andyburke/autonomous.contact
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feature: rooms and events implemented on the backend

Browse source
This commit is contained in:
Andy Burke 2025-06-27 17:54:04 -07:00
parent df00324e24
commit 85024c6e62
29 changed files with 1659 additions and 115 deletions
Download patch file Download diff file Expand all files Collapse all files

21
public/api/users/:id/README.md
View file

@ -1,21 +0,0 @@
# /api/users/:id
Interact with a specific user.
## GET /api/users/:id
Get the user specified by `:id`. (user match/admin)
## PUT /api/users/:id
Update the user specified by `:id`. (user match/admin)
```
{
username?: string; // update username
}
```
## DELETE /api/users/:id
Delete the user specified by `:id`. (user match/admin)

21
public/api/users/:user_id/README.md Normal file
View file

@ -0,0 +1,21 @@
# /api/users/:user_id
Interact with a specific user.
## GET /api/users/:user_id
Get the user specified by `:user_id`. (user match/admin)
## PUT /api/users/:user_id
Update the user specified by `:user_id`. (user match/admin)
```
{
username?: string; // update username
}
```
## DELETE /api/users/:user_id
Delete the user specified by `:user_id`. (user match/admin)

54
public/api/users/:id/index.ts → public/api/users/:user_id/index.ts
View file

@ -2,17 +2,16 @@ import { get_session, get_user, PRECHECK_TABLE, require_user } from '../../../..
import { PASSWORD_ENTRIES, PASSWORD_ENTRY } from '../../../../models/password_entry.ts';
import { SESSIONS } from '../../../../models/session.ts';
import { USER, USERS } from '../../../../models/user.ts';
import { PERMISSIONS_STORE, USER_PERMISSIONS } from '../../../../models/user_permissions.ts';
import parse_body from '../../../../utils/bodyparser.ts';
import { CANNED_RESPONSES } from '../../../../utils/canned_responses.ts';
import * as CANNED_RESPONSES from '../../../../utils/canned_responses.ts';
export const PRECHECKS: PRECHECK_TABLE = {};
// GET /api/users/:id - Get single user
PRECHECKS.GET = [get_session, get_user, require_user, (_req: Request, meta: Record<string, any>): Response | undefined => {
const user_is_self = !!meta.user && !!meta.params && meta.user.id === meta.params.id;
const can_read_self = meta.user_permissions?.permissions.includes('self.read');
const can_read_others = meta.user_permissions?.permissions?.includes('users.read');
const user_is_self = !!meta.user && !!meta.params && meta.user.id === meta.params.user_id;
const can_read_self = meta.user?.permissions.includes('self.read');
const can_read_others = meta.user?.permissions?.includes('users.read');
const has_permission = can_read_others || (can_read_self && user_is_self);
if (!has_permission) {
@ -20,7 +19,7 @@ PRECHECKS.GET = [get_session, get_user, require_user, (_req: Request, meta: Reco
}
}];
export async function GET(_req: Request, meta: Record<string, any>): Promise<Response> {
const user_id: string = meta.params?.id?.toLowerCase().trim() ?? '';
const user_id: string = meta.params?.user_id?.toLowerCase().trim() ?? '';
const user: USER | null = user_id.length === 49 ? await USERS.get(user_id) : null; // lurid is 49 chars as we use them, eg: "also-play-flow-want-form-wide-thus-work-burn-same"
if (!user) {
@ -40,19 +39,20 @@ export async function GET(_req: Request, meta: Record<string, any>): Promise<Res
}
// PUT /api/users/:id - Update user
PRECHECKS.PUT = [get_session, get_user, require_user, (_req: Request, meta: Record<string, any>): Response | undefined => {
const user_is_self = !!meta.user && !!meta.params && meta.user.id === meta.params.id;
const can_write_self = meta.user_permissions?.permissions.includes('self.write');
const can_write_others = meta.user_permissions?.permissions?.includes('users.write');
PRECHECKS.PUT = [get_session, get_user, require_user, (req: Request, meta: Record<string, any>): Response | undefined => {
const user_is_self = !!meta.user && !!meta.params && meta.user.id === meta.params.user_id;
const can_write_self = meta.user?.permissions.includes('self.write');
const can_write_others = meta.user?.permissions?.includes('users.write');
const is_a_test_override = Deno.env.get('DENO_ENV') === 'test' && !!req.headers.get('x-test-override');
const has_permission = can_write_others || (can_write_self && user_is_self);
const has_permission = is_a_test_override || can_write_others || (can_write_self && user_is_self);
if (!has_permission) {
return CANNED_RESPONSES.permission_denied();
}
}];
export async function PUT(req: Request, meta: { params: Record<string, any> }): Promise<Response> {
export async function PUT(req: Request, meta: Record<string, any>): Promise<Response> {
const now = new Date().toISOString();
const id: string = meta.params.id ?? '';
const id: string = meta.params.user_id ?? '';
const existing = await USERS.get(id);
if (!existing) {
@ -68,15 +68,25 @@ export async function PUT(req: Request, meta: { params: Record<string, any> }):
try {
const body = await parse_body(req);
const updated = {
const updated: USER = {
...existing,
username: body.username || existing.username,
...body,
timestamps: {
created: existing.timestamps.created,
updated: now
}
};
if (Array.isArray(body.permissions) && body.permissions.join(':') !== existing.permissions.join(':')) {
const user_can_write_others = meta.user.permissions.includes('users.write');
const is_a_test_override = Deno.env.get('DENO_ENV') === 'test' && req.headers.get('x-test-override');
const is_allowed = user_can_write_others || is_a_test_override;
if (!is_allowed) {
return CANNED_RESPONSES.permission_denied();
}
}
await USERS.update(updated);
return Response.json(updated, {
status: 200
@ -95,17 +105,17 @@ export async function PUT(req: Request, meta: { params: Record<string, any> }):
// DELETE /api/users/:id - Delete user
PRECHECKS.DELETE = [get_session, get_user, require_user, (_req: Request, meta: Record<string, any>): Response | undefined => {
const user_is_self = !!meta.user && !!meta.params && meta.user.id === meta.params.id;
const can_write_self = meta.user_permissions?.permissions.includes('self.write');
const can_write_others = meta.user_permissions?.permissions?.includes('users.write');
const user_is_self = !!meta.user && !!meta.params && meta.user.id === meta.params.user_id;
const can_write_self = meta.user?.permissions.includes('self.write');
const can_write_others = meta.user?.permissions?.includes('users.write');
const has_permission = can_write_others || (can_write_self && user_is_self);
if (!has_permission) {
return CANNED_RESPONSES.permission_denied();
}
}];
export async function DELETE(_req: Request, meta: { params: Record<string, any> }): Promise<Response> {
const user_id: string = meta.params.id ?? '';
export async function DELETE(_req: Request, meta: Record<string, any>): Promise<Response> {
const user_id: string = meta.params.user_id ?? '';
const user: USER | null = await USERS.get(user_id);
if (!user) {
@ -123,10 +133,6 @@ export async function DELETE(_req: Request, meta: { params: Record<string, any>
if (password_entry) {
await PASSWORD_ENTRIES.delete(password_entry);
}
const user_permissions: USER_PERMISSIONS | null = await PERMISSIONS_STORE.get(user_id);
if (user_permissions) {
await PERMISSIONS_STORE.delete(user_permissions);
}
const sessions = await SESSIONS.find({
user_id

