Admin panel upgrade server updates

.gitignore

@@ -14,3 +14,5 @@ secret.key
 *.ipr
 *.iws
 .vscode/launch.json
+
+/.vs

api/common.go

@@ -68,7 +68,11 @@ func Init(mux *http.ServeMux) error {
 	mux.HandleFunc("/auth/{provider}/logout", handleProviderLogout)
 
 	// admin
-	mux.HandleFunc("POST /admin/account/discord-link", handleAdminDiscordLink)
+	mux.HandleFunc("POST /admin/account/discordLink", handleAdminDiscordLink)
+	mux.HandleFunc("POST /admin/account/discordUnlink", handleAdminDiscordUnlink)
+	mux.HandleFunc("POST /admin/account/googleLink", handleAdminGoogleLink)
+	mux.HandleFunc("POST /admin/account/googleUnlink", handleAdminGoogleUnlink)
+	mux.HandleFunc("GET /admin/account/adminSearch", handleAdminSearch)
 
 	return nil
 }

api/endpoints.go

@@ -165,7 +165,7 @@
 }
 
 func handleGameClassicSessionCount(w http.ResponseWriter, r *http.Request) {
 	w.Write([]byte(strconv.Itoa(classicSessionCount)))
 }
 
 func handleSession(w http.ResponseWriter, r *http.Request) {
@@ -562,7 +562,7 @@
 		httpError(w, r, err, http.StatusInternalServerError)
 	}
 
 	w.Write([]byte(strconv.Itoa(count)))
 }
 
 // redirect link after authorizing application link
@@ -693,13 +693,257 @@
 		return
 	}
 
-	err = db.AddDiscordIdByUsername(r.Form.Get("discordId"), r.Form.Get("username"))
+	username := r.Form.Get("username")
+	discordId := r.Form.Get("discordId")
+
+	// this does a quick call to make sure the username exists on the server before allowing the rest of the code to run
+	// this calls error value 404 (StatusNotFound) if there's no data; this means the username does not exist in the server
+	_, err = db.CheckUsernameExists(username)
+	if err != nil {
+		httpError(w, r, fmt.Errorf("username does not exist on the server"), http.StatusNotFound)
+		return
+	}
+
+	userUuid, err := db.FetchUUIDFromUsername(username)
+	if err != nil {
+		httpError(w, r, err, http.StatusInternalServerError)
+		return
+	}
+
+	err = db.AddDiscordIdByUUID(discordId, userUuid)
 	if err != nil {
 		httpError(w, r, err, http.StatusInternalServerError)
 		return
 	}
 
-	log.Printf("%s: %s added discord id %s to username %s", r.URL.Path, userDiscordId, r.Form.Get("discordId"), r.Form.Get("username"))
+	log.Printf("%s: %s added discord id %s to username %s", r.URL.Path, userDiscordId, discordId, username)
+
+	w.WriteHeader(http.StatusOK)
+}
+
+func handleAdminDiscordUnlink(w http.ResponseWriter, r *http.Request) {
+	err := r.ParseForm()
+	if err != nil {
+		httpError(w, r, fmt.Errorf("failed to parse request form: %s", err), http.StatusBadRequest)
+		return
+	}
+
+	uuid, err := uuidFromRequest(r)
+	if err != nil {
+		httpError(w, r, err, http.StatusUnauthorized)
+		return
+	}
+
+	userDiscordId, err := db.FetchDiscordIdByUUID(uuid)
+	if err != nil {
+		httpError(w, r, err, http.StatusUnauthorized)
+		return
+	}
+
+	hasRole, err := account.IsUserDiscordAdmin(userDiscordId, account.DiscordGuildID)
+	if !hasRole || err != nil {
+		httpError(w, r, fmt.Errorf("user does not have the required role"), http.StatusForbidden)
+		return
+	}
+
+	username := r.Form.Get("username")
+	discordId := r.Form.Get("discordId")
+
+	switch {
+		case username != "":
+			log.Printf("Username given, removing discordId")
+			// this does a quick call to make sure the username exists on the server before allowing the rest of the code to run
+			// this calls error value 404 (StatusNotFound) if there's no data; this means the username does not exist in the server
+			_, err = db.CheckUsernameExists(username)
+			if err != nil {
+				httpError(w, r, fmt.Errorf("username does not exist on the server"), http.StatusNotFound)
+				return
+			}
+
+			userUuid, err := db.FetchUUIDFromUsername(username)
+			if err != nil {
+				httpError(w, r, err, http.StatusInternalServerError)
+				return
+			}
+
+			err = db.RemoveDiscordIdByUUID(userUuid)
+			if err != nil {
+				httpError(w, r, err, http.StatusInternalServerError)
+				return
+			}
+		case discordId != "":
+			log.Printf("DiscordID given, removing discordId")
+			err = db.RemoveDiscordIdByDiscordId(discordId)
+			if err != nil {
+				httpError(w, r, err, http.StatusInternalServerError)
+				return
+			}
+	}
+
+	log.Printf("%s: %s removed discord id %s from username %s", userDiscordId, r.URL.Path, r.Form.Get("discordId"), r.Form.Get("username"))
 
