Add moderator role

Refresh.Database/Models/Users/GameUserRole.cs

@@ -13,6 +13,11 @@ public enum GameUserRole : sbyte
     /// </summary>
     Admin = 127,
     /// <summary>
+    /// A mod. Can moderate (edit and delete) various UGC, curate content like Curators, but doesn't have any permissions 
+    /// over the instance itself.
+    /// </summary>
+    Moderator = 96,
+    /// <summary>
     /// A user that doesn't have moderator powers, but may team pick levels, set re-upload data, and adjust the level's game version.
     /// </summary>
     Curator = 64,

Refresh.Interfaces.APIv3/Endpoints/Admin/AdminAssetApiEndpoints.cs

@@ -15,7 +15,7 @@ namespace Refresh.Interfaces.APIv3.Endpoints.Admin;
 
 public class AdminAssetApiEndpoints : EndpointGroup
 {
-    [ApiV3Endpoint("admin/users/uuid/{uuid}/assets"), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/users/uuid/{uuid}/assets"), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Retrieves a list of assets uploaded by the user.")]
     [DocQueryParam("assetType", "The asset type to filter by. Can be excluded to list all types.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.UserMissingErrorWhen)]

Refresh.Interfaces.APIv3/Endpoints/Admin/AdminLeaderboardApiEndpoints.cs

@@ -13,7 +13,7 @@ namespace Refresh.Interfaces.APIv3.Endpoints.Admin;
 
 public class AdminLeaderboardApiEndpoints : EndpointGroup
 {
-    [ApiV3Endpoint("admin/scores/{uuid}", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/scores/{uuid}", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Removes a score by the score's UUID.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.ScoreMissingErrorWhen)]
     public ApiOkResponse DeleteScore(RequestContext context, GameDatabaseContext database,
@@ -27,7 +27,7 @@ public ApiOkResponse DeleteScore(RequestContext context, GameDatabaseContext dat
         return new ApiOkResponse();
     }
 
-    [ApiV3Endpoint("admin/users/uuid/{uuid}/scores", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/users/uuid/{uuid}/scores", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Deletes all scores set by a user. Gets user by their UUID.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.UserMissingErrorWhen)]
     public ApiOkResponse DeleteScoresSetByUuid(RequestContext context, GameDatabaseContext database,
@@ -40,7 +40,7 @@ public ApiOkResponse DeleteScoresSetByUuid(RequestContext context, GameDatabaseC
         return new ApiOkResponse();
     }
 
-    [ApiV3Endpoint("admin/users/name/{username}/scores", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/users/name/{username}/scores", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Deletes all scores set by a user. Gets user by their username.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.UserMissingErrorWhen)]
     public ApiOkResponse DeleteScoresSetByUsername(RequestContext context, GameDatabaseContext database,

Refresh.Interfaces.APIv3/Endpoints/Admin/AdminLevelApiEndpoints.cs

@@ -62,7 +62,7 @@ public ApiResponse<ApiGameLevelResponse> EditLevelById(RequestContext context, G
         return ApiGameLevelResponse.FromOld(level, dataContext);
     }
 
-    [ApiV3Endpoint("admin/levels/id/{id}", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/levels/id/{id}", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Deletes a level.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.LevelMissingErrorWhen)]
     public ApiOkResponse DeleteLevel(RequestContext context, GameDatabaseContext database, int id)

Refresh.Interfaces.APIv3/Endpoints/Admin/AdminPhotoApiEndpoints.cs

@@ -13,7 +13,7 @@ namespace Refresh.Interfaces.APIv3.Endpoints.Admin;
 
 public class AdminPhotoApiEndpoints : EndpointGroup
 {
-    [ApiV3Endpoint("admin/users/uuid/{uuid}/photos", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/users/uuid/{uuid}/photos", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Deletes all photos posted by a user. Gets user by their UUID.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.UserMissingErrorWhen)]
     public ApiOkResponse DeletePhotosPostedByUuid(RequestContext context, GameDatabaseContext database,
@@ -26,7 +26,7 @@ public ApiOkResponse DeletePhotosPostedByUuid(RequestContext context, GameDataba
         return new ApiOkResponse();
     }
 
-    [ApiV3Endpoint("admin/users/name/{username}/photos", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/users/name/{username}/photos", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Deletes all photos posted by a user. Gets user by their username.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.UserMissingErrorWhen)]
     public ApiOkResponse DeletePhotosPostedByUsername(RequestContext context, GameDatabaseContext database,
@@ -39,7 +39,7 @@ public ApiOkResponse DeletePhotosPostedByUsername(RequestContext context, GameDa
         return new ApiOkResponse();
     }
 
