feat(core): added new permission for server log

frvgs · Oct 13, 2024 · 5c70c89 · 5c70c89
1 parent ba9b45b
commit 5c70c89
Show file tree

Hide file tree

Showing 6 changed files with 40 additions and 8 deletions.
diff --git a/core/components/AdminVault/index.js b/core/components/AdminVault/index.js
@@ -11,6 +11,10 @@ import consoleFactory from '@extras/console';
 import chalk from 'chalk';
 const console = consoleFactory(modulename);
 
+//FIXME: The way I'm doing bersioning right now is horrible
+// but for now it's the best I can do
+const ADMIN_SCHEMA_VERSION = 1;
+
 
 //Helpers
 const migrateProviderIdentifiers = (providerName, providerData) => {
@@ -48,6 +52,7 @@ export default class AdminVault {
             'commands.resources': 'Start/Stop Resources',
             'server.cfg.editor': 'Read/Write server.cfg', //FIXME: rename to server.cfg_editor
             'txadmin.log.view': 'View System Logs', //FIXME: rename to system.log.view
+            'server.log.view': 'View Server Logs',
 
             'menu.vehicle': 'Spawn / Fix Vehicles',
             'menu.clear_area': 'Reset world area',
@@ -151,6 +156,7 @@ export default class AdminVault {
             };
         }
         const newAdmin = {
+            $schema: ADMIN_SCHEMA_VERSION,
             name: username,
             master: true,
             password_hash: (isPlainText) ? GetPasswordHash(password) : password,
@@ -326,12 +332,13 @@ export default class AdminVault {
 
         //Preparing admin
         const admin = {
-            name: name,
+            $schema: ADMIN_SCHEMA_VERSION,
+            name,
             master: false,
             password_hash: GetPasswordHash(password),
             password_temporary: true,
             providers: {},
-            permissions: permissions,
+            permissions,
         };
 
         //Check if provider uid already taken and inserting into admin object
@@ -533,13 +540,26 @@ export default class AdminVault {
             return callError('must have exactly 1 master account');
         }
 
-        //Migration (tx v7.3.0): separate DM and Announcement permissions
+        //Migrate admin stuff
         jsonData.forEach((admin) => {
-            if (admin.permissions.includes('players.message')) {
+            //Migration (tx v7.3.0)
+            if (admin.$schema === undefined) {
+                //adding schema version
+                admin.$schema = ADMIN_SCHEMA_VERSION;
                 hasMigration = true;
-                admin.permissions = admin.permissions.filter((perm) => perm !== 'players.message');
-                admin.permissions.push('players.direct_message');
-                admin.permissions.push('announcement');
+
+                //separate DM and Announcement permissions
+                if (admin.permissions.includes('players.message')) {
+                    hasMigration = true;
+                    admin.permissions = admin.permissions.filter((perm) => perm !== 'players.message');
+                    admin.permissions.push('players.direct_message');
+                    admin.permissions.push('announcement');
+                }
+
+                //Adding the new permission, except if they have no permissions or all of them
+                if (admin.permissions.length && !admin.permissions.includes('all_permissions')) {
+                    admin.permissions.push('server.log.view');
+                }
             }
         });
 

diff --git a/core/webroutes/serverLog.js b/core/webroutes/serverLog.js
@@ -8,6 +8,11 @@ const console = consoleFactory(modulename);
  * @param {object} ctx
  */
 export default async function ServerLog(ctx) {
+    //Check permissions
+    if (!ctx.admin.hasPermission('txadmin.log.view')) {
+        return ctx.utils.render('main/message', { message: 'You don\'t have permission to view this page.' });
+    }
+
     const renderData = {
         headerTitle: 'Server Log',
     };

diff --git a/core/webroutes/serverLogPartial.js b/core/webroutes/serverLogPartial.js
@@ -8,6 +8,11 @@ const console = consoleFactory(modulename);
  * @param {object} ctx
  */
 export default async function ServerLogPartial(ctx) {
+    //Check permissions
+    if (!ctx.admin.hasPermission('txadmin.log.view')) {
+        return sendTypedResp({ error: 'You don\'t have permission to call this endpoint.' });
+    }
+
     const isDigit = /^\d{13}$/;
     const sliceSize = 500;
 

diff --git a/docs/permissions.md b/docs/permissions.md
@@ -15,6 +15,7 @@ The permissions are saved in the `txData/admins.json` file and can be edited thr
 - `commands.resources`: Start/Stop Resources;
 - `server.cfg.editor`: Read/Write server.cfg;
 - `txadmin.log.view`: View txAdmin Log;
+- `server.log.view`: View Server Log;
 - `menu.vehicle`: Spawn / Fix Vehicles;
 - `players.direct_message`: Send a direct message to a player;
 - `players.whitelist`: Whitelist player;

diff --git a/nui/src/state/permissions.state.ts b/nui/src/state/permissions.state.ts
@@ -22,6 +22,7 @@ export type ResolvablePermission =
   | "settings.view"
   | "settings.write"
   | "txadmin.log.view"
+  | "server.log.view"
   | "menu.vehicle"
   | "menu.clear_area"
   | "players.spectate"

diff --git a/panel/src/layout/ServerSidebar/ServerMenu.tsx b/panel/src/layout/ServerSidebar/ServerMenu.tsx
@@ -88,7 +88,7 @@ export default function ServerMenu() {
                 <MenuNavLink href="/server/resources">
                     <BoxIcon className="mr-2 h-4 w-4" />Resources
                 </MenuNavLink>
-                <MenuNavLink href="/server/server-log">
+                <MenuNavLink href="/server/server-log" disabled={!hasPerm('txadmin.log.view')}>
                     <EyeIcon className="mr-2 h-4 w-4" />Server Log
                 </MenuNavLink>
                 <MenuNavLink href="/server/cfg-editor" disabled={!hasPerm('server.cfg.editor')}>