diff --git a/install/game.distr/config/chargen.yml b/install/game.distr/config/chargen.yml index e9686e3628..459d1ffe29 100644 --- a/install/game.distr/config/chargen.yml +++ b/install/game.distr/config/chargen.yml @@ -78,10 +78,10 @@ chargen: help: groups ranks: help: ranks - background: - help: backgrounds abilities: help: skills + background: + help: backgrounds desc: help: descriptions hooks: diff --git a/plugins/achievements/helpers.rb b/plugins/achievements/helpers.rb index 80fcffdbe8..f09c0393fd 100644 --- a/plugins/achievements/helpers.rb +++ b/plugins/achievements/helpers.rb @@ -1,8 +1,7 @@ module AresMUSH module Achievements def self.can_manage_achievements?(actor) - return false if !actor - return actor.has_permission?("manage_achievements") + actor && actor.has_permission?("manage_achievements") end def self.all_achievements diff --git a/plugins/arescentral/web/handle_link_handler.rb b/plugins/arescentral/web/handle_link_handler.rb index 8f87719946..d25efec765 100644 --- a/plugins/arescentral/web/handle_link_handler.rb +++ b/plugins/arescentral/web/handle_link_handler.rb @@ -5,6 +5,7 @@ def handle(request) enactor = request.enactor handle_name = (request.args[:handle_name] || "").titlecase link_code = request.args[:link_code] + pw = request.args[:confirm_password] error = Website.check_login(request) return error if error @@ -13,6 +14,10 @@ def handle(request) return { error: t('arescentral.character_already_linked') } end + if (!enactor.compare_password(pw)) + return { error: t('login.invalid_password') } + end + error = AresCentral.link_handle(enactor, handle_name, link_code) return { error: error } if error diff --git a/plugins/channels/helpers.rb b/plugins/channels/helpers.rb index 94b85fcfab..42dec0549b 100644 --- a/plugins/channels/helpers.rb +++ b/plugins/channels/helpers.rb @@ -1,8 +1,7 @@ module AresMUSH module Channels def self.can_manage_channels?(actor) - return false if !actor - actor.has_permission?("manage_channels") + actor && actor.has_permission?("manage_channels") end def self.get_channel_options(char, channel) @@ -28,7 +27,7 @@ def self.find_common_channels(channels, other_char) if (intersection.empty?) return nil end - intersection = intersection.map { |c| Channels.display_name(nil, c, false) } + intersection = intersection.map { |c| Channels.display_name(other_char, c, false) } Channels.name_with_markers(intersection.join(", ")) end @@ -155,13 +154,13 @@ def self.channel_for_alias(char, channel_alias) def self.can_join_channel?(char, channel) return true if channel.join_roles.empty? return true if Channels.can_manage_channels?(char) - return char.has_any_role?(channel.join_roles) + return char && char.has_any_role?(channel.join_roles) end def self.can_talk_on_channel?(char, channel) return true if channel.talk_roles.empty? return true if Channels.can_manage_channels?(char) - return char.has_any_role?(channel.talk_roles) + return char && char.has_any_role?(channel.talk_roles) end def self.with_an_enabled_channel(name, client, enactor, &block) diff --git a/plugins/chargen/helpers.rb b/plugins/chargen/helpers.rb index 0c124943c7..0c99129b9c 100644 --- a/plugins/chargen/helpers.rb +++ b/plugins/chargen/helpers.rb @@ -1,7 +1,7 @@ module AresMUSH module Chargen def self.can_approve?(actor) - actor.has_permission?("manage_apps") + Chargen.can_manage_apps?(actor) end def self.bg_app_review(char) @@ -10,11 +10,11 @@ def self.bg_app_review(char) end def self.can_manage_bgs?(actor) - actor.has_permission?("manage_apps") + actor && actor.has_permission?("manage_apps") end def self.can_manage_apps?(actor) - actor.has_permission?("manage_apps") + actor && actor.has_permission?("manage_apps") end def self.can_view_bgs?(actor) @@ -194,7 +194,7 @@ def self.reject_char(enactor, model, notes) return nil end - def self.build_app_review_info(char) + def self.build_app_review_info(char, enactor) abilities_app = FS3Skills.is_enabled? ? MushFormatter.format(FS3Skills.app_review(char)) : nil demographics_app = MushFormatter.format Demographics.app_review(char) bg_app = MushFormatter.format Chargen.bg_app_review(char) @@ -216,7 +216,7 @@ def self.build_app_review_info(char) id: char.id, job: char.approval_job ? char.approval_job.id : nil, custom: custom_app, - allow_web_submit: Global.read_config("chargen", "allow_web_submit") + allow_web_submit: (char == enactor) && Global.read_config("chargen", "allow_web_submit") } end end diff --git a/plugins/chargen/public/chargen_api.rb b/plugins/chargen/public/chargen_api.rb index 7059adba6f..64ac42cbcb 100644 --- a/plugins/chargen/public/chargen_api.rb +++ b/plugins/chargen/public/chargen_api.rb @@ -13,6 +13,9 @@ def self.is_chargen_locked?