-    [ApiV3Endpoint("admin/photos/id/{id}", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/photos/id/{id}", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Deletes a photo.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.PhotoMissingErrorWhen)]
     public ApiOkResponse DeletePhoto(RequestContext context, GameDatabaseContext database, int id)

Refresh.Interfaces.APIv3/Endpoints/Admin/AdminRegistrationApiEndpoints.cs

@@ -15,7 +15,7 @@ namespace Refresh.Interfaces.APIv3.Endpoints.Admin;
 
 public class AdminRegistrationApiEndpoints : EndpointGroup
 {
-    [ApiV3Endpoint("admin/registrations"), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/registrations"), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Retrieves all queued registrations on the server.")]
     public ApiListResponse<ApiAdminQueuedRegistrationResponse> GetAllQueuedRegistrations(RequestContext context,
         GameDatabaseContext database, DataContext dataContext) 
@@ -37,7 +37,7 @@ public ApiResponse<ApiAdminQueuedRegistrationResponse> GetQueuedRegistrationByUu
         return ApiAdminQueuedRegistrationResponse.FromOld(registration, dataContext);
     }
 
-    [ApiV3Endpoint("admin/registrations/{uuid}", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/registrations/{uuid}", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Deletes a registration by its UUID.")]
     [DocError(typeof(ApiValidationError), ApiValidationError.ObjectIdParseErrorWhen)]
     [DocError(typeof(ApiNotFoundError), "The registration could not be found")]
@@ -53,7 +53,7 @@ public ApiOkResponse DeleteQueuedRegistrationByUuid(RequestContext context, Game
         return new ApiOkResponse();
     }
 
-    [ApiV3Endpoint("admin/registrations", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/registrations", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Clears all queued registrations from the server.")]
     public ApiOkResponse DeleteAllQueuedRegistrations(RequestContext context, GameDatabaseContext database)
     {

Refresh.Interfaces.APIv3/Endpoints/Admin/AdminReviewApiEndpoints.cs

@@ -13,7 +13,7 @@ namespace Refresh.Interfaces.APIv3.Endpoints.Admin;
 
 public class AdminReviewApiEndpoints : EndpointGroup
 {
-    [ApiV3Endpoint("admin/reviews/id/{reviewId}", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/reviews/id/{reviewId}", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Deletes a specific review by ID.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.ReviewMissingErrorWhen)]
     public ApiOkResponse DeleteReviewById(RequestContext context, GameDatabaseContext database,
@@ -27,7 +27,7 @@ public ApiOkResponse DeleteReviewById(RequestContext context, GameDatabaseContex
         return new ApiOkResponse();
     }
 
-        [ApiV3Endpoint("admin/comments/profile/id/{commentId}", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+        [ApiV3Endpoint("admin/comments/profile/id/{commentId}", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Deletes a specific profile comment by ID.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.CommentMissingErrorWhen)]
     public ApiOkResponse DeleteProfileCommentById(RequestContext context, GameDatabaseContext database,
@@ -41,7 +41,7 @@ public ApiOkResponse DeleteProfileCommentById(RequestContext context, GameDataba
         return new ApiOkResponse();
     }
 
-    [ApiV3Endpoint("admin/comments/level/id/{commentId}", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/comments/level/id/{commentId}", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Deletes a specific level comment by ID.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.CommentMissingErrorWhen)]
     public ApiOkResponse DeleteLevelCommentById(RequestContext context, GameDatabaseContext database,
@@ -55,7 +55,7 @@ public ApiOkResponse DeleteLevelCommentById(RequestContext context, GameDatabase
         return new ApiOkResponse();
     }
 
-    [ApiV3Endpoint("admin/users/uuid/{uuid}/comments/profile", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/users/uuid/{uuid}/comments/profile", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Deletes all profile comments posted by a user. Gets user by their UUID.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.UserMissingErrorWhen)]
     public ApiOkResponse DeleteProfileCommentsByUuid(RequestContext context, GameDatabaseContext database,
@@ -68,7 +68,7 @@ public ApiOkResponse DeleteProfileCommentsByUuid(RequestContext context, GameDat
         return new ApiOkResponse();
     }
 