 	w.WriteHeader(http.StatusOK)
 }
+
+func handleAdminGoogleLink(w http.ResponseWriter, r *http.Request) {
+	err := r.ParseForm()
+	if err != nil {
+		httpError(w, r, fmt.Errorf("failed to parse request form: %s", err), http.StatusBadRequest)
+		return
+	}
+
+	uuid, err := uuidFromRequest(r)
+	if err != nil {
+		httpError(w, r, err, http.StatusUnauthorized)
+		return
+	}
+
+	userDiscordId, err := db.FetchDiscordIdByUUID(uuid)
+	if err != nil {
+		httpError(w, r, err, http.StatusUnauthorized)
+		return
+	}
+
+	hasRole, err := account.IsUserDiscordAdmin(userDiscordId, account.DiscordGuildID)
+	if !hasRole || err != nil {
+		httpError(w, r, fmt.Errorf("user does not have the required role"), http.StatusForbidden)
+		return
+	}
+
+	username := r.Form.Get("username")
+	googleId := r.Form.Get("googleId")
+
+	// this does a quick call to make sure the username exists on the server before allowing the rest of the code to run
+	// this calls error value 404 (StatusNotFound) if there's no data; this means the username does not exist in the server
+	_, err = db.CheckUsernameExists(username)
+	if err != nil {
+		httpError(w, r, fmt.Errorf("username does not exist on the server"), http.StatusNotFound)
+		return
+	}
+
+	userUuid, err := db.FetchUUIDFromUsername(username)
+	if err != nil {
+		httpError(w, r, err, http.StatusInternalServerError)
+		return
+	}
+
+	err = db.AddGoogleIdByUUID(googleId, userUuid)
+	if err != nil {
+		httpError(w, r, err, http.StatusInternalServerError)
+		return
+	}
+
+	log.Printf("%s: %s added google id %s to username %s", r.URL.Path, userDiscordId, googleId, username)
+
+	w.WriteHeader(http.StatusOK)
+}
+
+func handleAdminGoogleUnlink(w http.ResponseWriter, r *http.Request) {
+	err := r.ParseForm()
+	if err != nil {
+		httpError(w, r, fmt.Errorf("failed to parse request form: %s", err), http.StatusBadRequest)
+		return
+	}
+
+	uuid, err := uuidFromRequest(r)
+	if err != nil {
+		httpError(w, r, err, http.StatusUnauthorized)
+		return
+	}
+
+	userDiscordId, err := db.FetchDiscordIdByUUID(uuid)
+	if err != nil {
+		httpError(w, r, err, http.StatusUnauthorized)
+		return
+	}
+
+	hasRole, err := account.IsUserDiscordAdmin(userDiscordId, account.DiscordGuildID)
+	if !hasRole || err != nil {
+		httpError(w, r, fmt.Errorf("user does not have the required role"), http.StatusForbidden)
+		return
+	}
+
+	username := r.Form.Get("username")
+	googleId := r.Form.Get("googleId")
+
+	switch {
+		case username != "":
+			log.Printf("Username given, removing googleId")
+			// this does a quick call to make sure the username exists on the server before allowing the rest of the code to run
+			// this calls error value 404 (StatusNotFound) if there's no data; this means the username does not exist in the server
+			_, err = db.CheckUsernameExists(username)
+			if err != nil {
