Skip to content

Commit

Permalink
add Discord Admin permissions for dashboard
Browse files Browse the repository at this point in the history
  • Loading branch information
dragonejt committed Dec 3, 2023
1 parent 6bcba23 commit 4a58004
Show file tree
Hide file tree
Showing 7 changed files with 195 additions and 26 deletions.
3 changes: 2 additions & 1 deletion Pipfile
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,11 @@ whitenoise = "*"
pyyaml = "*"
gunicorn = "*"
uritemplate = "*"
requests = "*"

[dev-packages]
pylint = "*"
autopep8 = "*"

[requires]
python_version = "3.11"
python_version = "3.11"
161 changes: 145 additions & 16 deletions Pipfile.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

22 changes: 22 additions & 0 deletions clients/discord.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
import requests

class DiscordClient():

url = "https://discord.com/api/v10"

def __init__(self, access_token):
user = requests.get(f"{self.url}/users/@me", headers={
"Authorization": f"Bearer {access_token}"
}).json()
user.raise_for_status()

self.user_id = user["id"]

def is_server_admin(self, guild_id):
response = requests.get(
f"{self.url}/guilds/{guild_id}/members/{self.user_id}").json()
response.raise_for_status()

print(response["permissions"])

return True
19 changes: 19 additions & 0 deletions community/models.py
Original file line number Diff line number Diff line change
@@ -1,6 +1,10 @@
from django.db import models
from django.contrib.auth import get_user_model
from rest_framework.views import APIView
from rest_framework.request import Request
from rest_framework.serializers import ModelSerializer
from rest_framework.permissions import BasePermission
from clients.discord import DiscordClient

# Create your models here.

Expand All @@ -27,3 +31,18 @@ class CommunitySerializer(ModelSerializer):
class Meta:
model = Community
fields = "__all__"

class DiscordAdmin(BasePermission):

def has_permission(self, request: Request, view: APIView):
return True

def has_object_permission(self, request: Request, view: APIView, obj: models.Model) -> bool:
platform, access_token = request.META["Authorization"].split(" ")

if (platform != "Discord"): return False
if (type(obj) == Community):
return DiscordClient(access_token).is_server_admin(obj.community_id)


return False
9 changes: 5 additions & 4 deletions community/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,19 +4,20 @@
from rest_framework.permissions import IsAdminUser
from rest_framework.request import Request
from rest_framework.response import Response
from community.models import Community, CommunitySerializer
from community.models import Community, CommunitySerializer, DiscordAdmin
from psychopass.models import CommunityPsychoPass
from dominator.models import MessageDominator, MemberDominator

# Create your views here.


class CommunityView(APIView):
permission_classes = [IsAdminUser]
permission_classes = [IsAdminUser | DiscordAdmin]

def get(self, request: Request) -> Response:
community = get_object_or_404(
Community, platform=request.user, community_id=request.query_params.get("id"))
Community, community_id=request.query_params.get("id"))
self.check_object_permissions(request, community)

return Response(CommunitySerializer(community).data, status=status.HTTP_200_OK)

Expand Down Expand Up @@ -49,7 +50,7 @@ def put(self, request: Request) -> Response:

def delete(self, request: Request) -> Response:
community = get_object_or_404(
Community, platform=request.user, community_id=request.query_params.get("id"))
Community, community_id=request.query_params.get("id"))
community.delete()

return Response(status=status.HTTP_204_NO_CONTENT)
4 changes: 2 additions & 2 deletions psychopass/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -60,15 +60,15 @@ class CommunityPsychoPassView(APIView):

def get(self, request: Request) -> Response:
community = get_object_or_404(
Community, platform=request.user, community_id=request.query_params.get("id"))
Community, community_id=request.query_params.get("id"))
community_psycho_pass = get_object_or_404(
CommunityPsychoPass, community=community)

return Response(CommunityPsychoPassSerializer(community_psycho_pass).data, status=status.HTTP_200_OK)

def put(self, request: Request) -> Response:
community = get_object_or_404(
Community, platform=request.user, community_id=request.data.get("communityID"))
Community, community_id=request.data.get("communityID"))
community_psycho_pass = get_object_or_404(
CommunityPsychoPass, community=community)
psycho_pass = get_object_or_404(
Expand Down
3 changes: 0 additions & 3 deletions sibyl/settings.py
Original file line number Diff line number Diff line change
Expand Up @@ -139,9 +139,6 @@
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework.authentication.TokenAuthentication'
],
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.IsAuthenticated'
],
'DEFAULT_RENDERER_CLASSES': [
'rest_framework.renderers.JSONRenderer'
]
Expand Down

0 comments on commit 4a58004

Please sign in to comment.