Add admin API, permissions, and player management routes
Introduces admin database tables, repository, and service for managing administrators and permissions. Adds new admin routes for banning players, managing cosmetics (capes), changing player passwords and usernames, and handling player textures. Updates user and session services to support admin actions and permission checks. Adds related schema validation for new endpoints.
This commit is contained in:
32
routes/admin/ban/index.js
Normal file
32
routes/admin/ban/index.js
Normal file
@@ -0,0 +1,32 @@
|
||||
const express = require("express")
|
||||
const router = express.Router()
|
||||
const userService = require("../../../services/userService")
|
||||
const adminService = require("../../../services/adminService")
|
||||
|
||||
router.get("/:uuid", adminService.hasPermission("PLAYER_BAN_STATUS"), async (req, res) => {
|
||||
const banStatus = await userService.getPlayerBanStatus(req.params.uuid)
|
||||
return res.status(200).json(banStatus)
|
||||
})
|
||||
|
||||
router.get("/:uuid/actions", adminService.hasPermission("PLAYER_ACTIONS_LIST"), async (req, res) => {
|
||||
const playerActions = await userService.getPlayerActions(req.params.uuid)
|
||||
return res.status(200).json(playerActions)
|
||||
})
|
||||
|
||||
router.get("/:uuid/history", adminService.hasPermission("PLAYER_BAN_HISTORY"), async (req, res) => {
|
||||
const banHistory = await userService.getPlayerBans(req.params.uuid)
|
||||
return res.status(200).json(banHistory)
|
||||
})
|
||||
|
||||
router.put("/:uuid", adminService.hasPermission("PLAYER_BAN"), async (req, res) => {
|
||||
const { reasonKey, reasonMessage, expires } = req.body
|
||||
const ban = await userService.banUser(req.params.uuid, { reasonKey, reasonMessage, expires })
|
||||
return res.status(200).json(ban)
|
||||
})
|
||||
|
||||
router.delete("/:uuid", adminService.hasPermission("PLAYER_UNBAN"), async (req, res) => {
|
||||
const ban = await userService.unbanUser(req.params.uuid)
|
||||
return res.status(200).json(ban)
|
||||
})
|
||||
|
||||
module.exports = router
|
||||
20
routes/admin/cosmetics/capes.js
Normal file
20
routes/admin/cosmetics/capes.js
Normal file
@@ -0,0 +1,20 @@
|
||||
const express = require("express")
|
||||
const path = require("node:path")
|
||||
const multer = require("multer")
|
||||
const router = express.Router()
|
||||
const userService = require("../../../services/userService")
|
||||
const adminService = require("../../../services/adminService")
|
||||
|
||||
const upload = multer({ dest: path.join(process.cwd(), "data/temp/") })
|
||||
|
||||
router.post("/upload", adminService.hasPermission("UPLOAD_CAPE"), upload.single("file"), async (req, res) => {
|
||||
const result = await adminService.uploadCape(req.file, req.body.alias)
|
||||
res.status(201).json(result)
|
||||
})
|
||||
|
||||
router.delete("/:hash", adminService.hasPermission("DELETE_CAPES"), async (req, res) => {
|
||||
const result = await userService.deleteGlobalCape(req.params.hash)
|
||||
res.status(200).json(result)
|
||||
})
|
||||
|
||||
module.exports = router
|
||||
4
routes/admin/index.js
Normal file
4
routes/admin/index.js
Normal file
@@ -0,0 +1,4 @@
|
||||
const express = require("express")
|
||||
const router = express.Router()
|
||||
|
||||
module.exports = router
|
||||
12
routes/admin/players/password.js
Normal file
12
routes/admin/players/password.js
Normal file
@@ -0,0 +1,12 @@
|
||||
const express = require("express")
|
||||
const router = express.Router()
|
||||
const userService = require("../../../services/userService")
|
||||
const adminService = require("../../../services/adminService")
|
||||
|
||||
router.patch("/:uuid", adminService.hasPermission("CHANGE_PLAYER_PASSWORD"), async (req, res) => {
|
||||
const { newPassword } = req.body
|
||||
const result = await userService.changePassword(req.params.uuid, newPassword)
|
||||
return res.status(200).json(result)
|
||||
})
|
||||
|
||||
module.exports = router
|
||||
23
routes/admin/players/textures.js
