diff options
| author | Arda Serdar Pektezol <1669855+pektezol@users.noreply.github.com> | 2024-10-31 22:06:00 +0300 |
|---|---|---|
| committer | Arda Serdar Pektezol <1669855+pektezol@users.noreply.github.com> | 2024-10-31 22:06:00 +0300 |
| commit | 4210c9b38f9053f6720a6bebaadefd24c542eaa9 (patch) | |
| tree | 5b0061e23cf91291ed9e5f387766148d45103591 /backend/handlers/record.go | |
| parent | chore: change repo name to lphub (diff) | |
| download | lphub-4210c9b38f9053f6720a6bebaadefd24c542eaa9.tar.gz lphub-4210c9b38f9053f6720a6bebaadefd24c542eaa9.tar.bz2 lphub-4210c9b38f9053f6720a6bebaadefd24c542eaa9.zip | |
backend: better auth check, audit logging
Diffstat (limited to 'backend/handlers/record.go')
| -rw-r--r-- | backend/handlers/record.go | 31 |
1 files changed, 2 insertions, 29 deletions
diff --git a/backend/handlers/record.go b/backend/handlers/record.go index e43cc61..bedde57 100644 --- a/backend/handlers/record.go +++ b/backend/handlers/record.go | |||
| @@ -53,12 +53,7 @@ func CreateRecordWithDemo(c *gin.Context) { | |||
| 53 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) | 53 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) |
| 54 | return | 54 | return |
| 55 | } | 55 | } |
| 56 | // Check if user exists | 56 | user, _ := c.Get("user") |
| 57 | user, exists := c.Get("user") | ||
| 58 | if !exists { | ||
| 59 | c.JSON(http.StatusOK, models.ErrorResponse("User not logged in.")) | ||
| 60 | return | ||
| 61 | } | ||
| 62 | // Check if map is sp or mp | 57 | // Check if map is sp or mp |
| 63 | var gameName string | 58 | var gameName string |
| 64 | var isCoop bool | 59 | var isCoop bool |
| @@ -76,12 +71,10 @@ func CreateRecordWithDemo(c *gin.Context) { | |||
| 76 | // Get record request | 71 | // Get record request |
| 77 | var record RecordRequest | 72 | var record RecordRequest |
| 78 | if err := c.ShouldBind(&record); err != nil { | 73 | if err := c.ShouldBind(&record); err != nil { |
| 79 | CreateLog(user.(models.User).SteamID, LogTypeRecord, LogDescriptionCreateRecordInvalidRequestFail, "BIND: "+err.Error()) | ||
| 80 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) | 74 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) |
| 81 | return | 75 | return |
| 82 | } | 76 | } |
| 83 | if isCoop && record.PartnerDemo == nil { | 77 | if isCoop && record.PartnerDemo == nil { |
| 84 | CreateLog(user.(models.User).SteamID, LogTypeRecord, LogDescriptionCreateRecordInvalidRequestFail) | ||
| 85 | c.JSON(http.StatusOK, models.ErrorResponse("Missing partner demo for coop submission.")) | 78 | c.JSON(http.StatusOK, models.ErrorResponse("Missing partner demo for coop submission.")) |
| 86 | return | 79 | return |
| 87 | } | 80 | } |
| @@ -112,21 +105,18 @@ func CreateRecordWithDemo(c *gin.Context) { | |||
| 112 | // Upload & insert into demos | 105 | // Upload & insert into demos |
| 113 | err = c.SaveUploadedFile(header, "parser/"+uuid+".dem") | 106 | err = c.SaveUploadedFile(header, "parser/"+uuid+".dem") |
| 114 | if err != nil { | 107 | if err != nil { |
| 115 | CreateLog(user.(models.User).SteamID, LogTypeRecord, LogDescriptionCreateRecordSaveDemoFail, err.Error()) | ||
| 116 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) | 108 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) |
| 117 | return | 109 | return |
| 118 | } | 110 | } |
| 119 | defer os.Remove("parser/" + uuid + ".dem") | 111 | defer os.Remove("parser/" + uuid + ".dem") |
