/user/{sid}/ban and .../unban endpoints

Allows adding bans, ban timeouts, and unbanning at both the room and
server level.

Author: jagerman

api.yaml

@@ -692,9 +692,14 @@ paths:
   /user/{sessionId}/ban:
     post:
       tags: [Users]
-      summary: Bans or unbans a user.
+      summary: Bans a user.
       description: >
-        Applies or removes a ban of a user from specific rooms, or from the server globally.
+        Applies a ban of a user from specific rooms, or from the server globally.
+        
+        
+        The invoking user must have moderator (or admin) permission in all given rooms when
+        specifying `rooms`, and must be a global server moderator (or admin) if using the `global`
+        parameter.
         
         
         Note that the given session ID does not have to exist: it is possible to preemptively ban
@@ -707,7 +712,7 @@ paths:
       parameters:
       - $ref: "#/components/parameters/pathSessionId"
       requestBody:
-        description: Details of the ban to apply. To unban a user, specify a negative timeout.
+        description: Details of the ban to apply.
         required: true
         content:
           application/json:
@@ -724,6 +729,12 @@ paths:
                     be a moderator (or admin) of all of the given rooms.
                     
                     
+                    You can specify a single element list `["*"]` to ban the user from all rooms on
+                    the server to which the calling user has moderator permissions.  This differs
+                    from a global ban in that it doesn't apply to non-moderator-permission rooms,
+                    nor does it apply to newly created rooms or non-room endpoints.
+                    
+                    
                     Exclusive of `global`.
                 global:
                   type: boolean
@@ -732,6 +743,9 @@ paths:
                     user must be a server-level moderator or admin.
                     
                     
+                    The ban applies immediately to all server requests as early as possible.
+                    
+                    
                     Exclusive of `rooms`.
                 timeout:
                   type: number
@@ -740,14 +754,12 @@ paths:
                   example: 86400
                   description: >
                     How long the ban should apply, in seconds.  If there is an existing ban on the
-                    user in the given rooms or globally this updates the existing expiry to the
-                    given value. If omitted or `null` the ban does not expire.
+                    user in the given rooms this updates the existing expiry to the given value. If
+                    omitted or `null` then the ban does not expire.
+                    
                     
-                    If this value is set to a negative value (`-1` is suggested) then any existing
-                    bans for this user are *removed* from the given rooms/server.  Note, however,
-                    that server bans and room bans are independent: removing a server-level ban does
-                    not remove room-specific bans, and removing a room-level ban will not grant room
-                    access to a user who also has a server-level ban.
+                    May only be used with the `rooms` argument; timeouts are not supported on global
+                    bans.
             examples:
               tworooms:
                 summary: "1-day ban from two rooms"
@@ -758,21 +770,77 @@ paths:
                 summary: "Permanent server ban"
                 value:
                   global: true
-                  timeout: null
-                  delete_all: true
-              unban:
-                summary: "Unban a user from a room"
-                value:
-                  rooms: ["lokinet"]
-                  global: false,
-                  timeout: -1
       responses:
         200:
           description: Ban applied successfully.
           content: {}
         403:
           description: >
-            Permission denied.  The user attempting to set the ban does not have moderator
+            Permission denied.  The user attempting to set the ban does not have the required
+            moderator permissions for one or more of the given rooms (or server moderator permission
+            for a global ban).
+          content: {}
+  /user/{sessionId}/unban:
+    post:
+      tags: [Users]
+      summary: Removes a user ban.
+      description: >
+        Removes a room-specific or global ban of a user.
+        
+        
+        Note that removing a room-specific ban does not affect an existing global ban, and removing
+        a global ban does not affect existing room-specific bans.
+      parameters:
+      - $ref: "#/components/parameters/pathSessionId"
+      requestBody:
+        description: Details of the ban to remove.
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                rooms:
+                  type: array
+                  items:
+                    $ref: "#/components/schemas/RoomToken"
+                  minItems: 1
+                  description: >
+                    List of room tokens from which the ban should be removed (if present). The
+                    invoking user must be a moderator (or admin) of all of the given rooms.
+                    
+                    
+                    You can specify a single element list `["*"]` to unban the user from all rooms
+                    on the server to which the calling user has moderator permissions.  This isn't
+                    the same as removing a global ban; this just removes any room-specific bans that
+                    may currently apply from moderated rooms.
+                    
+                    
+                    Exclusive of `global`.
+                global:
+                  type: boolean
+                  description: >
+                    If true then remove a global server ban of this user. The invoking user must be
+                    a server-level moderator or admin.
+                    
+                    
+                    Exclusive of `rooms`.
+            examples:
+              tworooms:
+                summary: "Remove ban from two rooms"
+                value:
+                  rooms: ["session", "lokinet"]
+              permaban:
+                summary: "Remove server ban"
+                value:
+                  global: true
+      responses:
+        200:
+          description: Ban removed successfully.
+          content: {}
+        403:
+          description: >
+            Permission denied.  The user attempting to remove the ban does not have moderator
             permissions for one or more of the given rooms (or server moderator permission for a
             global ban).
           content: {}

