+        { value: 256, permission: 'MANAGE_ALBUM' },
+        { value: 128, permission: 'MANAGE_ANNOUNCEMENTS' },
+        { value: 64, permission: 'MANAGE_REQUESTS' },
+        { value: 32, permission: 'MANAGE_FORUM' },
+        { value: 16, permission: 'MANAGE_ARTICLES' },
+        { value: 8, permission: 'MANAGE_MEMBERS' },
+        { value: 4, permission: 'MODERATOR' },
+        { value: 2, permission: 'STAFF' },
+        { value: 1, permission: 'ADMINISTRATOR' },
+    ]
+    for (let permission of permissions) {
+        const rest = userPermsNumber % permission.value;
+        if (rest == 0 && userPermsNumber != 0) {
+            userPermissions.push(permission.permission);
+            break;
+        }
+        if (rest < userPermsNumber) {
+            userPermissions.push(permission.permission);
+            userPermsNumber = rest
+        }
+    }
+    return userPermissions;
+}
+exports.hasPermissions = (userPermissions, permissionsRequested) => {
+    if (userPermissions[0].permission === 'ADMINISTRATOR') return true;
+    for (permRequested of permissionsRequested) {
+        if (!permissionsRequested.includes(permRequested)) return false;
+    }
+    return true;
+}

__frontend/functions.js

@@ -1,11 +1,13 @@
-
+const { convertPermissions } = require('../functions')
 module.exports = async (req, res, next) => {
-    try{
-        if(!req.session || !req.session.user) throw 'Missing session'
-        else if(req.session.user && req.session.user.userPermissions < 3) throw 'Missing permissions'
-        next()
-    }catch(err){
+    try {
+        const userPermissions = convertPermissions(req.session.user.userPermissions)
+        req.user = {
+            permissions: userPermissions
+        }
+        if (userPermissions.length) next()
+        else throw 'Bad permissions'
+    } catch (err) {
         res.status(401).redirect('/')
-        //json(checkAndChange(new Error('Requete non authentifiée')));
     }
 };