| 120 | f, err := os.Open("parser/" + uuid + ".dem") | 112 | f, err := os.Open("parser/" + uuid + ".dem") |
| 121 | if err != nil { | 113 | if err != nil { |
| 122 | CreateLog(user.(models.User).SteamID, LogTypeRecord, LogDescriptionCreateRecordOpenDemoFail, err.Error()) | ||
| 123 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) | 114 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) |
| 124 | return | 115 | return |
| 125 | } | 116 | } |
| 126 | defer f.Close() | 117 | defer f.Close() |
| 127 | parserResult, err := parser.ProcessDemo("parser/" + uuid + ".dem") | 118 | parserResult, err := parser.ProcessDemo("parser/" + uuid + ".dem") |
| 128 | if err != nil { | 119 | if err != nil { |
| 129 | CreateLog(user.(models.User).SteamID, LogTypeRecord, LogDescriptionCreateRecordProcessDemoFail, err.Error()) | ||
| 130 | c.JSON(http.StatusOK, models.ErrorResponse("Error while processing demo: "+err.Error())) | 120 | c.JSON(http.StatusOK, models.ErrorResponse("Error while processing demo: "+err.Error())) |
| 131 | return | 121 | return |
| 132 | } | 122 | } |
| @@ -139,7 +129,6 @@ func CreateRecordWithDemo(c *gin.Context) { | |||
| 139 | hostSteamID = parserResult.HostSteamID | 129 | hostSteamID = parserResult.HostSteamID |
| 140 | partnerSteamID = parserResult.PartnerSteamID | 130 | partnerSteamID = parserResult.PartnerSteamID |
| 141 | if hostDemoScoreCount == 0 && hostDemoScoreTime == 0 { | 131 | if hostDemoScoreCount == 0 && hostDemoScoreTime == 0 { |
| 142 | CreateLog(user.(models.User).SteamID, LogTypeRecord, LogDescriptionCreateRecordProcessDemoFail, err.Error()) | ||
| 143 | c.JSON(http.StatusOK, models.ErrorResponse("Processing demo went wrong. Please contact a web admin and provide the demo in question.")) | 132 | c.JSON(http.StatusOK, models.ErrorResponse("Processing demo went wrong. Please contact a web admin and provide the demo in question.")) |
| 144 | return | 133 | return |
| 145 | } | 134 | } |
| @@ -161,7 +150,6 @@ func CreateRecordWithDemo(c *gin.Context) { | |||
| 161 | } | 150 | } |
| 162 | file, err := createFile(srv, uuid+".dem", "application/octet-stream", f, os.Getenv("GOOGLE_FOLDER_ID")) | 151 | file, err := createFile(srv, uuid+".dem", "application/octet-stream", f, os.Getenv("GOOGLE_FOLDER_ID")) |
| 163 | if err != nil { | 152 | if err != nil { |
| 164 | CreateLog(user.(models.User).SteamID, LogTypeRecord, LogDescriptionCreateRecordCreateDemoFail, err.Error()) | ||
| 165 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) | 153 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) |
| 166 | return | 154 | return |
| 167 | } | 155 | } |
| @@ -177,7 +165,6 @@ func CreateRecordWithDemo(c *gin.Context) { | |||
| 177 | _, err = tx.Exec(`INSERT INTO demos (id,location_id) VALUES ($1,$2)`, uuid, file.Id) | 165 | _, err = tx.Exec(`INSERT INTO demos (id,location_id) VALUES ($1,$2)`, uuid, file.Id) |
| 178 | if err != nil { | 166 | if err != nil { |
| 179 | deleteFile(srv, file.Id) | 167 | deleteFile(srv, file.Id) |
| 180 | CreateLog(user.(models.User).SteamID, LogTypeRecord, LogDescriptionCreateRecordInsertDemoFail, err.Error()) | ||
| 181 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) | 168 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) |
| 182 | return | 169 | return |
| 183 | } | 170 | } |
| @@ -229,7 +216,6 @@ func CreateRecordWithDemo(c *gin.Context) { | |||
| 229 | if err != nil { | 216 | if err != nil { |
