From fddef506c82862962aa544f9220e690182c3617f Mon Sep 17 00:00:00 2001 From: Slendy Date: Fri, 2 Sep 2022 21:52:41 -0500 Subject: [PATCH] Fix photos with me and admin granted slots --- .../Controllers/Resources/PhotosController.cs | 10 ++++- .../Controllers/Slots/PublishController.cs | 4 +- .../Controllers/Slots/SlotsController.cs | 38 +++++++++---------- ProjectLighthouse/PlayerData/Profiles/User.cs | 2 +- 4 files changed, 30 insertions(+), 24 deletions(-) diff --git a/ProjectLighthouse.Servers.GameServer/Controllers/Resources/PhotosController.cs b/ProjectLighthouse.Servers.GameServer/Controllers/Resources/PhotosController.cs index a3b09d9f..e19c432c 100644 --- a/ProjectLighthouse.Servers.GameServer/Controllers/Resources/PhotosController.cs +++ b/ProjectLighthouse.Servers.GameServer/Controllers/Resources/PhotosController.cs @@ -200,7 +200,7 @@ public class PhotosController : ControllerBase p.PhotoId, p.PhotoSubjectCollection, }).ToList(); - List photoIds = (from v in list where photoSubjectIds.Any(ps => v.PhotoSubjectCollection.Contains(ps.ToString())) select v.PhotoId).ToList(); + List photoIds = (from v in list where photoSubjectIds.Any(ps => v.PhotoSubjectCollection.Split(",").Contains(ps.ToString())) select v.PhotoId).ToList(); string response = Enumerable.Aggregate( this.database.Photos.Where(p => photoIds.Any(id => p.PhotoId == id) && p.CreatorId != targetUserId) @@ -221,7 +221,13 @@ public class PhotosController : ControllerBase Photo? photo = await this.database.Photos.FirstOrDefaultAsync(p => p.PhotoId == id); if (photo == null) return this.NotFound(); - if (photo.CreatorId != token.UserId) return this.StatusCode(401, ""); + + // If user isn't photo creator then check if they own the level + if (photo.CreatorId != token.UserId) + { + Slot? photoSlot = await this.database.Slots.FirstOrDefaultAsync(s => s.SlotId == photo.SlotId && s.Type == SlotType.User); + if (photoSlot == null || photoSlot.CreatorId != token.UserId) return this.StatusCode(401, ""); + } foreach (string idStr in photo.PhotoSubjectIds) { if (!int.TryParse(idStr, out int subjectId)) throw new InvalidCastException(idStr + " is not a valid number."); diff --git a/ProjectLighthouse.Servers.GameServer/Controllers/Slots/PublishController.cs b/ProjectLighthouse.Servers.GameServer/Controllers/Slots/PublishController.cs index 7982ec01..d462cfdd 100644 --- a/ProjectLighthouse.Servers.GameServer/Controllers/Slots/PublishController.cs +++ b/ProjectLighthouse.Servers.GameServer/Controllers/Slots/PublishController.cs @@ -68,7 +68,7 @@ public class PublishController : ControllerBase return this.BadRequest(); } } - else if (user.GetUsedSlotsForGame(gameToken.GameVersion) > ServerConfiguration.Instance.UserGeneratedContentLimits.EntitledSlots) + else if (user.GetUsedSlotsForGame(gameToken.GameVersion) > user.EntitledSlots) { return this.StatusCode(403, ""); } @@ -205,7 +205,7 @@ public class PublishController : ControllerBase return this.Ok(oldSlot.Serialize(gameToken.GameVersion)); } - if (user.GetUsedSlotsForGame(slotVersion) > ServerConfiguration.Instance.UserGeneratedContentLimits.EntitledSlots) + if (user.GetUsedSlotsForGame(slotVersion) > user.EntitledSlots) { Logger.Warn("Rejecting level upload, too many published slots", LogArea.Publish); return this.BadRequest(); diff --git a/ProjectLighthouse.Servers.GameServer/Controllers/Slots/SlotsController.cs b/ProjectLighthouse.Servers.GameServer/Controllers/Slots/SlotsController.cs