(char) end def self.check_chargen_locked(target) + # Note: Most of these commands work on enactor-only, so we allow admins to change whatever they want + # on themselves. The commands that allow other players separately check whether to allow admins to override + # the lock. return nil if target.is_admin? return t('chargen.cant_be_changed') if target.is_approved? return t('chargen.app_in_progress') if target.chargen_locked diff --git a/plugins/chargen/web/app_review_request_handler.rb b/plugins/chargen/web/app_review_request_handler.rb index 67765957fc..af1051a986 100644 --- a/plugins/chargen/web/app_review_request_handler.rb +++ b/plugins/chargen/web/app_review_request_handler.rb @@ -17,14 +17,14 @@ def handle(request) end if (char.is_approved?) - return { error: t('chargen.already_approved') } + return { error: t('chargen.already_approved', :name => char.name) } end if (!char.approval_job) return { error: t('chargen.no_app_submitted', :name => char.name) } end - return Chargen.build_app_review_info(char) + return Chargen.build_app_review_info(char, enactor) end end end diff --git a/plugins/chargen/web/chargen_char_request_handler.rb b/plugins/chargen/web/chargen_char_request_handler.rb index d83eb171cc..accb54c05a 100644 --- a/plugins/chargen/web/chargen_char_request_handler.rb +++ b/plugins/chargen/web/chargen_char_request_handler.rb @@ -2,20 +2,32 @@ module AresMUSH module Chargen class ChargenCharRequestHandler def handle(request) - char = request.enactor - + id = request.args[:id] + enactor = request.enactor + char = Character.find_one_by_name id if (!char) return { error: t('webportal.login_required') } end - + error = Website.check_login(request) return error if error + - if (char.is_approved?) - return { error: t('chargen.you_are_already_approved')} - end + + if (Chargen.can_approve?(enactor)) + can_approve = true + else + can_approve = false + if (char != enactor) + return { error: t('dispatcher.not_allowed') } + end + + if (char.is_approved?) + return { error: t('chargen.you_are_already_approved')} + end - return { chargen_locked: true } if Chargen.is_chargen_locked?(char) + return { chargen_locked: true } if Chargen.is_chargen_locked?(char) + end all_demographics = Demographics.all_demographics demographics = {} @@ -63,7 +75,8 @@ def handle(request) { id: char.id, - chargen_locked: char.chargen_locked, + chargen_locked: false, + can_approve: can_approve, name: char.name, demographics: demographics, groups: groups, diff --git a/plugins/chargen/web/chargen_reset_request_handler.rb b/plugins/chargen/web/chargen_reset_request_handler.rb index ac43cf2939..f576ffb310 100644 --- a/plugins/chargen/web/chargen_reset_request_handler.rb +++ b/plugins/chargen/web/chargen_reset_request_handler.rb @@ -2,18 +2,28 @@ module AresMUSH module Chargen class ChargenResetRequestHandler def handle(request) - char = request.enactor chargen_data = request.args[:char] + id = request.args[:id] + enactor = request.enactor + + error = Website.check_login(request) + return error if error + char = Character.find_one_by_name id if (!char) - return { error: t('webportal.login_required') } + return { error: t('webportal.not_found') } end - error = Website.check_login(request) - return error if error + if (!Chargen.can_approve?