| 230 | deleteFile(srv, hostDemoFileID) | 217 | deleteFile(srv, hostDemoFileID) |
| 231 | deleteFile(srv, partnerDemoFileID) | 218 | deleteFile(srv, partnerDemoFileID) |
| 232 | CreateLog(user.(models.User).SteamID, LogTypeRecord, LogDescriptionCreateRecordInsertRecordFail, err.Error()) | ||
| 233 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) | 219 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) |
| 234 | return | 220 | return |
| 235 | } | 221 | } |
| @@ -239,7 +225,6 @@ func CreateRecordWithDemo(c *gin.Context) { | |||
| 239 | _, err := tx.Exec(sql, mapID, hostDemoScoreCount, hostDemoScoreTime, user.(models.User).SteamID, hostDemoUUID) | 225 | _, err := tx.Exec(sql, mapID, hostDemoScoreCount, hostDemoScoreTime, user.(models.User).SteamID, hostDemoUUID) |
| 240 | if err != nil { | 226 | if err != nil { |
| 241 | deleteFile(srv, hostDemoFileID) | 227 | deleteFile(srv, hostDemoFileID) |
| 242 | CreateLog(user.(models.User).SteamID, LogTypeRecord, LogDescriptionCreateRecordInsertRecordFail, err.Error()) | ||
| 243 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) | 228 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) |
| 244 | return | 229 | return |
| 245 | } | 230 | } |
| @@ -248,7 +233,6 @@ func CreateRecordWithDemo(c *gin.Context) { | |||
| 248 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) | 233 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) |
| 249 | return | 234 | return |
| 250 | } | 235 | } |
| 251 | CreateLog(user.(models.User).SteamID, LogTypeRecord, LogDescriptionCreateRecordSuccess) | ||
| 252 | c.JSON(http.StatusOK, models.Response{ | 236 | c.JSON(http.StatusOK, models.Response{ |
| 253 | Success: true, | 237 | Success: true, |
| 254 | Message: "Successfully created record.", | 238 | Message: "Successfully created record.", |
| @@ -277,11 +261,7 @@ func DeleteRecord(c *gin.Context) { | |||
| 277 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) | 261 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) |
| 278 | return | 262 | return |
| 279 | } | 263 | } |
| 280 | user, exists := c.Get("user") | 264 | user, _ := c.Get("user") |
| 281 | if !exists { | ||
| 282 | c.JSON(http.StatusOK, models.ErrorResponse("User not logged in.")) | ||
| 283 | return | ||
| 284 | } | ||
| 285 | // Validate map | 265 | // Validate map |
| 286 | var validateMapID int | 266 | var validateMapID int |
| 287 | var isCoop bool | 267 | var isCoop bool |
| @@ -302,12 +282,10 @@ func DeleteRecord(c *gin.Context) { | |||
| 302 | sql = `SELECT mp.id FROM records_mp mp WHERE mp.id = $1 AND mp.map_id = $2 AND (mp.host_id = $3 OR mp.partner_id = $3) AND is_deleted = false` | 282 | sql = `SELECT mp.id FROM records_mp mp WHERE mp.id = $1 AND mp.map_id = $2 AND (mp.host_id = $3 OR mp.partner_id = $3) AND is_deleted = false` |
| 303 | err = database.DB.QueryRow(sql, recordID, mapID, user.(models.User).SteamID).Scan(&validateRecordID) | 283 | err = database.DB.QueryRow(sql, recordID, mapID, user.(models.User).SteamID).Scan(&validateRecordID) |
| 304 | if err != nil { | 284 | if err != nil { |
| 305 | CreateLog(user.(models.User).SteamID, LogTypeRecord, LogDescriptionDeleteRecordFail, "SELECT#records_mp: "+err.Error()) | ||
| 306 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) | 285 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) |
| 307 | return | 286 | return |
| 308 | } | 287 | } |
| 309 | if recordID != validateRecordID { | 288 | if recordID != validateRecordID { |
