feat: reject users on disabled games, except admin in cameo

2022-12-10 22:01:42 +01:00 · 2022-12-10 22:01:42 +01:00 · 893ada71a8
commit 893ada71a8
parent a2c95abde9
4 changed files with 52 additions and 20 deletions
--- a/server/src/game/isActive.go
+++ b/server/src/game/isActive.go
@ -0,0 +1,8 @@
+package game
+
+func (gm *Game) IsActive() bool {
+	gm.mu.Lock()
+	defer gm.mu.Unlock()
+
+	return gm.state != STATE_DISABLED
+}
--- a/server/src/game/setGameState.go
+++ b/server/src/game/setGameState.go
@ -3,7 +3,8 @@ package game
 func (gm *Game) SetGameState(stateJson *GameStateJson) {
 	if stateJson.State == "idle" ||
 		stateJson.State == "collect" ||
-		stateJson.State == "final" {
+		stateJson.State == "final" ||
+		stateJson.State == "disabled" {

 		gm.state = stateJson.State
 		gm.phase = ""
--- a/server/src/handler/login.go
+++ b/server/src/handler/login.go
@ -33,6 +33,16 @@ func (authMux *AuthMux) Login(w http.ResponseWriter, r *http.Request) {
 		return
 	}

+	if !usr.IsAdmin() {
+		gm, err := authMux.app.GetGameById(usr.GetGameId())
+		if err != nil || !gm.IsActive() {
+			log.ErrorLog(fmt.Errorf("game %s disabled for user %s", gm.GetId(), usr.GetName()))
+			http.SetCookie(w, authMux.createCookie())
+			authMux.accessDenied(w, r)
+			return
+		}
+	}
+
 	log.Info("%s logged into game %s\n", usr.GetName(), usr.GetGameId())

 	cookie := authMux.createCookie()
@ -41,7 +51,6 @@ func (authMux *AuthMux) Login(w http.ResponseWriter, r *http.Request) {
 	http.SetCookie(w, cookie)
 	w.Header().Add("Content-Type", "text/plain")
 	fmt.Fprintf(w, "ok")
-
 }

 func (authMux *AuthMux) checkCode(r *http.Request) (*user.User, error) {
@ -62,7 +71,25 @@ func (authMux *AuthMux) checkCode(r *http.Request) (*user.User, error) {
 }

 func (authMux *AuthMux) Cameo(usr *user.User, w http.ResponseWriter, r *http.Request) {
-	if !usr.IsAdmin() {
+	if usr.IsAdmin() {
+		cookie := authMux.createCookie()
+		cookie.Name = cookie.Name + "-cameo"
+		usrCameo, err := authMux.checkCode(r)
+		if err != nil {
+			http.SetCookie(w, cookie)
+			authMux.accessDenied(w, r)
+			return
+		}
+
+		cookie.Value = usrCameo.GetId()
+		cookie.MaxAge = 0
+		http.SetCookie(w, cookie)
+		w.Header().Add("Content-Type", "text/plain")
+		fmt.Fprintf(w, "ok")
+		return
+	}
+
+	// non-admin: remove cameo cookie
 	usrCameo := usr.GetCameo()
 	if usrCameo != nil && usrCameo.IsAdmin() {
 		cookie := authMux.createCookie()
@ -72,21 +99,6 @@ func (authMux *AuthMux) Cameo(usr *user.User, w http.ResponseWriter, r *http.Req
 		fmt.Fprintf(w, "ok")
 		return
 	}
-		authMux.accessDenied(w, r)
-		return
-	}

-	cookie := authMux.createCookie()
-	cookie.Name = cookie.Name + "-cameo"
-	usrCameo, err := authMux.checkCode(r)
-	if err != nil {
-		http.SetCookie(w, cookie)
 	authMux.accessDenied(w, r)
-		return
-	}
-	cookie.Value = usrCameo.GetId()
-	cookie.MaxAge = 0
-	http.SetCookie(w, cookie)
-	w.Header().Add("Content-Type", "text/plain")
-	fmt.Fprintf(w, "ok")
 }
--- a/server/src/handler/private.go
+++ b/server/src/handler/private.go
@ -50,6 +50,17 @@ func (authMux *AuthMux) getUserFromSession(r *http.Request) (*user.User, error)
 				return usrNew, nil
 			}
 		}
+
+		return usr, nil
+	}
+
+	// check if game is active
+	gm, err := authMux.app.GetGameById(usr.GetGameId())
+	if err != nil {
+		return nil, err
+	}
+	if !gm.IsActive() {
+		return nil, fmt.Errorf("game %s disabled for user %s (%s)", gm.GetId(), usr.GetId(), usr.GetName())
 	}

 	return usr, nil