(enactor)) + if (char != enactor) + return { error: t('dispatcher.not_allowed') } + end + + error = Chargen.check_chargen_locked(char) + return { error: error } if error + end - error = Chargen.check_chargen_locked(char) - return { error: error } if error + Global.logger.info "Character reset for #{char.name} by #{enactor.name}." Chargen.save_char(char, chargen_data) diff --git a/plugins/chargen/web/chargen_review_request_handler.rb b/plugins/chargen/web/chargen_review_request_handler.rb index f7e7cc83e7..37e06e24cd 100644 --- a/plugins/chargen/web/chargen_review_request_handler.rb +++ b/plugins/chargen/web/chargen_review_request_handler.rb @@ -2,19 +2,27 @@ module AresMUSH module Chargen class ChargenReviewRequestHandler def handle(request) - char = request.enactor + id = request.args[:id] + enactor = request.enactor + + error = Website.check_login(request) + return error if error + char = Character.find_one_by_name id if (!char) - return { error: t('webportal.login_required') } + return { error: t('webportal.not_found') } end - error = Website.check_login(request) - return error if error - - error = Chargen.check_chargen_locked(char) - return { error: error } if error + if (!Chargen.can_approve?(enactor)) + if (char != enactor) + return { error: t('dispatcher.not_allowed') } + end + + error = Chargen.check_chargen_locked(char) + return { error: error } if error + end - return Chargen.build_app_review_info(char) + return Chargen.build_app_review_info(char, enactor) end end end diff --git a/plugins/chargen/web/chargen_save_request_handler.rb b/plugins/chargen/web/chargen_save_request_handler.rb index 93cbcdc9b1..b7bdd78a28 100644 --- a/plugins/chargen/web/chargen_save_request_handler.rb +++ b/plugins/chargen/web/chargen_save_request_handler.rb @@ -2,19 +2,28 @@ module AresMUSH module Chargen class ChargenSaveRequestHandler def handle(request) - char = request.enactor chargen_data = request.args[:char] + id = request.args[:id] + enactor = request.enactor + + error = Website.check_login(request) + return error if error + char = Character.find_one_by_name id if (!char) - return { error: t('webportal.login_required') } + return { error: t('webportal.not_found') } end - error = Website.check_login(request) - return error if error - - error = Chargen.check_chargen_locked(char) - return { error: error } if error - + if (!Chargen.can_approve?(enactor)) + if (char != enactor) + return { error: t('dispatcher.not_allowed') } + end + + error = Chargen.check_chargen_locked(char) + return { error: error } if error + end + + Global.logger.info "Saving chargen data for #{char.name} by #{enactor.name}." alerts = Chargen.save_char(char, chargen_data) { diff --git a/plugins/demographics/helpers.rb b/plugins/demographics/helpers.rb index 5c87a1b24a..e2daeac4c7 100644 --- a/plugins/demographics/helpers.rb +++ b/plugins/demographics/helpers.rb @@ -2,13 +2,11 @@ module AresMUSH module Demographics def self.can_set_demographics?(char) - return false if !char - char.has_permission?("manage_demographics") + char && char.has_permission?("manage_demographics") end def self.can_set_group?(char) - return false if !char - char.has_permission?("manage_demographics") + char && char.has_permission?("manage_demographics") end def self.all_demographics diff --git a/plugins/events/helpers.rb b/plugins/events/helpers.rb index 8be1b35e51..7d5c827707 100644 --- a/plugins/events/helpers.rb +++ b/plugins/events/helpers.rb @@ -1,8 +1,9 @@ module AresMUSH module Events def self.can_manage_events?(actor) - actor.has_permission?("manage_events") + actor && actor.has_permission?("manage_events") end + def self.ical_path File.join(AresMUSH.game_path, 'calendar.ics') end diff --git a/plugins/fs3skills/helpers/luck.rb b/plugins/fs3skills/helpers/luck.rb index 61eff11965..c8f0b9b14b 100644 --- a/plugins/fs3skills/helpers/luck.rb +++ b/plugins/fs3skills/helpers/luck.rb @@ -1,7 +1,7 @@ module AresMUSH module FS3Skills def self.can_manage_luck?(actor) - actor.has_permission?("manage_abilities") + actor && actor.has_permission?("manage_abilities") end def self.modify_luck(char, amount) diff --git a/plugins/fs3skills/helpers/utils.rb b/plugins/fs3skills/helpers/utils.rb index d09409dad2..b6cfb3dc49 100644 --- a/plugins/fs3skills/helpers/utils.rb +++ b/plugins/fs3skills/helpers/utils.rb @@ -1,7 +1,7 @@ module AresMUSH module FS3Skills def self.can_manage_abilities?(actor) - actor.has_permission?("manage_abilities") + actor && actor.has_permission?("manage_abilities") end def self.can_view_sheets?(actor) diff --git a/plugins/fs3skills/helpers/xp.rb b/plugins/fs3skills/helpers/xp.rb index 589c2eeae6..bf3f3c2ce7 100644 --- a/plugins/fs3skills/helpers/xp.rb +++ b/plugins/fs3skills/helpers/xp.rb @@ -1,7 +1,7 @@ module AresMUSH module FS3Skills def self.can_manage_xp?