mirror of
https://github.com/CyberL1/Minecraft-Realms-Emulator.git
synced 2024-12-22 04:18:21 -05:00
feat: check realm owner
This commit is contained in:
parent
5115c608d7
commit
029b7230f5
@ -0,0 +1,11 @@
|
||||
namespace Minecraft_Realms_Emulator.Attributes
|
||||
{
|
||||
[AttributeUsage(AttributeTargets.Method)]
|
||||
public class CheckRealmOwnerAttribute : Attribute
|
||||
{
|
||||
public bool IsRealmOwner(string playerUUID, string ownerUUID)
|
||||
{
|
||||
return playerUUID == ownerUUID;
|
||||
}
|
||||
}
|
||||
}
|
@ -94,6 +94,7 @@ namespace Minecraft_Realms_Emulator.Controllers
|
||||
}
|
||||
|
||||
[HttpPost("{wId}")]
|
||||
[CheckRealmOwner]
|
||||
public async Task<ActionResult<World>> InvitePlayer(int wId, PlayerRequest body)
|
||||
{
|
||||
string cookie = Request.Headers.Cookie;
|
||||
@ -137,6 +138,7 @@ namespace Minecraft_Realms_Emulator.Controllers
|
||||
}
|
||||
|
||||
[HttpDelete("{wId}/invite/{uuid}")]
|
||||
[CheckRealmOwner]
|
||||
public async Task<ActionResult<bool>> DeleteInvite(int wId, string uuid)
|
||||
{
|
||||
var world = await _context.Worlds.FirstOrDefaultAsync(w => w.Id == wId);
|
||||
|
@ -18,6 +18,7 @@ namespace Minecraft_Realms_Emulator.Controllers
|
||||
}
|
||||
|
||||
[HttpPost("{wId}/{uuid}")]
|
||||
[CheckRealmOwner]
|
||||
public ActionResult<OpsResponse> OpPlayer(int wId, string uuid)
|
||||
{
|
||||
var ops = _context.Players.Where(p => p.World.Id == wId && p.Operator == true).ToList();
|
||||
@ -46,6 +47,7 @@ namespace Minecraft_Realms_Emulator.Controllers
|
||||
}
|
||||
|
||||
[HttpDelete("{wId}/{uuid}")]
|
||||
[CheckRealmOwner]
|
||||
public ActionResult<OpsResponse> DeopPlayer(int wId, string uuid)
|
||||
{
|
||||
var ops = _context.Players.Where(p => p.World.Id == wId && p.Operator == true).ToList();
|
||||
|
@ -17,10 +17,11 @@ namespace Minecraft_Realms_Emulator.Controllers
|
||||
{
|
||||
_context = context;
|
||||
}
|
||||
[HttpGet("{id}")]
|
||||
public async Task<ActionResult<SubscriptionResponse>> Get(int id)
|
||||
[HttpGet("{wId}")]
|
||||
[CheckRealmOwner]
|
||||
public async Task<ActionResult<SubscriptionResponse>> Get(int wId)
|
||||
{
|
||||
var world = await _context.Worlds.Include(w => w.Subscription).FirstOrDefaultAsync(w => w.Id == id);
|
||||
var world = await _context.Worlds.Include(w => w.Subscription).FirstOrDefaultAsync(w => w.Id == wId);
|
||||
|
||||
if (world?.Subscription == null) return NotFound("Subscription not found");
|
||||
|
||||
|
@ -138,13 +138,14 @@ namespace Minecraft_Realms_Emulator.Controllers
|
||||
return Ok(servers);
|
||||
}
|
||||
|
||||
[HttpGet("{id}")]
|
||||
public async Task<ActionResult<WorldResponse>> GetWorldById(int id)
|
||||
[HttpGet("{wId}")]
|
||||
[CheckRealmOwner]
|
||||
public async Task<ActionResult<WorldResponse>> GetWorldById(int wId)
|
||||
{
|
||||
string cookie = Request.Headers.Cookie;
|
||||
string gameVersion = cookie.Split(";")[2].Split("=")[1];
|
||||
|
||||
var world = await _context.Worlds.Include(w => w.Players).Include(w => w.Subscription).Include(w => w.Slots).FirstOrDefaultAsync(w => w.Id == id);
|
||||
var world = await _context.Worlds.Include(w => w.Players).Include(w => w.Subscription).Include(w => w.Slots).FirstOrDefaultAsync(w => w.Id == wId);
|
||||
|
||||
if (world?.Subscription == null) return NotFound("World not found");
|
||||
|
||||
@ -208,6 +209,7 @@ namespace Minecraft_Realms_Emulator.Controllers
|
||||
}
|
||||
|
||||
[HttpPost("{id}/initialize")]
|
||||
[CheckRealmOwner]
|
||||
public async Task<ActionResult<World>> Initialize(int id, WorldCreateRequest body)