| 310 | CreateLog(user.(models.User).SteamID, LogTypeRecord, LogDescriptionDeleteRecordFail, "recordID != validateRecordID") | ||
| 311 | c.JSON(http.StatusOK, models.ErrorResponse("Selected record does not exist.")) | 289 | c.JSON(http.StatusOK, models.ErrorResponse("Selected record does not exist.")) |
| 312 | return | 290 | return |
| 313 | } | 291 | } |
| @@ -315,7 +293,6 @@ func DeleteRecord(c *gin.Context) { | |||
| 315 | sql = `UPDATE records_mp SET is_deleted = true WHERE id = $1` | 293 | sql = `UPDATE records_mp SET is_deleted = true WHERE id = $1` |
| 316 | _, err = database.DB.Exec(sql, recordID) | 294 | _, err = database.DB.Exec(sql, recordID) |
| 317 | if err != nil { | 295 | if err != nil { |
| 318 | CreateLog(user.(models.User).SteamID, LogTypeRecord, LogDescriptionDeleteRecordFail, "UPDATE#records_mp: "+err.Error()) | ||
| 319 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) | 296 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) |
| 320 | return | 297 | return |
| 321 | } | 298 | } |
| @@ -325,12 +302,10 @@ func DeleteRecord(c *gin.Context) { | |||
| 325 | sql = `SELECT sp.id FROM records_sp sp WHERE sp.id = $1 AND sp.map_id = $2 AND sp.user_id = $3 AND is_deleted = false` | 302 | sql = `SELECT sp.id FROM records_sp sp WHERE sp.id = $1 AND sp.map_id = $2 AND sp.user_id = $3 AND is_deleted = false` |
| 326 | err = database.DB.QueryRow(sql, recordID, mapID, user.(models.User).SteamID).Scan(&validateRecordID) | 303 | err = database.DB.QueryRow(sql, recordID, mapID, user.(models.User).SteamID).Scan(&validateRecordID) |
| 327 | if err != nil { | 304 | if err != nil { |
| 328 | CreateLog(user.(models.User).SteamID, LogTypeRecord, LogDescriptionDeleteRecordFail, "SELECT#records_sp: "+err.Error()) | ||
| 329 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) | 305 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) |
| 330 | return | 306 | return |
| 331 | } | 307 | } |
| 332 | if recordID != validateRecordID { | 308 | if recordID != validateRecordID { |
| 333 | CreateLog(user.(models.User).SteamID, LogTypeRecord, LogDescriptionDeleteRecordFail, "recordID != validateRecordID") | ||
| 334 | c.JSON(http.StatusOK, models.ErrorResponse("Selected record does not exist.")) | 309 | c.JSON(http.StatusOK, models.ErrorResponse("Selected record does not exist.")) |
| 335 | return | 310 | return |
| 336 | } | 311 | } |
| @@ -338,12 +313,10 @@ func DeleteRecord(c *gin.Context) { | |||
| 338 | sql = `UPDATE records_sp SET is_deleted = true WHERE id = $1` | 313 | sql = `UPDATE records_sp SET is_deleted = true WHERE id = $1` |
| 339 | _, err = database.DB.Exec(sql, recordID) | 314 | _, err = database.DB.Exec(sql, recordID) |
| 340 | if err != nil { | 315 | if err != nil { |
| 341 | CreateLog(user.(models.User).SteamID, LogTypeRecord, LogDescriptionDeleteRecordFail, "UPDATE#records_sp: "+err.Error()) | ||
| 342 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) | 316 | c.JSON(http.StatusOK, models.ErrorResponse(err.Error())) |
| 343 | return | 317 | return |
| 344 | } | 318 | } |
| 345 | } | 319 | } |
| 346 | CreateLog(user.(models.User).SteamID, LogTypeRecord, LogDescriptionDeleteRecordSuccess) | ||
| 347 | c.JSON(http.StatusOK, models.Response{ | 320 | c.JSON(http.StatusOK, models.Response{ |
| 348 | Success: true, | 321 | Success: true, |
| 349 | Message: "Successfully deleted record.", | 322 | Message: "Successfully deleted record.", |