(actor) - actor.has_permission?("manage_abilities") + actor && actor.has_permission?("manage_abilities") end def self.modify_xp(char, amount) diff --git a/plugins/fs3skills/web/chargen_char_request_handler.rb b/plugins/fs3skills/web/chargen_char_request_handler.rb index b7b19d9e74..e228596bcf 100644 --- a/plugins/fs3skills/web/chargen_char_request_handler.rb +++ b/plugins/fs3skills/web/chargen_char_request_handler.rb @@ -2,21 +2,28 @@ module AresMUSH module FS3Skills class ChargenCharRequestHandler def handle(request) - char = request.enactor - + id = request.args[:id] + enactor = request.enactor + + char = Character.find_one_by_name id if (!char) return { error: t('webportal.login_required') } end error = Website.check_login(request) return error if error + + if (!Chargen.can_approve?(enactor)) + if (char != enactor) + return { error: t('dispatcher.not_allowed') } + end - if (char.is_approved?) - return { error: t('chargen.you_are_already_approved')} - end + if (char.is_approved?) + return { error: t('chargen.you_are_already_approved')} + end - return { chargen_locked: true } if Chargen.is_chargen_locked?(char) - + return { chargen_locked: true } if Chargen.is_chargen_locked?(char) + end { fs3_attributes: get_ability_list(char, char.fs3_attributes, :attribute), diff --git a/plugins/idle/helpers.rb b/plugins/idle/helpers.rb index a406bc5b8b..12c2688686 100644 --- a/plugins/idle/helpers.rb +++ b/plugins/idle/helpers.rb @@ -1,11 +1,11 @@ module AresMUSH module Idle def self.can_idle_sweep?(actor) - actor.has_permission?("manage_idle") + actor && actor.has_permission?("manage_idle") end def self.can_manage_roster?(actor) - actor.has_permission?("manage_roster") + actor && actor.has_permission?("manage_roster") end def self.roster_enabled? diff --git a/plugins/jobs/helpers.rb b/plugins/jobs/helpers.rb index 1268224c5e..697cd9e711 100644 --- a/plugins/jobs/helpers.rb +++ b/plugins/jobs/helpers.rb @@ -2,13 +2,11 @@ module AresMUSH module Jobs def self.can_access_jobs?(actor) - return false if !actor - actor.has_permission?("access_jobs") + actor && actor.has_permission?("access_jobs") end def self.can_manage_jobs?(actor) - return false if !actor - actor.has_permission?("manage_jobs") + actor && actor.has_permission?("manage_jobs") end def self.closed_jobs @@ -16,6 +14,7 @@ def self.closed_jobs end def self.can_access_category?(actor, category) + return false if !actor return true if actor.is_admin? return false if !Jobs.can_access_jobs?(actor) actor.has_any_role?(category.roles) diff --git a/plugins/login/commands/email_set_cmd.rb b/plugins/login/commands/email_set_cmd.rb index 4edcd73267..6dd5857d33 100644 --- a/plugins/login/commands/email_set_cmd.rb +++ b/plugins/login/commands/email_set_cmd.rb @@ -8,13 +8,9 @@ class EmailSetCmd def parse_args self.email = trim_arg(cmd.args) end - - def required_args - [ self.email ] - end def check_email_format - if self.email !~ /\A[^@\s]+@([^@\s]+\.)+[^@\s]+\z/ + if !Login.is_email_valid?(self.email) return t('login.invalid_email_format') end return nil diff --git a/plugins/login/help/en/email.md b/plugins/login/help/en/email.md index 61e7de1dd2..21954fe3e2 100644 --- a/plugins/login/help/en/email.md +++ b/plugins/login/help/en/email.md @@ -4,7 +4,7 @@ summary: Setting your email. --- # Email -You can associate an email address with your account, to enable game admin to contact you. This is optional, but can be helpful if the game ever goes down or you forget your password. Your email is not displayed on your public profile. +You may set an email to allow game admin to contact you. Your email is not displayed on your public profile; it is only accessible by admin. Consult your local game policies for how this email may be used. `email` - Views your registered email `email/set ` - Changes the email registered with your account. \ No newline at end of file diff --git a/plugins/login/helpers.rb b/plugins/login/helpers.rb index 3f54ee158e..57380c364a 100644 --- a/plugins/login/helpers.rb +++ b/plugins/login/helpers.rb @@ -4,15 +4,15 @@ module Login def self.can_access_email?(actor, model) return true if actor == model - actor.has_permission?("manage_login") + actor && actor.has_permission?("manage_login") end def self.can_manage_login?