index 010d622e..631212ae 100644 --- a/ProjectLighthouse.Servers.GameServer/Controllers/Slots/SlotsController.cs +++ b/ProjectLighthouse.Servers.GameServer/Controllers/Slots/SlotsController.cs @@ -24,7 +24,7 @@ public class SlotsController : ControllerBase this.database = database; } - private string GenerateSlotsResponse(string slotAggregate, int start, int total) => + private static string generateSlotsResponse(string slotAggregate, int start, int total) => LbpSerializer.TaggedStringElement("slots", slotAggregate, new Dictionary @@ -47,21 +47,21 @@ public class SlotsController : ControllerBase GameVersion gameVersion = token.GameVersion; - int targetUserId = await this.database.Users.Where(dbUser => dbUser.Username == u).Select(dbUser => dbUser.UserId).FirstOrDefaultAsync(); - if (targetUserId == 0) return this.NotFound(); + User? targetUser = await this.database.Users.Where(dbUser => dbUser.Username == u).FirstOrDefaultAsync(); + if (targetUser == null) return this.NotFound(); string response = Enumerable.Aggregate ( - this.database.Slots.ByGameVersion(gameVersion, token.UserId == targetUserId, true) - .Where(s => s.CreatorId == targetUserId) + this.database.Slots.ByGameVersion(gameVersion, token.UserId == targetUser.UserId, true) + .Where(s => s.CreatorId == targetUser.UserId) .Skip(Math.Max(0, pageStart - 1)) - .Take(Math.Min(pageSize, ServerConfiguration.Instance.UserGeneratedContentLimits.EntitledSlots)), + .Take(Math.Min(pageSize, targetUser.UsedSlots)), string.Empty, (current, slot) => current + slot.Serialize(token.GameVersion) ); - int start = pageStart + Math.Min(pageSize, ServerConfiguration.Instance.UserGeneratedContentLimits.EntitledSlots); - int total = await this.database.Slots.CountAsync(s => s.CreatorId == targetUserId); - return this.Ok(this.GenerateSlotsResponse(response, start, total)); + int start = pageStart + Math.Min(pageSize, targetUser.UsedSlots); + int total = await this.database.Slots.CountAsync(s => s.CreatorId == targetUser.UserId); + return this.Ok(generateSlotsResponse(response, start, total)); } [HttpGet("slotList")] @@ -183,7 +183,7 @@ public class SlotsController : ControllerBase string response = Enumerable.Aggregate(slots, string.Empty, (current, slot) => current + slot.Serialize(gameVersion)); int start = pageStart + Math.Min(pageSize, ServerConfiguration.Instance.UserGeneratedContentLimits.EntitledSlots); int total = await StatisticsHelper.SlotCount(); - return this.Ok(this.GenerateSlotsResponse(response, start, total)); + return this.Ok(generateSlotsResponse(response, start, total)); } [HttpGet("slots/like/{slotType}/{slotId:int}")] @@ -219,7 +219,7 @@ public class SlotsController : ControllerBase int start = pageStart + Math.Min(pageSize, ServerConfiguration.Instance.UserGeneratedContentLimits.EntitledSlots); int total = slotIdsWithTag.Count; - return this.Ok(this.GenerateSlotsResponse(response, start, total)); + return this.Ok(generateSlotsResponse(response, start, total)); } [HttpGet("slots/highestRated")] @@ -242,7 +242,7 @@ public class SlotsController : ControllerBase int start = pageStart + Math.Min(pageSize, ServerConfiguration.Instance.UserGeneratedContentLimits.EntitledSlots); int total = await StatisticsHelper.SlotCount(); - return this.Ok(this.GenerateSlotsResponse(response, start, total)); + return this.Ok(generateSlotsResponse(response, start, total)); } [HttpGet("slots/tag")] @@ -270,7 +270,7 @@ public class SlotsController : ControllerBase