-    [ApiV3Endpoint("admin/users/name/{username}/comments/profile", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/users/name/{username}/comments/profile", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Deletes all profile comments posted by a user. Gets user by their username.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.UserMissingErrorWhen)]
     public ApiOkResponse DeleteProfileCommentsByUsername(RequestContext context, GameDatabaseContext database,
@@ -81,7 +81,7 @@ public ApiOkResponse DeleteProfileCommentsByUsername(RequestContext context, Gam
         return new ApiOkResponse();
     }
 
-    [ApiV3Endpoint("admin/users/uuid/{uuid}/comments/level", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/users/uuid/{uuid}/comments/level", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Deletes all level comments posted by a user. Gets user by their UUID.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.UserMissingErrorWhen)]
     public ApiOkResponse DeleteLevelCommentsByUuid(RequestContext context, GameDatabaseContext database,
@@ -94,7 +94,7 @@ public ApiOkResponse DeleteLevelCommentsByUuid(RequestContext context, GameDatab
         return new ApiOkResponse();
     }
 
-    [ApiV3Endpoint("admin/users/name/{username}/comments/level", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/users/name/{username}/comments/level", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Deletes all level comments posted by a user. Gets user by their username.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.UserMissingErrorWhen)]
     public ApiOkResponse DeleteLevelCommentsByUsername(RequestContext context, GameDatabaseContext database,
@@ -107,7 +107,7 @@ public ApiOkResponse DeleteLevelCommentsByUsername(RequestContext context, GameD
         return new ApiOkResponse();
     }
 
-    [ApiV3Endpoint("admin/users/uuid/{uuid}/reviews", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/users/uuid/{uuid}/reviews", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Deletes all reviews posted by a user. Gets user by their UUID.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.UserMissingErrorWhen)]
     public ApiOkResponse DeleteReviewsPostedByUuid(RequestContext context, GameDatabaseContext database,
@@ -120,7 +120,7 @@ public ApiOkResponse DeleteReviewsPostedByUuid(RequestContext context, GameDatab
         return new ApiOkResponse();
     }
 
-    [ApiV3Endpoint("admin/users/name/{username}/reviews", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/users/name/{username}/reviews", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Deletes all reviews posted by a user. Gets user by their username.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.UserMissingErrorWhen)]
     public ApiOkResponse DeleteReviewsPostedByUsername(RequestContext context, GameDatabaseContext database,

Refresh.Interfaces.APIv3/Endpoints/Admin/AdminUserApiEndpoints.cs

@@ -22,7 +22,7 @@ namespace Refresh.Interfaces.APIv3.Endpoints.Admin;
 
 public class AdminUserApiEndpoints : EndpointGroup
 {
-    [ApiV3Endpoint("admin/users/name/{username}"), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/users/name/{username}"), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Gets a user by their name with extended information.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.UserMissingErrorWhen)]
     public ApiResponse<ApiExtendedGameUserResponse> GetExtendedUserByUsername(RequestContext context,
@@ -34,7 +34,7 @@ public ApiResponse<ApiExtendedGameUserResponse> GetExtendedUserByUsername(Reques
         return ApiExtendedGameUserResponse.FromOld(user, dataContext);
     }
 
-    [ApiV3Endpoint("admin/users/uuid/{uuid}"), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/users/uuid/{uuid}"), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Gets a user by their UUID with extended information.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.UserMissingErrorWhen)]
     public ApiResponse<ApiExtendedGameUserResponse> GetExtendedUserByUuid(RequestContext context,
@@ -46,7 +46,7 @@ public ApiResponse<ApiExtendedGameUserResponse> GetExtendedUserByUuid(RequestCon
         return ApiExtendedGameUserResponse.FromOld(user, dataContext);
     }
 
-    [ApiV3Endpoint("admin/users"), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/users"), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Gets all users with extended information.")]
     [DocUsesPageData]
     public ApiListResponse<ApiExtendedGameUserResponse> GetExtendedUsers(RequestContext context,
@@ -69,8 +69,8 @@ private static ApiOkResponse ResetUserPassword(GameDatabaseContext database, Api
         return new ApiOkResponse();
     }
 
-    [ApiV3Endpoint("admin/users/uuid/{uuid}/resetPassword", HttpMethods.Put), MinimumRole(GameUserRole.Admin)]
-    [DocSummary("Reset's a user password by their UUID.")]
+    [ApiV3Endpoint("admin/users/uuid/{uuid}/resetPassword", HttpMethods.Put), MinimumRole(GameUserRole.Moderator)]
+    [DocSummary("Resets a user's password by their UUID.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.UserMissingErrorWhen)]
     [DocRequestBody(typeof(ApiResetUserPasswordRequest))]
     public ApiOkResponse ResetUserPasswordByUuid(RequestContext context, GameDatabaseContext database, ApiResetUserPasswordRequest body, string uuid)
@@ -81,8 +81,8 @@ public ApiOkResponse ResetUserPasswordByUuid(RequestContext context, GameDatabas
         return ResetUserPassword(database, body, user);
     }
 