(actor) - actor.has_permission?("manage_login") + actor && actor.has_permission?("manage_login") end def self.can_login?(actor) - actor.has_permission?("login") + actor && actor.has_permission?("login") end def self.creation_allowed? @@ -25,6 +25,7 @@ def self.restricted_login_message def self.can_boot?(actor) # Limit to admins or approved non-admins to prevent trolls from using it. + return false if !actor not_new = actor.has_permission?("manage_login") || actor.is_approved? actor.has_permission?("boot") && not_new end @@ -179,5 +180,13 @@ def self.site_blocked_message t('login.site_blocked_proxies') : t('login.site_blocked') end + + def self.is_email_valid?(email) + return true if email.blank? + if email !~ /\A[^@\s]+@([^@\s]+\.)+[^@\s]+\z/ + return false + end + return true + end end end \ No newline at end of file diff --git a/plugins/login/locales/locale_en.yml b/plugins/login/locales/locale_en.yml index 685005046b..2fdc8bf92f 100644 --- a/plugins/login/locales/locale_en.yml +++ b/plugins/login/locales/locale_en.yml @@ -13,6 +13,7 @@ en: email_registered_is: "The email set for %{name} is %{email}." email_set: "You set your email." invalid_name_or_password: "Invalid name or password." + invalid_password: "Invalid password." passwords_dont_match: "Passwords don't match." recaptcha_failed: "Please prove you're human first." no_guest_webportal: "Guests do not have a web portal account. You can still use 'Play via Web Client' option to play from the web portal as a guest." diff --git a/plugins/login/login.rb b/plugins/login/login.rb index 2e336798a7..b2a1809969 100644 --- a/plugins/login/login.rb +++ b/plugins/login/login.rb @@ -144,6 +144,8 @@ def self.get_web_request_handler(request) return LoginInfoRequestHandler when "register" return RegisterRequestHandler + when "changeName" + return ChangeNameRequestHandler when "changePassword" return ChangePasswordRequestHandler when "accountInfo" @@ -152,6 +154,8 @@ def self.get_web_request_handler(request) return LoginNoticesRequestHandler when "markNotificationsRead" return LoginNoticesMarkReadRequestHandler + when "setEmail" + return SetEmailRequestHandler end nil end diff --git a/plugins/login/public/login_api.rb b/plugins/login/public/login_api.rb index f707853969..6907b6d3b7 100644 --- a/plugins/login/public/login_api.rb +++ b/plugins/login/public/login_api.rb @@ -144,5 +144,19 @@ def self.boot_char(bootee, boot_message) return nil end + + def self.build_web_site_info(char, viewer) + matches = Character.all.select { |c| Login.is_site_match?(c.last_ip, + c.last_hostname, + char.last_ip, + char.last_hostname) } + findsite = matches.map { |m| { name: m.name, ip: m.last_ip, hostname: m.last_hostname } } + { + last_online: OOCTime.local_long_timestr(viewer, char.last_on), + last_ip: char.last_ip, + last_hostname: char.last_hostname, + findsite: findsite + } + end end end diff --git a/plugins/login/web/account_info_request_handler.rb b/plugins/login/web/account_info_request_handler.rb index fe34b86b5a..1a6619f873 100644 --- a/plugins/login/web/account_info_request_handler.rb +++ b/plugins/login/web/account_info_request_handler.rb @@ -8,7 +8,9 @@ def handle(request) return error if error { - handle: enactor.handle ? enactor.handle.name : nil + handle: enactor.handle ? enactor.handle.name : nil, + email: enactor.login_email, + name: enactor.name } end end diff --git a/plugins/login/web/change_name_request_handler.rb b/plugins/login/web/change_name_request_handler.rb new file mode 100644 index 0000000000..7fb81f9905 --- /dev/null +++ b/plugins/login/web/change_name_request_handler.rb @@ -0,0 +1,28 @@ +module AresMUSH + module Login + class ChangeNameRequestHandler + def handle(request) + enactor = request.enactor + name = request.args[:name] + pw = request.args[:confirm_password] + + error = Website.check_login(request) + return error if error + + if (!enactor.compare_password(pw)) + return { error: t('login.invalid_password') } + end + + name_validation_msg = Character.check_name(name, enactor) + if (name_validation_msg) + return { error: name_validation_msg } + end + + enactor.update(name: name) + + { + } + end + end + end +end \ No newline at end of file diff --git a/plugins/login/web/change_password_request_handler.rb