int start = pageStart + Math.Min(pageSize, ServerConfiguration.Instance.UserGeneratedContentLimits.EntitledSlots); int total = slotIdsWithTag.Count; - return this.Ok(this.GenerateSlotsResponse(response, start, total)); + return this.Ok(generateSlotsResponse(response, start, total)); } [HttpGet("slots/mmpicks")] @@ -292,7 +292,7 @@ public class SlotsController : ControllerBase int start = pageStart + Math.Min(pageSize, ServerConfiguration.Instance.UserGeneratedContentLimits.EntitledSlots); int total = await StatisticsHelper.TeamPickCount(); - return this.Ok(this.GenerateSlotsResponse(response, start, total)); + return this.Ok(generateSlotsResponse(response, start, total)); } [HttpGet("slots/lbp2luckydip")] @@ -311,7 +311,7 @@ public class SlotsController : ControllerBase int start = pageStart + Math.Min(pageSize, ServerConfiguration.Instance.UserGeneratedContentLimits.EntitledSlots); int total = await StatisticsHelper.SlotCount(); - return this.Ok(this.GenerateSlotsResponse(response, start, total)); + return this.Ok(generateSlotsResponse(response, start, total)); } [HttpGet("slots/thumbs")] @@ -343,7 +343,7 @@ public class SlotsController : ControllerBase int start = pageStart + Math.Min(pageSize, ServerConfiguration.Instance.UserGeneratedContentLimits.EntitledSlots); int total = await StatisticsHelper.SlotCount(); - return this.Ok(this.GenerateSlotsResponse(response, start, total)); + return this.Ok(generateSlotsResponse(response, start, total)); } [HttpGet("slots/mostUniquePlays")] @@ -389,7 +389,7 @@ public class SlotsController : ControllerBase int start = pageStart + Math.Min(pageSize, ServerConfiguration.Instance.UserGeneratedContentLimits.EntitledSlots); int total = await StatisticsHelper.SlotCount(); - return this.Ok(this.GenerateSlotsResponse(response, start, total)); + return this.Ok(generateSlotsResponse(response, start, total)); } [HttpGet("slots/mostHearted")] @@ -421,7 +421,7 @@ public class SlotsController : ControllerBase int start = pageStart + Math.Min(pageSize, ServerConfiguration.Instance.UserGeneratedContentLimits.EntitledSlots); int total = await StatisticsHelper.SlotCount(); - return this.Ok(this.GenerateSlotsResponse(response, start, total)); + return this.Ok(generateSlotsResponse(response, start, total)); } // /slots/busiest?pageStart=1&pageSize=30&gameFilterType=both&players=1&move=true @@ -477,7 +477,7 @@ public class SlotsController : ControllerBase int start = pageStart + Math.Min(pageSize, ServerConfiguration.Instance.UserGeneratedContentLimits.EntitledSlots); int total = playersBySlotId.Count; - return this.Ok(this.GenerateSlotsResponse(response, start, total)); + return this.Ok(generateSlotsResponse(response, start, total)); } diff --git a/ProjectLighthouse/PlayerData/Profiles/User.cs b/ProjectLighthouse/PlayerData/Profiles/User.cs index 9dee10f3..cfaaa6c3 100644 --- a/ProjectLighthouse/PlayerData/Profiles/User.cs +++ b/ProjectLighthouse/PlayerData/Profiles/User.cs @@ -93,7 +93,7 @@ public class User p.PhotoId, p.PhotoSubjectCollection, }).ToList(); - List photoIds = (from v in list where photoSubjectIds.Any(ps => v.PhotoSubjectCollection.Contains(ps.ToString())) select v.PhotoId).ToList(); + List photoIds = (from v in list where photoSubjectIds.Any(ps => v.PhotoSubjectCollection.Split(",").Contains(ps.ToString())) select v.PhotoId).ToList(); return this.database.Photos.Count(p => photoIds.Any(pId => p.PhotoId == pId) && p.CreatorId != this.UserId); }