Normal file
23
routes/admin/players/textures.js
Normal file
@@ -0,0 +1,23 @@
|
||||
const express = require("express")
|
||||
const router = express.Router()
|
||||
const userService = require("../../../services/userService")
|
||||
const adminService = require("../../../services/adminService")
|
||||
|
||||
router.delete("/skin/:uuid", adminService.hasPermission("RESET_PLAYER_SKIN"), async (req, res) => {
|
||||
const result = await userService.resetSkin(req.params.uuid)
|
||||
return res.status(200).json(result)
|
||||
})
|
||||
|
||||
router.put("/cape/:uuid/:hash", adminService.hasPermission("GRANT_PLAYER_CAPE"), async (req, res) => {
|
||||
const { uuid, hash } = req.params
|
||||
const result = await userService.grantCape(uuid, hash)
|
||||
return res.status(200).json(result)
|
||||
})
|
||||
|
||||
router.delete("/cape/:uuid/:hash", adminService.hasPermission("REMOVE_PLAYER_CAPE"), async (req, res) => {
|
||||
const { uuid, hash } = req.params
|
||||
const result = await userService.removeCape(uuid, hash)
|
||||
return res.status(200).json(result)
|
||||
})
|
||||
|
||||
module.exports = router
|
||||
12
routes/admin/players/username.js
Normal file
12
routes/admin/players/username.js
Normal file
@@ -0,0 +1,12 @@
|
||||
const express = require("express")
|
||||
const router = express.Router()
|
||||
const userService = require("../../../services/userService")
|
||||
const adminService = require("../../../services/adminService")
|
||||
|
||||
router.patch("/:uuid", adminService.hasPermission("CHANGE_PLAYER_USERNAME"), async (req, res) => {
|
||||
const { newUsername } = req.body
|
||||
const result = await userService.changeUsername(req.params.uuid, newUsername)
|
||||
return res.status(200).json(result)
|
||||
})
|
||||
|
||||
module.exports = router
|
||||
@@ -1,23 +1,44 @@
|
||||
const express = require("express")
|
||||
const router = express.Router()
|
||||
const utils = require("../modules/utils")
|
||||
const logger = require("../modules/logger")
|
||||
const authService = require("../services/authService")
|
||||
const adminService = require("../services/adminService")
|
||||
|
||||
router.post("/", async (req, res) => {
|
||||
const { username, password, email, registrationCountry, preferredLanguage } = req.body
|
||||
const clientIp = req.headers["x-forwarded-for"] || req.connection.remoteAddress
|
||||
if (utils.isTrueFromDotEnv("SUPPORT_REGISTER")) {
|
||||
router.post("/", adminService.hasPermission("REGISTER_USER"), async (req, res) => {
|
||||
const { username, password, email, registrationCountry, preferredLanguage } = req.body
|
||||
const clientIp = req.headers["x-forwarded-for"] || req.connection.remoteAddress
|
||||
|
||||
const result = await authService.registerUser({
|
||||
username,
|
||||
password,
|
||||
email,
|
||||
registrationCountry,
|
||||
preferredLanguage,
|
||||
clientIp
|
||||
const result = await authService.registerUser({
|
||||
username,
|
||||
password,
|
||||
email,
|
||||
registrationCountry,
|
||||
preferredLanguage,
|
||||
clientIp
|
||||
})
|
||||
|
||||
logger.log(`New user registered: ${username}`, ["Web", "yellow", "AUTH", "green"])
|
||||
return res.status(200).json(result)
|
||||
})
|
||||
} else {
|
||||
router.post("/", async (req, res) => {
|
||||
const { username, password, email, registrationCountry, preferredLanguage } = req.body
|
||||
const clientIp = req.headers["x-forwarded-for"] || req.connection.remoteAddress
|
||||
|
||||
logger.log(`New user registered: ${username}`, ["Web", "yellow", "AUTH", "green"])
|
||||
return res.status(200).json(result)
|
||||
})
|
||||
const result = await authService.registerUser({
|
||||
username,
|
||||
password,
|
||||
email,
|
||||
registrationCountry,
|
||||
preferredLanguage,
|
||||
clientIp
|
||||
})
|
||||
|
||||
logger.log(`New user registered: ${username}`, ["Web", "yellow", "AUTH", "green"])
|
||||
return res.status(200).json(result)
|
||||
})
|
||||
}
|
||||
|
||||
module.exports = router
|
||||
Reference in New Issue
Block a user