using OwnChar.Api.Packets.General; using OwnChar.Api.Packets.Groups; using OwnChar.Api.Updates; using OwnChar.Data; using OwnChar.Data.Model.Client; using OwnChar.Server.Data.Model; using OwnChar.Server.Extensions; using Pilz.Net.Api; namespace OwnChar.Server.Api.Endpoint; internal class GroupsApi(IOwnCharServer server) { [MessageHandler("/group/get/byid")] public ApiResult GetById(GetSinlgeObjectRequest request, ApiRequestInfo info) { if (!server.CheckLogin(info, UserType.Guest, out UserAccountDb? user)) return ApiResult.Unauthorized(); if (server.Data?.Set().FirstOrDefault(n => n.Id == request.ObjectId && n.Members.Any(m => m.User != null && m.User.Id == user.Id)) is not GroupDb group) return ApiResult.NotFound(); return ApiResult.Ok(new GetSingleObjectResponse(group.ToClient())); } [MessageHandler("/group/get", RequiesAuth = true)] public ApiResult Get(GetGroupsRequest request, ApiRequestInfo info) { if (!server.CheckLogin(info, UserType.Guest, out UserAccountDb? user)) return ApiResult.Unauthorized(); IQueryable groups; if (request.UseProfileId && server.Data!.Set().FirstOrDefault(p => p.Id == request.ProfileId) is UserProfileDb profile) groups = server.Data!.Set().Where(group => group.Members.Any(m => m.User != null && m.User.Id == profile.Id)); else if (request.IncludeNonPublic && user.Is(UserType.Admin)) groups = server.Data!.Set(); else groups = Array.Empty().AsQueryable(); // Currently not supported. return ApiResult.Ok(new GetGroupsResponse([.. groups.Select(g => g.ToClient())])); } [MessageHandler("/group/create", RequiesAuth = true)] public ApiResult Create(CreateGroupRequest request, ApiRequestInfo info) { if (!server.CheckLogin(info, UserType.User, out UserAccountDb? user)) return ApiResult.Unauthorized(); var group = new GroupDb(); if (!string.IsNullOrWhiteSpace(request.Name)) group.Name = request.Name; group.Members.Add(new() { User = user.Profile, Level = MemberLevel.Owner, }); server.Data!.Update(group); server.Data.SaveChanges(); return ApiResult.Ok(new CreateGroupResponse(group.ToClient())); } [MessageHandler("/group/update", RequiesAuth = true)] public ApiResult Update(UpdateRequest request, ApiRequestInfo info) { if (!server.CheckLogin(info, UserType.User, out UserAccountDb? user) || server.Data?.Set().FirstOrDefault(n => n.Id == request.Update.Id) is not GroupDb group || !group.Members.Any(m => m.Id == user.Profile!.Id && m.Level >= MemberLevel.Admin || user.IsNot(UserType.Admin))) return ApiResult.Unauthorized(); if (request.Update is not GroupUpdate update) return ApiResult.NotFound(); group.Name = update.Name; group.Fandom = update.Fandom; server.Data.Update(group); server.Data.SaveChanges(); return ApiResult.Ok(); } [MessageHandler("/group/delete", RequiesAuth = true)] public ApiResult Delete(DeleteObjectRequest request, ApiRequestInfo info) { if (!server.CheckLogin(info, UserType.User, out UserAccountDb? user) || server.Data?.Set().FirstOrDefault(n => n.Id == request.ObjectId) is not GroupDb group || !group.Members.Any(m => m.Id == user.Profile!.Id && m.Level >= MemberLevel.Owner) || user.IsNot(UserType.Admin)) return ApiResult.Unauthorized(); server.Data.Remove(group); server.Data.SaveChanges(); return ApiResult.Ok(); } [MessageHandler("/group/members/get", RequiesAuth = true)] public ApiResult GetMembers(GetGroupMembersRequest request, ApiRequestInfo info) { if (!server.CheckLogin(info, UserType.User, out UserAccountDb? user) || server.Data?.Set().FirstOrDefault(n => n.Id == request.GroupId) is not GroupDb group || !group.Members.Any(m => m.Id == user.Profile!.Id && m.Level >= MemberLevel.Member) || user.IsNot(UserType.Admin)) return ApiResult.Unauthorized(); var members = group.Members.Select(n => n.ToClient()); return ApiResult.Ok(new GetGroupMembersResponse(members.ToList())); } [MessageHandler("/group/members/add", RequiesAuth = true)] public ApiResult AddMembers(GroupMemberAddRequest request, ApiRequestInfo info) { if (!server.CheckLogin(info, UserType.User, out UserAccountDb? user) || server.Data?.Set().FirstOrDefault(n => n.Id == request.GroupId) is not GroupDb group || !group.Members.Any(m => m.Id == user.Profile!.Id && m.Level >= MemberLevel.Admin) || user.IsNot(UserType.Admin)) return ApiResult.Unauthorized(); var addedMembers = new List(); foreach (var kvp in request.Members) { if (group.Members.FirstOrDefault(m => m.User != null && m.User.Id == kvp.Key) is not MemberEntryDb member && server.Data.Set().FirstOrDefault(u => u.Id == kvp.Key) is UserProfileDb mu) { member = new() { User = mu, Level = kvp.Value, }; server.Data.Update(member); server.Data.Update(group); server.Data.SaveChanges(); } } return ApiResult.Ok(new GroupMemberAddResponse(addedMembers.Select(m => m.ToClient()).ToList())); } [MessageHandler("/group/members/update", RequiesAuth = true)] public ApiResult UpdateMember(UpdateRequest request, ApiRequestInfo info) { if (!server.CheckLogin(info, UserType.User, out UserAccountDb? user) || server.Data?.Set().FirstOrDefault(n => n.Id == request.Update.Id) is not GroupDb group || group.Members.FirstOrDefault(m => m.Id == request.Update.Id) is not MemberEntryDb member || !group.Members.Any(m => m.Id == user.Profile!.Id && m.Level >= MemberLevel.Admin || user.IsNot(UserType.Admin))) return ApiResult.Unauthorized(); if (request.Update is not MemberUpdate update) return ApiResult.NotFound(); member.Level = update.Level; server.Data.Update(member); server.Data.SaveChanges(); return ApiResult.Ok(); } [MessageHandler("/group/members/remove", RequiesAuth = true)] public ApiResult RemoveMembers(DeleteObjectRequest request, ApiRequestInfo info) { if (!server.CheckLogin(info, UserType.User, out UserAccountDb? user) || server.Data?.Set().FirstOrDefault(m => m.Id == request.ObjectId) is not MemberEntryDb member || server.Data?.Set().FirstOrDefault(n => n.Members.Contains(member)) is not GroupDb group || !group.Members.Any(m => m.Id == user.Profile!.Id && m.Level >= MemberLevel.Admin || user.IsNot(UserType.Admin))) return ApiResult.Unauthorized(); group.Members.Remove(member); server.Data.Remove(member); server.Data.Update(group); server.Data.SaveChanges(); return ApiResult.Ok(); } }