b/plugins/login/web/change_password_request_handler.rb index b1b4efe95c..e283509690 100644 --- a/plugins/login/web/change_password_request_handler.rb +++ b/plugins/login/web/change_password_request_handler.rb @@ -11,7 +11,7 @@ def handle(request) return error if error if (!enactor.compare_password(pw)) - return { error: t('login.invalid_name_or_password') } + return { error: t('login.invalid_password') } end password_error = Character.check_password(new_pw) diff --git a/plugins/login/web/set_email_request_handler.rb b/plugins/login/web/set_email_request_handler.rb new file mode 100644 index 0000000000..8cb2894556 --- /dev/null +++ b/plugins/login/web/set_email_request_handler.rb @@ -0,0 +1,27 @@ +module AresMUSH + module Login + class SetEmailRequestHandler + def handle(request) + enactor = request.enactor + email = request.args[:email] + pw = request.args[:confirm_password] + + error = Website.check_login(request) + return error if error + + if (!enactor.compare_password(pw)) + return { error: t('login.invalid_password') } + end + + if !Login.is_email_valid?(email) + return { error: t('login.invalid_email_format') } + end + + enactor.update(login_email: email) + + { + } + end + end + end +end \ No newline at end of file diff --git a/plugins/manage/helpers.rb b/plugins/manage/helpers.rb index 21d4bd9b0b..02bc7d62d9 100644 --- a/plugins/manage/helpers.rb +++ b/plugins/manage/helpers.rb @@ -1,18 +1,16 @@ module AresMUSH module Manage def self.can_manage_game?(actor) - return false if !actor - actor.has_permission?("manage_game") + actor && actor.has_permission?("manage_game") end def self.can_announce?(actor) - return false if !actor - actor.has_permission?("announce") + actor && actor.has_permission?("announce") end def self.can_manage_rooms?(actor) - return false if !actor - actor.has_permission?("build") || self.can_manage_game?(actor) + return true if Manage.can_manage_game?(actor) + actor && actor.has_permission?("build") end def self.can_manage_object?(actor, model) diff --git a/plugins/manage/locales/locale_en.yml b/plugins/manage/locales/locale_en.yml index fb96523cb5..afa16b0064 100644 --- a/plugins/manage/locales/locale_en.yml +++ b/plugins/manage/locales/locale_en.yml @@ -106,4 +106,4 @@ en: error_installing_theme: "Error installing theme %{name}. Error: %{error}" theme_installed: "Theme %{name} installed. Please check the readme file at %{url} for any additional instructions." - mismatched_versions: "Your game and webportal versions are mismatched. Maybe something went awry with the upgrade." \ No newline at end of file + mismatched_versions: "Your game and webportal versions are mismatched. Try reloading the page or clearing your browser cache. If the problem persists, there may be an upgrade issue." \ No newline at end of file diff --git a/plugins/profile/web/character_groups_request_handler.rb b/plugins/profile/web/character_groups_request_handler.rb index 904de2202c..ab4d04d0a1 100644 --- a/plugins/profile/web/character_groups_request_handler.rb +++ b/plugins/profile/web/character_groups_request_handler.rb @@ -2,6 +2,9 @@ module AresMUSH module Profile class CharacterGroupsRequestHandler def handle(request) + enactor = request.enactor + error = Website.check_login(request, true) + return error if error group_key = (Global.read_config("website", "character_gallery_group") || "faction").downcase npc_groups = Character.all.select { |c| c.is_npc? && !c.idled_out? } @@ -72,6 +75,16 @@ def handle(request) icon: Website.icon_for_char(c) } } + + if (enactor && enactor.is_admin?) + new_chars = Character.all.select { |c| !c.is_approved? }.sort_by { |c| c.name }.map { |c| { + name: c.name, + icon: Website.icon_for_char(c) + } + } + else + new_chars = nil + end { @@ -82,7 +95,8 @@ def handle(request) }}, groups: groups, idle: idle_chars, - dead: dead_chars + dead: dead_chars, + unapproved: new_chars } end end diff --git a/plugins/profile/web/character_request_handler.rb b/plugins/profile/web/character_request_handler.rb index c0df381fa1..9922193396 100644 --- a/plugins/profile/web/character_request_handler.rb +++ b/plugins/profile/web/character_request_handler.rb @@ -83,8 +83,10 @@ def handle(request) fate = nil end - if (enactor) - Login.mark_notices_read(enactor, :achievement) + if (enactor && enactor.is_admin?) + siteinfo = Login.build_web_site_info(char, enactor) + else + siteinfo = nil end { @@ -102,6 +104,7 @@ def handle(request) status_message: Profile.get_profile_status_message(char), tags: char.profile_tags, can_manage: can_manage, + can_approve: Chargen.can_approve?