|
||||
{
|
||||
string cookie = Request.Headers.Cookie;
|
||||
@ -268,6 +270,7 @@ namespace Minecraft_Realms_Emulator.Controllers
|
||||
}
|
||||
|
||||
[HttpPost("{id}/reset")]
|
||||
[CheckRealmOwner]
|
||||
public ActionResult<bool> Reset(int id)
|
||||
{
|
||||
Console.WriteLine($"Resetting world {id}");
|
||||
@ -291,6 +294,7 @@ namespace Minecraft_Realms_Emulator.Controllers
|
||||
}
|
||||
|
||||
[HttpPut("{id}/close")]
|
||||
[CheckRealmOwner]
|
||||
public async Task<ActionResult<bool>> Close(int id)
|
||||
{
|
||||
var worlds = await _context.Worlds.ToListAsync();
|
||||
@ -307,6 +311,7 @@ namespace Minecraft_Realms_Emulator.Controllers
|
||||
}
|
||||
|
||||
[HttpPost("{id}")]
|
||||
[CheckRealmOwner]
|
||||
public async Task<ActionResult<bool>> UpdateWorld(int id, WorldCreateRequest body)
|
||||
{
|
||||
var worlds = await _context.Worlds.ToListAsync();
|
||||
@ -324,6 +329,7 @@ namespace Minecraft_Realms_Emulator.Controllers
|
||||
}
|
||||
|
||||
[HttpPost("{wId}/slot/{sId}")]
|
||||
[CheckRealmOwner]
|
||||
public async Task<ActionResult<bool>> UpdateSlotAsync(int wId, int sId, SlotOptionsRequest body)
|
||||
{
|
||||
var slots = await _context.Slots.Where(s => s.World.Id == wId).ToListAsync();
|
||||
@ -346,6 +352,7 @@ namespace Minecraft_Realms_Emulator.Controllers
|
||||
}
|
||||
|
||||
[HttpPut("{wId}/slot/{sId}")]
|
||||
[CheckRealmOwner]
|
||||
public ActionResult<bool> SwitchSlot(int wId, int sId)
|
||||
{
|
||||
var world = _context.Worlds.Find(wId);
|
||||
@ -386,6 +393,7 @@ namespace Minecraft_Realms_Emulator.Controllers
|
||||
}
|
||||
|
||||
[HttpGet("{Id}/backups")]
|
||||
[CheckRealmOwner]
|
||||
public async Task<ActionResult<BackupsResponse>> GetBackups(int id)
|
||||
{
|
||||
var backups = await _context.Backups.Where(b => b.World.Id == id).ToListAsync();
|
||||
@ -407,6 +415,7 @@ namespace Minecraft_Realms_Emulator.Controllers
|
||||
}
|
||||
|
||||
[HttpDelete("{wId}")]
|
||||
[CheckRealmOwner]
|
||||
public ActionResult<bool> DeleteRealm(int wId)
|
||||
{
|
||||
var world = _context.Worlds.Find(wId);
|
||||
|
@ -0,0 +1,35 @@
|
||||
using Minecraft_Realms_Emulator.Attributes;
|
||||
using Minecraft_Realms_Emulator.Data;
|
||||
using Minecraft_Realms_Emulator.Entities;
|
||||
|
||||
namespace Minecraft_Realms_Emulator.Middlewares
|
||||
{
|
||||
public class CheckRealmOwnerMiddleware(RequestDelegate next)
|
||||
{
|
||||
private readonly RequestDelegate _next = next;
|
||||
|
||||
public async Task Invoke(HttpContext httpContext, DataContext db)
|
||||
{
|
||||
var endpoint = httpContext.GetEndpoint();
|
||||
var attribute = endpoint?.Metadata.GetMetadata<CheckRealmOwnerAttribute>();
|
||||
|
||||
if (attribute == null)
|
||||
{
|
||||
await _next(httpContext);
|
||||
return;
|
||||
}
|
||||
|
||||
string playerUUID = httpContext.Request.Headers.Cookie.ToString().Split(";")[0].Split(":")[2];
|
||||
World world = db.Worlds.Find(int.Parse(httpContext.Request.RouteValues["wId"].ToString()));
|
||||
|
||||
if (world != null && !attribute.IsRealmOwner(playerUUID, world.OwnerUUID))
|
||||
{
|
||||
httpContext.Response.StatusCode = 403;
|
||||
await httpContext.Response.WriteAsync("You don't own this world");
|
||||
return;
|
||||
}
|
||||
|
||||
await _next(httpContext);
|
||||
}
|
||||
}
|
||||
}
|
@ -42,6 +42,7 @@ if (app.Environment.IsDevelopment())
|
||||
}
|
||||
|
||||
app.UseMiddleware<MinecraftCookieMiddleware>();
|
||||
app.UseMiddleware<CheckRealmOwnerMiddleware>();
|
||||
|
||||
app.MapControllers();
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user