+				httpError(w, r, fmt.Errorf("username does not exist on the server"), http.StatusNotFound)
+				return
+			}
+
+			userUuid, err := db.FetchUUIDFromUsername(username)
+			if err != nil {
+				httpError(w, r, err, http.StatusInternalServerError)
+				return
+			}
+
+			err = db.RemoveGoogleIdByUUID(userUuid)
+			if err != nil {
+				httpError(w, r, err, http.StatusInternalServerError)
+				return
+			}
+		case googleId != "":
+			log.Printf("DiscordID given, removing googleId")
+			err = db.RemoveGoogleIdByDiscordId(googleId)
+			if err != nil {
+				httpError(w, r, err, http.StatusInternalServerError)
+				return
+			}
+	}
+
+	log.Printf("%s: %s removed google id %s from username %s", userDiscordId, r.URL.Path, r.Form.Get("googleId"), r.Form.Get("username"))
+
+	w.WriteHeader(http.StatusOK)
+}
+
+func handleAdminSearch(w http.ResponseWriter, r *http.Request) {
+	err := r.ParseForm()
+	if err != nil {
+		httpError(w, r, fmt.Errorf("failed to parse request form: %s", err), http.StatusBadRequest)
+		return
+	}
+
+	uuid, err := uuidFromRequest(r)
+	if err != nil {
+		httpError(w, r, err, http.StatusUnauthorized)
+		return
+	}
+
+	userDiscordId, err := db.FetchDiscordIdByUUID(uuid)
+	if err != nil {
+		httpError(w, r, err, http.StatusUnauthorized)
+		return
+	}
+
+	hasRole, err := account.IsUserDiscordAdmin(userDiscordId, account.DiscordGuildID)
+	if !hasRole || err != nil {
+		httpError(w, r, fmt.Errorf("user does not have the required role"), http.StatusForbidden)
+		return
+	}
+
+	username := r.Form.Get("username")
+
+	// this does a quick call to make sure the username exists on the server before allowing the rest of the code to run
+	// this calls error value 404 (StatusNotFound) if there's no data; this means the username does not exist in the server
+	_, err = db.CheckUsernameExists(username)
+	if err != nil {
+		httpError(w, r, fmt.Errorf("username does not exist on the server"), http.StatusNotFound)
+		return
+	}
+
+	// this does a single call that does a query for multiple columns from our database and makes an object out of it, which is returned to us
+	adminSearchResult, err := db.FetchAdminDetailsByUsername(username)
+	if err != nil {
+		httpError(w, r, err, http.StatusInternalServerError)
+		return
+	}
+
+	writeJSON(w, r, adminSearchResult)
+	log.Printf("%s: %s searched for username %s", userDiscordId, r.URL.Path, username)
+}

beta.env

@@ -0,0 +1,13 @@
+VITE_BYPASS_LOGIN=0
+VITE_BYPASS_TUTORIAL=0
+VITE_SERVER_URL=http://{serverIP}:8001
+VITE_DISCORD_CLIENT_ID=1248062921129459756
+VITE_GOOGLE_CLIENT_ID=955345393540-2k6lfftf0fdnb0krqmpthjnqavfvvf73.apps.googleusercontent.com
+VITE_I18N_DEBUG=1
+debug=true
+dbaddr=db
+dbuser=pokerogue
+dbpass=pokerogue
+dbname=pokeroguedb 
+gameurl=http://{devMachineIP}:8000 
+callbackurl=http://{serverIP}:8001