(enactor), profile: profile, relationships: relationships, last_online: OOCTime.local_long_timestr(enactor, char.last_on), @@ -122,7 +125,8 @@ def handle(request) roster: self.build_roster_info(char), idle_notes: char.idle_notes ? Website.format_markdown_for_html(char.idle_notes) : nil, custom: CustomCharFields.get_fields_for_viewing(char, enactor), - show_notes: char == enactor || Utils.can_manage_notes?(enactor) + show_notes: char == enactor || Utils.can_manage_notes?(enactor), + siteinfo: siteinfo } end diff --git a/plugins/ranks/helpers.rb b/plugins/ranks/helpers.rb index e5ca1f9dc6..6318178e88 100644 --- a/plugins/ranks/helpers.rb +++ b/plugins/ranks/helpers.rb @@ -1,7 +1,7 @@ module AresMUSH module Ranks def self.can_manage_ranks?(actor) - actor.has_permission?("manage_ranks") + actor && actor.has_permission?("manage_ranks") end def self.rank_group diff --git a/plugins/roles/helpers.rb b/plugins/roles/helpers.rb index e73380d456..db9332b13c 100644 --- a/plugins/roles/helpers.rb +++ b/plugins/roles/helpers.rb @@ -9,7 +9,7 @@ def self.restricted_roles end def self.can_assign_role?(actor) - actor.is_admin? + actor && actor.is_admin? end def self.is_restricted?(name) diff --git a/plugins/rooms/commands/areas/area_delete_cmd.rb b/plugins/rooms/commands/areas/area_delete_cmd.rb index 2d53f2f585..32f18c571b 100644 --- a/plugins/rooms/commands/areas/area_delete_cmd.rb +++ b/plugins/rooms/commands/areas/area_delete_cmd.rb @@ -15,6 +15,12 @@ def required_args def handle area = Area.find_one_by_name(self.name) + + if (!Rooms.can_delete_area?(area)) + client.emit_failure t('rooms.cant_delete_area') + return + end + if (area) area.delete client.emit_success t('rooms.area_deleted', :name => self.name) diff --git a/plugins/rooms/helpers.rb b/plugins/rooms/helpers.rb index 64bcccb6de..b76345bdf5 100644 --- a/plugins/rooms/helpers.rb +++ b/plugins/rooms/helpers.rb @@ -79,5 +79,11 @@ def self.has_parent_area(parent_to_check, area) return true if parent_to_check.parent == area Rooms.has_parent_area(parent_to_check.parent, area) end + + def self.can_delete_area?(area) + return false if area.children.any? + return false if area.rooms.any? + return true + end end end \ No newline at end of file diff --git a/plugins/rooms/locales/locale_en.yml b/plugins/rooms/locales/locale_en.yml index f892f03ad1..a63ce6864b 100644 --- a/plugins/rooms/locales/locale_en.yml +++ b/plugins/rooms/locales/locale_en.yml @@ -73,4 +73,6 @@ en: area_title: "Area %{area}" area_locations_title: "Locations in %{area}" area_parent_set: "You set the parent for %{name} to %{parent}." - circular_area_parentage: "You can't parent an area to one of its descendants." \ No newline at end of file + circular_area_parentage: "You can't parent an area to one of its descendants." + + cant_delete_area: "You can't delete an area that is used by rooms or is the parent of another area." \ No newline at end of file diff --git a/plugins/rooms/public/room.rb b/plugins/rooms/public/room.rb index 6f93a75424..c2a8e38e2b 100644 --- a/plugins/rooms/public/room.rb +++ b/plugins/rooms/public/room.rb @@ -44,6 +44,10 @@ def name_and_area self.area ? "#{self.area.name}/#{self.name}" : self.name end + def is_temp_room? + self.scene && self.scene.temp_room + end + def grid_marker if (self.grid_x && self.grid_y) "(#{self.grid_x},#{self.grid_y})" diff --git a/plugins/rooms/web/area_delete_request_handler.rb b/plugins/rooms/web/area_delete_request_handler.rb index 2d6b54d24e..7d77e84c26 100644 --- a/plugins/rooms/web/area_delete_request_handler.rb +++ b/plugins/rooms/web/area_delete_request_handler.rb @@ -12,6 +12,10 @@ def handle(request) error = Website.check_login(request) return error if error + + if (!Rooms.can_delete_area?(area)) + return { error: t('rooms.cant_delete_area') } + end if (!Rooms.can_build?