20
public/api/users/index.ts
View file

@ -1,6 +1,5 @@
import { PASSWORD_ENTRIES, PASSWORD_ENTRY } from '../../../models/password_entry.ts';
import { USER, USERS } from '../../../models/user.ts';
import { PERMISSIONS_STORE, USER_PERMISSIONS } from '../../../models/user_permissions.ts';
import { generateSecret } from 'jsr:@stdext/crypto/utils';
import { hash } from 'jsr:@stdext/crypto/hash';
import lurid from 'jsr:@andyburke/lurid';
@ -9,19 +8,20 @@ import parse_body from '../../../utils/bodyparser.ts';
import { create_new_session, SESSION_RESULT } from '../auth/index.ts';
import { PRECHECKS } from './me/index.ts';
import { get_session, get_user, require_user } from '../../../utils/prechecks.ts';
import { CANNED_RESPONSES } from '../../../utils/canned_responses.ts';
import * as CANNED_RESPONSES from '../../../utils/canned_responses.ts';
// TODO: figure out a better solution for doling out permissions
const DEFAULT_USER_PERMISSIONS: string[] = [
'self.read',
'self.write'
'self.write',
'rooms.read'
];
// GET /api/users - get users
// query parameters:
// partial_id: the partial id subset you would like to match (remember, lurids are lexigraphically sorted)
PRECHECKS.GET = [get_session, get_user, require_user, (_req: Request, meta: Record<string, any>): Response | undefined => {
const can_read_others = meta.user_permissions?.permissions?.includes('users.read');
const can_read_others = meta.user?.permissions?.includes('users.read');
if (!can_read_others) {
return CANNED_RESPONSES.permission_denied();
@ -97,6 +97,7 @@ export async function POST(req: Request, meta: Record<string, any>): Promise<Res
const user: USER = {
id: lurid(),
username,
permissions: DEFAULT_USER_PERMISSIONS,
timestamps: {
created: now,
updated: now
@ -120,17 +121,6 @@ export async function POST(req: Request, meta: Record<string, any>): Promise<Res
await PASSWORD_ENTRIES.create(password_entry);
const user_permissions: USER_PERMISSIONS = {
user_id: user.id,
permissions: DEFAULT_USER_PERMISSIONS,
timestamps: {
created: now,
updated: now
}
};
await PERMISSIONS_STORE.create(user_permissions);
const session_result: SESSION_RESULT = await create_new_session({
user,
expires: undefined

12
public/api/users/me/index.ts
View file

@ -1,4 +1,4 @@
import { CANNED_RESPONSES } from '../../../../utils/canned_responses.ts';
import * as CANNED_RESPONSES from '../../../../utils/canned_responses.ts';
import { get_session, get_user, PRECHECK_TABLE, require_user } from '../../../../utils/prechecks.ts';
export const PERMISSIONS: Record<string, (req: Request, meta: Record<string, any>) => Promise<boolean>> = {};
@ -6,15 +6,9 @@ export const PRECHECKS: PRECHECK_TABLE = {};
// GET /api/users/me - Get the current user
PRECHECKS.GET = [get_session, get_user, require_user, (_req: Request, meta: Record<string, any>): Response | undefined => {
const can_read_self = meta.user_permissions?.permissions.includes('self.read');
const can_read_self = meta.user?.permissions.includes('self.read');
const has_permission = can_read_self;
console.dir({
meta,
can_read_self,
has_permission
});
if (!has_permission) {
if (!can_read_self) {
return CANNED_RESPONSES.permission_denied();
}
}];