From 3295315339a8f861abf09a64f7a6c4f96b9f5d52 Mon Sep 17 00:00:00 2001 From: RaidMax Date: Sun, 16 Oct 2022 16:25:09 -0500 Subject: [PATCH] update default permissions for guest webfront users --- Application/Misc/RemoteCommandService.cs | 13 ++++++++++++- SharedLibraryCore/BaseController.cs | 2 +- WebfrontCore/Controllers/ConsoleController.cs | 15 ++++++++++++++- 3 files changed, 27 insertions(+), 3 deletions(-) diff --git a/Application/Misc/RemoteCommandService.cs b/Application/Misc/RemoteCommandService.cs index 4e4bfc3ed..0e58f324d 100644 --- a/Application/Misc/RemoteCommandService.cs +++ b/Application/Misc/RemoteCommandService.cs @@ -1,21 +1,25 @@ using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; +using Microsoft.Extensions.Logging; using SharedLibraryCore; using SharedLibraryCore.Configuration; using SharedLibraryCore.Dtos; using SharedLibraryCore.Interfaces; using SharedLibraryCore.Services; +using ILogger = Microsoft.Extensions.Logging.ILogger; namespace IW4MAdmin.Application.Misc; public class RemoteCommandService : IRemoteCommandService { + private readonly ILogger _logger; private readonly ApplicationConfiguration _appConfig; private readonly ClientService _clientService; - public RemoteCommandService(ApplicationConfiguration appConfig, ClientService clientService) + public RemoteCommandService(ILogger logger, ApplicationConfiguration appConfig, ClientService clientService) { + _logger = logger; _appConfig = appConfig; _clientService = clientService; } @@ -23,6 +27,13 @@ public class RemoteCommandService : IRemoteCommandService public async Task> Execute(int originId, int? targetId, string command, IEnumerable arguments, Server server) { + if (originId < 1) + { + _logger.LogWarning("Not executing command {Command} for {Originid} because origin id is invalid", command, + originId); + return Enumerable.Empty(); + } + var client = await _clientService.Get(originId); client.CurrentServer = server; diff --git a/SharedLibraryCore/BaseController.cs b/SharedLibraryCore/BaseController.cs index 7190bb4e3..0f44db4f6 100644 --- a/SharedLibraryCore/BaseController.cs +++ b/SharedLibraryCore/BaseController.cs @@ -67,7 +67,7 @@ namespace SharedLibraryCore Client = new EFClient { ClientId = -1, - Level = Data.Models.Client.EFClient.Permission.Banned, + Level = Data.Models.Client.EFClient.Permission.User, CurrentAlias = new EFAlias { Name = "Webfront Guest" } }; } diff --git a/WebfrontCore/Controllers/ConsoleController.cs b/WebfrontCore/Controllers/ConsoleController.cs index 254e52346..3467d7e21 100644 --- a/WebfrontCore/Controllers/ConsoleController.cs +++ b/WebfrontCore/Controllers/ConsoleController.cs @@ -10,10 +10,12 @@ namespace WebfrontCore.Controllers public class ConsoleController : BaseController { private readonly IRemoteCommandService _remoteCommandService; + private readonly ITranslationLookup _translationLookup; - public ConsoleController(IManager manager, IRemoteCommandService remoteCommandService) : base(manager) + public ConsoleController(IManager manager, IRemoteCommandService remoteCommandService, ITranslationLookup translationLookup) : base(manager) { _remoteCommandService = remoteCommandService; + _translationLookup = translationLookup; } public IActionResult Index() @@ -33,6 +35,17 @@ namespace WebfrontCore.Controllers public async Task Execute(long serverId, string command) { + if (Client.ClientId < 1) + { + return Ok(new[] + { + new CommandResponseInfo + { + Response = _translationLookup["SERVER_COMMANDS_INTERCEPTED"] + } + }); + } + var server = Manager.GetServers().First(s => s.EndPoint == serverId); var response = await _remoteCommandService.Execute(Client.ClientId, null, command, Enumerable.Empty(), server); return !response.Any() ? StatusCode(400, response) : Ok(response);