azures04/Yggdrasil
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Yggdrasil/repositories/adminRepository.js
azures04 439094013d Add admin API, permissions, and player management routes 
Introduces admin database tables, repository, and service for managing administrators and permissions. Adds new admin routes for banning players, managing cosmetics (capes), changing player passwords and usernames, and handling player textures. Updates user and session services to support admin actions and permission checks. Adds related schema validation for new endpoints.
2026-01-05 04:44:56 +01:00

131 lines
4.8 KiB
JavaScript
Raw Blame History

const logger = require("../modules/logger")
const database = require("../modules/database")
const { DefaultError } = require("../errors/errors")
async function getAdminById(id) {
try {
const sql = "SELECT id, username, createdAt FROM api_administrators WHERE id = ?"
const rows = await database.query(sql, [id])
return rows[0] || null
} catch (error) {
logger.log("Internal Server Error".bold + " : " + error.toString(), ["MariaDB", "yellow"])
throw new DefaultError(500, "Internal Server Error", "Database Error")
}
}
async function createAdmin(username, hashedPassword) {
try {
const sql = "INSERT INTO api_administrators (username, password) VALUES (?, ?)"
const result = await database.query(sql, [username, hashedPassword])
if (result.affectedRows > 0) {
return { code: 200, id: result.insertId, username }
} else {
throw new DefaultError(500, "Failed to create administrator.")
}
} catch (error) {
if (error.code === "ER_DUP_ENTRY") {
throw new DefaultError(409, "Administrator username already exists.")
}
logger.log("Internal Server Error".bold + " : " + error.toString(), ["MariaDB", "yellow"])
throw new DefaultError(500, "Internal Server Error", "Database Error")
}
}
async function hasPermission(adminId, permissionKey) {
try {
const sql = `
SELECT COUNT(*) as count
FROM api_administrators_permissions
WHERE administrator_id = ? AND permission_key = ?
`
const rows = await database.query(sql, [adminId, permissionKey])
return rows[0].count === 1
} catch (error) {
logger.log("Internal Server Error".bold + " : " + error.toString(), ["MariaDB", "yellow"])
throw new DefaultError(500, "Internal Server Error", "Database Error")
}
}
async function assignPermission(adminId, permissionKey) {
try {
const sql = "INSERT INTO api_administrators_permissions (administrator_id, permission_key) VALUES (?, ?)"
const result = await database.query(sql, [adminId, permissionKey])
return result.affectedRows > 0
} catch (error) {
if (error.code === "ER_DUP_ENTRY") return true
logger.log("Internal Server Error".bold + " : " + error.toString(), ["MariaDB", "yellow"])
throw new DefaultError(500, "Internal Server Error", "Database Error")
}
}
async function revokePermission(adminId, permissionKey) {
try {
const sql = "DELETE FROM api_administrators_permissions WHERE administrator_id = ? AND permission_key = ?"
const result = await database.query(sql, [adminId, permissionKey])
return result.affectedRows > 0
} catch (error) {
logger.log("Internal Server Error".bold + " : " + error.toString(), ["MariaDB", "yellow"])
throw new DefaultError(500, "Internal Server Error", "Database Error")
}
}
async function getAdminPermissions(adminId) {
try {
const sql = `
SELECT permission_key
FROM api_administrators_permissions
WHERE administrator_id = ?
`
const rows = await database.query(sql, [adminId])
return rows.map(r => r.permission_key)
} catch (error) {
logger.log("Internal Server Error".bold + " : " + error.toString(), ["MariaDB", "yellow"])
throw new DefaultError(500, "Internal Server Error", "Database Error")
}
}
async function updateAdminPassword(adminId, newHashedPassword) {
try {
const sql = "UPDATE api_administrators SET password = ? WHERE id = ?"
const result = await database.query(sql, [newHashedPassword, adminId])
if (result.affectedRows > 0) {
return {
code: 200,
message: "Password updated successfully."
}
} else {
throw new DefaultError(404, "Administrator not found.")
}
} catch (error) {
if (error instanceof DefaultError) throw error
logger.log("Internal Server Error".bold + " : " + error.toString(), ["MariaDB", "yellow"])
throw new DefaultError(500, "Internal Server Error", "Database Error")
}
}
async function getAdminByUsername(username) {
try {
const sql = "SELECT id, username, password, createdAt FROM api_administrators WHERE username = ?"
const rows = await database.query(sql, [username])
return rows[0] || null
} catch (error) {
logger.log("Internal Server Error".bold + " : " + error.toString(), ["MariaDB", "yellow"])
throw new DefaultError(500, "Internal Server Error", "Database Error")
}
}
module.exports = {
createAdmin,
getAdminById,
hasPermission,
assignPermission,
revokePermission,
getAdminByUsername,
getAdminPermissions,
updateAdminPassword
}
Reference in New Issue View Git Blame Copy Permalink