Union/ProjectLighthouse
1
0
Fork 0
mirror of https://github.com/LBPUnion/ProjectLighthouse.git synced 2025-07-28 07:58:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Fix comments and unauthorize null users

Browse source
This commit is contained in:
FeTetra 2024-12-17 03:12:26 -05:00
commit cb6d77203b
3 changed files with 14 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

10
ProjectLighthouse.Servers.GameServer/Controllers/CommentController.cs
View file

@ -36,10 +36,12 @@ public class CommentController : ControllerBase
GameTokenEntity token = this.GetToken();
UserEntity? user = await this.database.UserFromGameToken(token);
if (user == null) return this.Unauthorized();
// Return bad request if both are true or both are false
if ((slotId == 0 || SlotHelper.IsTypeInvalid(slotType)) == (username == null)) return this.BadRequest();
// Return bad request on unverified email if enforcement is enabled
if (emailEnforcementEnabled && !user.EmailAddressVerified) return this.BadRequest();
bool success = await this.database.RateComment(token.UserId, commentId, rating);
@ -59,6 +61,7 @@ public class CommentController : ControllerBase
if ((slotId == 0 || SlotHelper.IsTypeInvalid(slotType)) == (username == null)) return this.BadRequest();
// Return bad request on unverified email if enforcement is enabled
if (emailEnforcementEnabled && !user.EmailAddressVerified) return this.BadRequest();
int originalSlotId = slotId;
@ -126,11 +129,13 @@ public class CommentController : ControllerBase
GameTokenEntity token = this.GetToken();
UserEntity? user = await this.database.UserFromGameToken(token);
if (user == null) return this.Unauthorized();
// Deny request if in read-only mode
if (ServerConfiguration.Instance.UserGeneratedContentLimits.ReadOnlyMode) return this.BadRequest();
if (emailEnforcementEnabled && !user.EmailAddressVerified) return this.BadRequest();
// Return bad request on unverified email if enforcement is enabled
if (emailEnforcementEnabled && !user.EmailAddressVerified) return this.BadRequest();
GameComment? comment = await this.DeserializeBody<GameComment>();
if (comment?.Message == null) return this.BadRequest();
@ -175,7 +180,8 @@ public class CommentController : ControllerBase
if ((slotId == 0 || SlotHelper.IsTypeInvalid(slotType)) == (username == null)) return this.BadRequest();
if (emailEnforcementEnabled && !user.EmailAddressVerified) return this.BadRequest();
// Return bad request on unverified email if enforcement is enabled
if (emailEnforcementEnabled && !user.EmailAddressVerified) return this.BadRequest();
CommentEntity? comment = await this.database.Comments.FirstOrDefaultAsync(c => c.CommentId == commentId);
if (comment == null) return this.NotFound();

6
ProjectLighthouse.Servers.GameServer/Controllers/Matching/EnterLevelController.cs
View file

@ -37,11 +37,12 @@ public class EnterLevelController : ControllerBase
GameTokenEntity token = this.GetToken();
UserEntity? user = await this.database.UserFromGameToken(token);
if (user == null) return this.Unauthorized();
if (SlotHelper.IsTypeInvalid(slotType)) return this.BadRequest();
// Return bad request on unverified email if enforcement is enabled
if (emailEnforcementEnabled && !user.EmailAddressVerified) return this.BadRequest();
if (emailEnforcementEnabled && !user.EmailAddressVerified) return this.BadRequest();
// don't count plays for developer slots
if (slotType == "developer") return this.Ok();
@ -112,11 +113,12 @@ public class EnterLevelController : ControllerBase
GameTokenEntity token = this.GetToken();
UserEntity? user = await this.database.UserFromGameToken(token);
if (user == null) return this.Unauthorized();
if (SlotHelper.IsTypeInvalid(slotType)) return this.BadRequest();
// Return bad request on unverified email if enforcement is enabled
if (emailEnforcementEnabled && !user.EmailAddressVerified) return this.BadRequest();
if (emailEnforcementEnabled && !user.EmailAddressVerified) return this.BadRequest();
if (slotType == "developer") return this.Ok();

3
ProjectLighthouse.Servers.GameServer/Controllers/Matching/MatchController.cs
View file

@ -43,8 +43,9 @@ public class MatchController : ControllerBase
GameTokenEntity token = this.GetToken();
UserEntity? user = await this.database.UserFromGameToken(token);
if (user == null) return this.Forbid();
if (user == null) return this.Unauthorized();
// Return bad request on unverified email if enforcement is enabled
if (emailEnforcementEnabled && !user.EmailAddressVerified) return this.BadRequest();
await LastContactHelper.SetLastContact(this.database, user, token.GameVersion, token.Platform);