-    [ApiV3Endpoint("admin/users/name/{username}/resetPassword", HttpMethods.Put), MinimumRole(GameUserRole.Admin)]
-    [DocSummary("Reset's a user password by their username.")]
+    [ApiV3Endpoint("admin/users/name/{username}/resetPassword", HttpMethods.Put), MinimumRole(GameUserRole.Moderator)]
+    [DocSummary("Resets a user's password by their username.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.UserMissingErrorWhen)]
     [DocRequestBody(typeof(ApiResetUserPasswordRequest))]
     public ApiOkResponse ResetUserPasswordByUsername(RequestContext context, GameDatabaseContext database, ApiResetUserPasswordRequest body, string username)
@@ -93,7 +93,8 @@ public ApiOkResponse ResetUserPasswordByUsername(RequestContext context, GameDat
         return ResetUserPassword(database, body, user);
     }
 
-    [ApiV3Endpoint("admin/users/uuid/{uuid}/planets"), MinimumRole(GameUserRole.Admin)]
+    // TODO: Users should be able to retrieve and reset their own planets
+    [ApiV3Endpoint("admin/users/uuid/{uuid}/planets"), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Retrieves the hashes of a user's planets. Gets user by their UUID.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.UserMissingErrorWhen)]
     public ApiResponse<ApiAdminUserPlanetsResponse> GetUserPlanetsByUuid(RequestContext context, GameDatabaseContext database, string uuid)
@@ -109,7 +110,7 @@ public ApiResponse<ApiAdminUserPlanetsResponse> GetUserPlanetsByUuid(RequestCont
         };
     }
 
-    [ApiV3Endpoint("admin/users/name/{username}/planets"), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/users/name/{username}/planets"), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Retrieves the hashes of a user's planets. Gets user by their username.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.UserMissingErrorWhen)]
     public ApiResponse<ApiAdminUserPlanetsResponse> GetUserPlanetsByUsername(RequestContext context, GameDatabaseContext database, string username)
@@ -125,7 +126,7 @@ public ApiResponse<ApiAdminUserPlanetsResponse> GetUserPlanetsByUsername(Request
         };
     }
 
-    [ApiV3Endpoint("admin/users/uuid/{uuid}/planets", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/users/uuid/{uuid}/planets", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Resets a user's planets. Gets user by their UUID.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.UserMissingErrorWhen)]
     public ApiOkResponse ResetUserPlanetsByUuid(RequestContext context, GameDatabaseContext database, string uuid)
@@ -137,7 +138,7 @@ public ApiOkResponse ResetUserPlanetsByUuid(RequestContext context, GameDatabase
         return new ApiOkResponse();
     }
 
-    [ApiV3Endpoint("admin/users/name/{username}/planets", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/users/name/{username}/planets", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Resets a user's planets. Gets user by their username.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.UserMissingErrorWhen)]
     public ApiOkResponse ResetUserPlanetsByUsername(RequestContext context, GameDatabaseContext database, string username)
@@ -149,7 +150,7 @@ public ApiOkResponse ResetUserPlanetsByUsername(RequestContext context, GameData
         return new ApiOkResponse();
     }
 
-    [ApiV3Endpoint("admin/users/uuid/{uuid}", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/users/uuid/{uuid}", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Deletes a user user by their UUID.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.UserMissingErrorWhen)]
     public ApiOkResponse DeleteUserByUuid(RequestContext context, GameDatabaseContext database, string uuid)
@@ -161,7 +162,7 @@ public ApiOkResponse DeleteUserByUuid(RequestContext context, GameDatabaseContex
         return new ApiOkResponse();
     }
 
-    [ApiV3Endpoint("admin/users/name/{username}", HttpMethods.Delete), MinimumRole(GameUserRole.Admin)]
+    [ApiV3Endpoint("admin/users/name/{username}", HttpMethods.Delete), MinimumRole(GameUserRole.Moderator)]
     [DocSummary("Deletes a user user by their UUID.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.UserMissingErrorWhen)]
     public ApiOkResponse DeleteUserByUsername(RequestContext context, GameDatabaseContext database, string username)