(enactor)) return { error: t('dispatcher.not_allowed') } diff --git a/plugins/rooms/web/area_request_handler.rb b/plugins/rooms/web/area_request_handler.rb index c7f6ee03dc..882ceb80b6 100644 --- a/plugins/rooms/web/area_request_handler.rb +++ b/plugins/rooms/web/area_request_handler.rb @@ -34,7 +34,7 @@ def handle(request) parent: area.parent ? { name: area.parent.name, id: area.parent.id } : nil, summary: summary, description: desc, - rooms: area.rooms.to_a.sort_by { |r| r.name }.map { |r| { + rooms: area.rooms.select { |r| !r.is_temp_room? }.sort_by { |r| r.name }.map { |r| { name: r.name, id: r.id, name_and_area: r.name_and_area diff --git a/plugins/rooms/web/locations_request_handler.rb b/plugins/rooms/web/locations_request_handler.rb index 41de80783f..b3b3d887db 100644 --- a/plugins/rooms/web/locations_request_handler.rb +++ b/plugins/rooms/web/locations_request_handler.rb @@ -15,7 +15,7 @@ def handle(request) name: area.full_name, summary: area.summary ? Website.format_markdown_for_html(area.summary) : "", children: area.children.to_a.sort_by { |a| a.name }.map { |a| { id: a.id, name: a.name } }, - rooms: area.rooms.map { |r| { name: r.name, id: r.id } }, + rooms: area.rooms.select { |r| !r.is_temp_room? }.map { |r| { name: r.name, id: r.id } }, is_top_level: area.parent ? false : true } }, @@ -31,7 +31,7 @@ def handle(request) def is_orphan?(room) return false if room.area return true if !room.scene - return !room.scene.temp_room + return !room.is_temp_room? end end diff --git a/plugins/scenes/helpers/permissions.rb b/plugins/scenes/helpers/permissions.rb index 8d6518bbe5..b4f79ea3e9 100644 --- a/plugins/scenes/helpers/permissions.rb +++ b/plugins/scenes/helpers/permissions.rb @@ -2,13 +2,11 @@ module AresMUSH module Scenes def self.can_manage_scenes?(actor) - return false if !actor - actor.has_permission?("manage_scenes") + actor && actor.has_permission?("manage_scenes") end def self.can_control_npcs?(actor) - return false if !actor - actor.has_permission?("control_npcs") + actor && actor.has_permission?("control_npcs") end diff --git a/plugins/scenes/helpers/scene_info.rb b/plugins/scenes/helpers/scene_info.rb index 9d62b7f219..ad0f0f749d 100644 --- a/plugins/scenes/helpers/scene_info.rb +++ b/plugins/scenes/helpers/scene_info.rb @@ -73,7 +73,7 @@ def self.set_scene_location(scene, location, enactor = nil) if (matched_rooms.count == 1) room = matched_rooms.first - if (room.scene && room.scene.temp_room) + if (room.is_temp_room?) description = location else description = "%xh#{room.name}%xn%R#{room.description}" diff --git a/plugins/status/helpers.rb b/plugins/status/helpers.rb index 597c49c62b..9759eca30e 100644 --- a/plugins/status/helpers.rb +++ b/plugins/status/helpers.rb @@ -1,11 +1,11 @@ module AresMUSH module Status def self.can_be_on_duty?(actor) - actor.has_permission?("set_duty") + actor && actor.has_permission?("set_duty") end def self.can_manage_status?(actor) - actor.has_permission?("manage_status") + actor && actor.has_permission?("manage_status") end def self.get_icloc(char, reset = false) diff --git a/plugins/weather/helpers.rb b/plugins/weather/helpers.rb index b1ef18a977..eb80c82446 100644 --- a/plugins/weather/helpers.rb +++ b/plugins/weather/helpers.rb @@ -3,7 +3,7 @@ module Weather mattr_accessor :current_weather def self.can_change_weather?(actor) - actor.has_permission?("manage_weather") + actor && actor.has_permission?("manage_weather") end def self.load_weather_if_needed diff --git a/plugins/website/web/get_files_request_handler.rb b/plugins/website/web/get_files_request_handler.rb index bb035ebb2c..f508773502 100644 --- a/plugins/website/web/get_files_request_handler.rb +++ b/plugins/website/web/get_files_request_handler.rb @@ -8,10 +8,12 @@ def handle(request) error = Website.check_login(request, true) return error if error - files = Dir[File.join(AresMUSH.website_uploads_path, folder, "**")] + folder_path = File.join(AresMUSH.website_uploads_path, folder) + files = Dir[File.join(folder_path, "**")] { folder: folder.gsub(AresMUSH.website_uploads_path, '').gsub('/', ''), + folder_size: Website.folder_size_kb(folder_path), files: files.select { |f| !File.directory?(f) }.sort.map { |f| { name: File.basename(f), diff --git a/version.txt b/version.txt index 08fec8881e..91bc873305 100644 --- a/version.txt +++ b/version.txt @@ -1 +1 @@ -0.83 +0.84