sogs/routes/users.py

@@ -12,18 +12,73 @@
 users = Blueprint('users', __name__)
 
 
+def extract_rooms_or_global(req, admin=True):
+    """
+    Extracts the rooms / global parameters from the request body checking them for validity and
+    expanding them as appropriate.
+
+    Throws a flask abort on failure, returns (rooms, global) which will be either ([list of Rooms],
+    None) for a room operation or (None, True) for a global operation.
+
+    admin specifies whether we require admin permission (if True) or just moderator permission,
+    either in all rooms specified, or globally.  (Similarly it affects what `rooms=['*']` expands
+    to).
+    """
+
+    room_tokens, global_ = req.get('rooms'), req.get('global', False)
+
+    if room_tokens and not isinstance(room_tokens, list):
+        app.logger.warning("Invalid request: rooms must be a list")
+        abort(http.BAD_REQUEST)
+
+    if room_tokens and global_:
+        app.logger.warning("Invalid moderator request: cannot specify both 'rooms' and 'global'")
+        abort(http.BAD_REQUEST)
+
+    if not room_tokens and not global_:
+        app.logger.warning("Invalid moderator request: neither 'rooms' nor 'global' specified")
+        abort(http.BAD_REQUEST)
+
+    if room_tokens:
+        if len(room_tokens) > 1 and '*' in room_tokens:
+            app.logger.warning("Invalid moderator request: room '*' must be the only rooms value")
+            abort(http.BAD_REQUEST)
+
+        if room_tokens == ['*']:
+            room_tokens = None
+
+        try:
+            rooms = mroom.get_rooms_with_permission(
+                g.user, tokens=room_tokens, moderator=True, admin=admin
+            )
+        except Exception as e:
+            # This is almost certainly a bad room token passed in:
+            app.logger.warning(f"Cannot get rooms for adding a moderator: {e}")
+            abort(http.NOT_FOUND)
+
+        if room_tokens:
+            if len(rooms) != len(room_tokens):
+                abort(http.FORBIDDEN)
+        elif not rooms:
+            abort(http.FORBIDDEN)
+
+        return (rooms, None)
+
+    if not g.user.global_moderator or (admin and not g.user.global_admin):
+        abort(http.FORBIDDEN)
+
+    return (None, True)
+
+
 @users.post("/user/<SessionID:sid>/moderator")
 @auth.user_required
 def set_mod(sid):
 
     user = User(session_id=sid)
 
     req = request.json
-    room_tokens, global_mod = req.get('rooms'), req.get('global', False)
 
-    if room_tokens and not isinstance(room_tokens, list):
-        app.logger.warning("Invalid request: room_tokens must be a list")
-        abort(http.BAD_REQUEST)
+    rooms, global_mod = extract_rooms_or_global(req)
 
     mod, admin, visible = (
         None if arg is None else bool(arg)
@@ -51,39 +106,11 @@ def set_mod(sid):
     # (False, True) -- removes admin, adds mod
     # (False, None) -- removes admin
 
-    with db.transaction():
-        if room_tokens:
-            if visible is None:
-                visible = True
-
-            if global_mod:
-                app.logger.warning(
-                    "Invalid moderator request: cannot specify both 'rooms' and 'global'"
-                )
-                abort(http.BAD_REQUEST)
-
-            if len(room_tokens) > 1 and '*' in room_tokens:
-                app.logger.warning(
-                    "Invalid moderator request: room '*' must be the only rooms value"
-                )
-                abort(http.BAD_REQUEST)
-
-            if room_tokens == ['*']:
-                room_tokens = None
-
-            try:
-                rooms = mroom.get_rooms_with_permission(g.user, tokens=room_tokens, admin=True)
-            except Exception as e:
-                # This is almost certainly a bad room token passed in:
-                app.logger.warning(f"Cannot get rooms for adding a moderator: {e}")
-                abort(http.BAD_REQUEST)
-
-            if room_tokens is not None:
-                if len(rooms) != len(room_tokens):
-                    abort(http.FORBIDDEN)
-            elif not rooms:
-                abort(http.FORBIDDEN)
+    if rooms:
+        if visible is None:
+            visible = True
 
