package net.frozenorb.apiv3.models; import com.google.common.collect.ImmutableMap; import com.google.common.collect.ImmutableSet; import com.google.common.collect.Maps; import lombok.Getter; import lombok.Setter; import net.frozenorb.apiv3.APIv3; import net.frozenorb.apiv3.serialization.ExcludeFromReplies; import net.frozenorb.apiv3.utils.PermissionUtils; import org.bson.Document; import org.mindrot.jbcrypt.BCrypt; import org.mongodb.morphia.annotations.Entity; import org.mongodb.morphia.annotations.Id; import org.mongodb.morphia.annotations.Indexed; import java.util.*; @Entity(value = "users", noClassnameStored = true) public final class User { @Getter @Id private UUID id; @Getter @Indexed private String lastUsername; @Getter @ExcludeFromReplies private Map aliases; @Getter @Setter @ExcludeFromReplies private String totpSecret; @Getter @Indexed @ExcludeFromReplies @Setter private String emailToken; @Getter @ExcludeFromReplies @Setter private Date emailTokenSet; @Getter @ExcludeFromReplies private String password; @Getter @Setter private String email; @Getter private String phoneNumber; @Getter private String lastSeenOn; @Getter private Date lastSeenAt; @Getter private Date firstSeenAt; public static User byId(String id) { try { return byId(UUID.fromString(id)); } catch (Exception ex) { return null; } } public static User byId(UUID id) { return APIv3.getDatastore().createQuery(User.class).field("id").equal(id).get(); } public static User byEmailToken(String name) { return APIv3.getDatastore().createQuery(User.class).field("emailToken").equal(name).get(); } @Deprecated public static User byLastUsername(String lastUsername) { return APIv3.getDatastore().createQuery(User.class).field("lastUsername").equal(lastUsername).get(); } public User() {} // For Morphia public User(UUID id, String lastUsername) { this.id = id; this.lastUsername = lastUsername; this.aliases = new HashMap<>(); this.totpSecret = null; this.password = null; this.email = null; this.phoneNumber = null; this.lastSeenOn = null; this.lastSeenAt = new Date(); this.firstSeenAt = new Date(); aliases.put(lastUsername, new Date()); } public boolean hasPermissionScoped(String permission, ServerGroup scope) { Rank highestRank = getHighestRank(scope); Map scopedPermissions = PermissionUtils.mergePermissions( PermissionUtils.getDefaultPermissions(highestRank), scope.calculatePermissions(highestRank) ); return scopedPermissions.containsKey(permission) && scopedPermissions.get(permission); } public boolean hasPermissionAnywhere(String permission) { Map globalPermissions = PermissionUtils.getDefaultPermissions(getHighestRank()); for (Map.Entry serverGroupEntry : getHighestRanks().entrySet()) { ServerGroup serverGroup = serverGroupEntry.getKey(); Rank rank = serverGroupEntry.getValue(); globalPermissions = PermissionUtils.mergePermissions( globalPermissions, serverGroup.calculatePermissions(rank) ); } return globalPermissions.containsKey(permission) && globalPermissions.get(permission); } public List getGrants() { return APIv3.getDatastore().createQuery(Grant.class).field("target").equal(id).asList(); } public List getIPLog() { return APIv3.getDatastore().createQuery(IPLogEntry.class).field("user").equal(id).asList(); } public IPLogEntry getIPLogEntry(String ip) { IPLogEntry existing = APIv3.getDatastore().createQuery(IPLogEntry.class).field("user").equal(id).field("ip").equal(ip).get(); if (existing == null) { existing = new IPLogEntry(this, ip); APIv3.getDatastore().save(existing); } return existing; } public List getPunishments() { return APIv3.getDatastore().createQuery(Punishment.class).field("target").equal(id).asList(); } public List getPunishments(Collection types) { return APIv3.getDatastore().createQuery(Punishment.class).field("target").equal(id).field("type").in(types).asList(); } public UserMetaEntry getMeta(ServerGroup group) { return APIv3.getDatastore().createQuery(UserMetaEntry.class).field("user").equal(id).field("serverGroup").equal(group.getId()).get(); } public void saveMeta(ServerGroup group, Document data) { UserMetaEntry entry = getMeta(group); if (entry == null) { APIv3.getDatastore().save(new UserMetaEntry(this, group, data)); } else { entry.setData(data); APIv3.getDatastore().save(entry); } } public void seenOnServer(String username, Server server) { this.lastSeenOn = server.getId(); this.lastSeenAt = new Date(); this.aliases.put(username, new Date()); } public void setPassword(char[] unencrypted) { this.password = BCrypt.hashpw(new String(unencrypted), BCrypt.gensalt()); } public boolean checkPassword(char[] unencrypted) { return BCrypt.checkpw(new String(unencrypted), password); } public Rank getHighestRank() { return getHighestRank(null); } public Rank getHighestRank(ServerGroup serverGroup) { Rank highest = null;; for (Grant grant : getGrants()) { if (!grant.isActive() || (serverGroup != null && !grant.appliesOn(serverGroup))) { continue; } Rank rank = Rank.byId(grant.getRank()); if (highest == null || rank.getWeight() > highest.getWeight()) { highest = rank; } } if (highest != null) { return highest; } else { return Rank.byId("default"); } } public Map getHighestRanks() { Map highestRanks = new HashMap<>(); Rank defaultRank = Rank.byId("default"); List userGrants = getGrants(); for (ServerGroup serverGroup : ServerGroup.values()) { Rank highest = defaultRank; for (Grant grant : userGrants) { if (!grant.isActive() || !grant.appliesOn(serverGroup)) { continue; } Rank rank = Rank.byId(grant.getRank()); if (highest == null || rank.getWeight() > highest.getWeight()) { highest = rank; } } highestRanks.put(serverGroup, highest); } return highestRanks; } public Map getLoginInfo(Server server) { String accessDenialReason = null; for (Punishment punishment : getPunishments(ImmutableSet.of( Punishment.PunishmentType.BLACKLIST, Punishment.PunishmentType.BAN ))) { if (!punishment.isActive()) { continue; } accessDenialReason = punishment.getAccessDenialReason(); } Punishment mute = null; for (Punishment punishment : getPunishments(ImmutableSet.of(Punishment.PunishmentType.MUTE))) { if (!punishment.isActive()) { continue; } mute = punishment; } ServerGroup actorGroup = ServerGroup.byId(server.getGroup()); Rank highestRank = getHighestRank(actorGroup); Map scopedPermissions = PermissionUtils.mergePermissions( PermissionUtils.getDefaultPermissions(highestRank), actorGroup.calculatePermissions(highestRank) ); Map loginInfo = Maps.newHashMap(); loginInfo.put("user", this); loginInfo.put("access", ImmutableMap.of( "allowed", accessDenialReason == null, "message", accessDenialReason == null ? "Public server" : accessDenialReason )); loginInfo.put("rank", highestRank.getId()); loginInfo.put("permissions", scopedPermissions); loginInfo.put("totpSetup", getTotpSecret() != null); if (mute != null) { loginInfo.put("mute", mute); } return loginInfo; } }