2025-04-01 23:16:09 -04:00
|
|
|
use crate::{
|
2025-07-23 14:44:47 -04:00
|
|
|
get_app_from_key, get_user_from_token,
|
2025-04-01 23:16:09 -04:00
|
|
|
model::{ApiReturn, Error},
|
|
|
|
|
routes::api::v1::CreateIpBan,
|
2025-07-23 14:44:47 -04:00
|
|
|
State,
|
2025-04-01 23:16:09 -04:00
|
|
|
};
|
2025-07-23 14:44:47 -04:00
|
|
|
use axum::{extract::Path, http::HeaderMap, response::IntoResponse, Extension, Json};
|
2025-07-19 00:44:12 -04:00
|
|
|
use crate::cookie::CookieJar;
|
2025-05-21 23:32:45 -04:00
|
|
|
use tetratto_core::model::{addr::RemoteAddr, auth::IpBan, permissions::FinePermission};
|
2025-04-01 23:16:09 -04:00
|
|
|
|
2025-07-23 14:44:47 -04:00
|
|
|
/// Check if the given IP is banned.
|
|
|
|
|
pub async fn check_request(
|
|
|
|
|
headers: HeaderMap,
|
|
|
|
|
Path(ip): Path<String>,
|
|
|
|
|
Extension(data): Extension<State>,
|
|
|
|
|
) -> impl IntoResponse {
|
|
|
|
|
let data = &(data.read().await).0;
|
|
|
|
|
if get_app_from_key!(data, headers).is_none() {
|
|
|
|
|
return Json(Error::NotAllowed.into());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Json(ApiReturn {
|
|
|
|
|
ok: true,
|
|
|
|
|
message: "Success".to_string(),
|
|
|
|
|
payload: data
|
|
|
|
|
.get_ipban_by_addr(&RemoteAddr::from(ip.as_str()))
|
|
|
|
|
.await
|
|
|
|
|
.is_ok(),
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2025-04-01 23:16:09 -04:00
|
|
|
/// Create a new IP ban.
|
|
|
|
|
pub async fn create_request(
|
|
|
|
|
jar: CookieJar,
|
|
|
|
|
Path(ip): Path<String>,
|
|
|
|
|
Extension(data): Extension<State>,
|
|
|
|
|
Json(req): Json<CreateIpBan>,
|
|
|
|
|
) -> impl IntoResponse {
|
|
|
|
|
let data = &(data.read().await).0;
|
|
|
|
|
let user = match get_user_from_token!(jar, data) {
|
|
|
|
|
Some(ua) => ua,
|
|
|
|
|
None => return Json(Error::NotAllowed.into()),
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
if !user.permissions.check(FinePermission::MANAGE_BANS) {
|
|
|
|
|
return Json(Error::NotAllowed.into());
|
|
|
|
|
}
|
|
|
|
|
|
2025-05-21 23:32:45 -04:00
|
|
|
match data
|
|
|
|
|
.create_ipban(IpBan::new(
|
|
|
|
|
RemoteAddr::from(ip.as_str()).prefix(None),
|
|
|
|
|
user.id,
|
|
|
|
|
req.reason,
|
|
|
|
|
))
|
|
|
|
|
.await
|
|
|
|
|
{
|
2025-04-01 23:16:09 -04:00
|
|
|
Ok(_) => Json(ApiReturn {
|
|
|
|
|
ok: true,
|
2025-04-11 22:12:43 -04:00
|
|
|
message: "IP ban created".to_string(),
|
2025-04-01 23:16:09 -04:00
|
|
|
payload: (),
|
|
|
|
|
}),
|
|
|
|
|
Err(e) => Json(e.into()),
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Delete the given IP ban.
|
|
|
|
|
pub async fn delete_request(
|
|
|
|
|
jar: CookieJar,
|
2025-04-02 11:39:51 -04:00
|
|
|
Path(ip): Path<String>,
|
2025-04-01 23:16:09 -04:00
|
|
|
Extension(data): Extension<State>,
|
|
|
|
|
) -> impl IntoResponse {
|
|
|
|
|
let data = &(data.read().await).0;
|
|
|
|
|
let user = match get_user_from_token!(jar, data) {
|
|
|
|
|
Some(ua) => ua,
|
|
|
|
|
None => return Json(Error::NotAllowed.into()),
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
if !user.permissions.check(FinePermission::MANAGE_BANS) {
|
|
|
|
|
return Json(Error::NotAllowed.into());
|
|
|
|
|
}
|
|
|
|
|
|
2025-04-02 11:39:51 -04:00
|
|
|
match data.delete_ipban(&ip, user).await {
|
2025-04-01 23:16:09 -04:00
|
|
|
Ok(_) => Json(ApiReturn {
|
|
|
|
|
ok: true,
|
|
|
|
|
message: "IP ban deleted".to_string(),
|
|
|
|
|
payload: (),
|
|
|
|
|
}),
|
|
|
|
|
Err(e) => Json(e.into()),
|
|
|
|
|
}
|
|
|
|
|
}
|