+        with db.transaction():
             for room in rooms:
                 if (admin, mod) in ((True, None), (None, True)):
                     room.set_moderator(user, added_by=g.user, admin=admin, visible=visible)
@@ -98,18 +125,63 @@ def set_mod(sid):
                     app.logger.error("Internal error: unhandled mod/admin room case")
                     raise RuntimeError("Internal error: unhandled mod/admin room case")
 
-        else:  # global mod
-            if visible is None:
-                visible = False
-
-            if (admin, mod) in ((True, None), (None, True)):
-                user.set_moderator(added_by=g.user, admin=admin, visible=visible)
-            elif (admin, mod) == (None, False):
-                user.remove_moderator(removed_by=g.user)
-            elif (admin, mod) == (False, None):
-                user.remove_moderator(removed_by=g.user, remove_admin_only=True)
-            elif (admin, mod) == (False, True):
+    else:  # global mod
+        if visible is None:
+            visible = False
+
+        if (admin, mod) in ((True, None), (None, True)):
+            user.set_moderator(added_by=g.user, admin=admin, visible=visible)
+        elif (admin, mod) == (None, False):
+            user.remove_moderator(removed_by=g.user)
+        elif (admin, mod) == (False, None):
+            user.remove_moderator(removed_by=g.user, remove_admin_only=True)
+        elif (admin, mod) == (False, True):
+            with db.transaction():
                 user.remove_moderator(removed_by=g.user, remove_admin_only=True)
                 user.set_moderator(added_by=g.user, admin=bool(admin), visible=visible)
 
     return jsonify({})
+
+
+@users.post("/user/<SessionID:sid>/ban")
+@auth.user_required
+def ban_user(sid):
+
+    user = User(session_id=sid)
+    req = request.json
+    rooms, global_ban = extract_rooms_or_global(req, admin=False)
+
+    timeout = req.get('timeout')
+    if timeout is not None and not isinstance(timeout, int) and not isinstance(timeout, float):
+        app.logger.warning("Invalid ban request: timeout must be numeric")
+        abort(http.BAD_REQUEST)
+
+    if timeout and global_ban:
+        app.logger.warning("Invalid ban request: global server bans do not support timeouts")
+        abort(http.BAD_REQUEST)
+
+    if rooms:
+        with db.transaction():
+            for room in rooms:
+                room.ban_user(to_ban=user, mod=g.user, timeout=timeout)
+    else:
+        user.ban(banned_by=g.user)
+
+    return {}
+
+
+@users.post("/user/<SessionID:sid>/unban")
+@auth.user_required
+def unban_user(sid):
+
+    user = User(session_id=sid)
+    rooms, global_ban = extract_rooms_or_global(request.json, admin=False)
+
+    if rooms:
+        with db.transaction():
+            for room in rooms:
+                room.unban_user(to_unban=user, mod=g.user)
+    else:
+        user.unban(unbanned_by=g.user)
+
+    return {}

tests/conftest.py

@@ -75,6 +75,16 @@ def room(db):
     return Room.create('test-room', name='Test room', description='Test suite testing room')
 
 
+@pytest.fixture
+def room2(db):
+    """
+    Creates a test room, typically used with `room` when two separate rooms are needed.  Note that
+    `mod` and `admin` (if used) are only a mod and admin of `room`, not `room2`
+    """
+
+    return Room.create('room2', name='Room 2', description='Test suite testing room2')
+
+
 @pytest.fixture
 def user(db):
     """

tests/test_room_routes.py

@@ -9,9 +9,8 @@
 from request import sogs_get, sogs_post, sogs_put
 
 
-def test_list(client, room, user, user2, admin, mod, global_mod, global_admin):
+def test_list(client, room, room2, user, user2, admin, mod, global_mod, global_admin):
 
-    room2 = Room.create('room2', name='Room 2', description='Test suite testing room2')
     room2.default_write = False
     room2.default_upload = False