Merge pull request #30 from rust-lang/role-limit-tags

Protect the tags!

Author: technetos

COMMANDS.md

@@ -17,7 +17,7 @@ cmds.add("?greet {name}", |args: Args<'_>| -> Result {
 
 The same command using a function pointer as a handler.  
 ```rust
-fn print_hello_name<'m>(args: Args<'m>) -> Result {
+fn print_hello_name(args: Args) -> Result {
   println!("Hello {}!", args.params.get("name").unwrap());
 };
 

GETTING_STARTED.md

@@ -39,6 +39,7 @@ environment variables come from discord.
 
 + `MOD_ID` is the id of the mod role
 + `TALK_ID` is the id of the talk role
++ `WG_AND_TEAMS_ID` is the id of the working groups and teams role
 + `DISCORD_TOKEN` is the token used to connect to discord
 + `DATABASE_URL` is the url where the database is running, you will need to
   update the port to the port your instance of postgres is running on

README.md

@@ -16,11 +16,11 @@ Lookup a tag
 ```
 Create a tag
 ```
-?tag create {key} [value]
+?tags create {key} value...
 ```
 Delete a tag
 ```
-?tag delete {key}
+?tags delete {key}
 ```
 Get all tags
 ```

src/api.rs

@@ -21,18 +21,30 @@ pub(crate) fn has_role(args: &Args, role: &RoleId) -> Result<bool> {
         .contains(role))
 }
 
-/// Return whether or not the user is a mod.  
-pub(crate) fn is_mod(args: &Args) -> Result<bool> {
+fn check_permission(args: &Args, role: Option<String>) -> Result<bool> {
     use std::str::FromStr;
+    if let Some(role_id) = role {
+        Ok(has_role(args, &RoleId::from(u64::from_str(&role_id)?))?)
+    } else {
+        Ok(false)
+    }
+}
 
+/// Return whether or not the user is a mod.  
+pub(crate) fn is_mod(args: &Args) -> Result<bool> {
     let role = roles::table
         .filter(roles::name.eq("mod"))
         .first::<(i32, String, String)>(&DB.get()?)
         .optional()?;
 
-    if let Some((_, role_id, _)) = role {
-        Ok(has_role(args, &RoleId::from(u64::from_str(&role_id)?))?)
-    } else {
-        Ok(false)
-    }
+    check_permission(args, role.map(|(_, role_id, _)| role_id))
+}
+
+pub(crate) fn is_wg_and_teams(args: &Args) -> Result<bool> {
+    let role = roles::table
+        .filter(roles::name.eq("wg_and_teams"))
+        .first::<(i32, String, String)>(&DB.get()?)
+        .optional()?;
+
+    check_permission(args, role.map(|(_, role_id, _)| role_id))
 }

src/main.rs

@@ -30,6 +30,8 @@ fn init_data() -> Result {
     info!("Loading data into database");
     let mod_role = std::env::var("MOD_ID").map_err(|_| "MOD_ID env var not found")?;
     let talk_role = std::env::var("TALK_ID").map_err(|_| "TALK_ID env var not found")?;
+    let wg_and_teams_role =
+        std::env::var("WG_AND_TEAMS_ID").map_err(|_| "WG_AND_TEAMS_ID env var not found")?;
 
     let conn = DB.get()?;
 
@@ -50,6 +52,7 @@ fn init_data() -> Result {
         .run::<_, Box<dyn std::error::Error>, _>(|| {
             upsert_role("mod", &mod_role)?;
             upsert_role("talk", &talk_role)?;
+            upsert_role("wg_and_teams", &wg_and_teams_role)?;
 
             Ok(())
         })?;
@@ -69,12 +72,11 @@ fn app() -> Result {
     let mut cmds = Commands::new();
 
     // Tags
-    cmds.add("?tag {key}", tags::get);
-    cmds.add("?tags get {key}", tags::get);
     cmds.add("?tags delete {key}", tags::delete);
     cmds.add("?tags create {key} value...", tags::post);
-    cmds.add("?tags get-all", tags::get_all);
     cmds.add("?tags help", tags::help);
+    cmds.add("?tags", tags::get_all);
+    cmds.add("?tag {key}", tags::get);
 
     // crates.io
     cmds.add("?crate help", crates::help);

src/tags.rs

@@ -9,39 +9,48 @@ use diesel::prelude::*;
 
 /// Remove a key value pair from the tags.  
 pub fn delete(args: Args) -> Result<()> {
-    let conn = DB.get()?;
-    let key = args
-        .params
-        .get("key")
-        .ok_or("Unable to retrieve param: key")?;
-
-    match diesel::delete(tags::table.filter(tags::key.eq(key))).execute(&conn) {
-        Ok(_) => args.msg.react(args.cx, "✅")?,
-        Err(_) => args.msg.react(args.cx, "❌")?,
+    if api::is_wg_and_teams(&args)? {
+        let conn = DB.get()?;
+        let key = args
+            .params
+            .get("key")
+            .ok_or("Unable to retrieve param: key")?;
+
+        match diesel::delete(tags::table.filter(tags::key.eq(key))).execute(&conn) {
+            Ok(_) => args.msg.react(args.cx, "✅")?,
+            Err(_) => api::send_reply(&args, "A database error occurred when deleting the tag.")?,
+        }
     }
     Ok(())
 }
 
 /// Add a key value pair to the tags.  
 pub fn post(args: Args) -> Result<()> {
-    let conn = DB.get()?;
-
-    let key = args
-        .params
-        .get("key")
-        .ok_or("Unable to retrieve param: key")?;
-
-    let value = args
-        .params
-        .get("value")
-        .ok_or("Unable to retrieve param: value")?;
-
-    match diesel::insert_into(tags::table)
-        .values((tags::key.eq(key), tags::value.eq(value)))
-        .execute(&conn)
-    {
-        Ok(_) => args.msg.react(args.cx, "✅")?,
-        Err(_) => args.msg.react(args.cx, "❌")?,
+    if api::is_wg_and_teams(&args)? {
+        let conn = DB.get()?;
+
+        let key = args
+            .params
+            .get("key")
+            .ok_or("Unable to retrieve param: key")?;
+
+        let value = args
+            .params
+            .get("value")
+            .ok_or("Unable to retrieve param: value")?;
+
+        match diesel::insert_into(tags::table)
+            .values((tags::key.eq(key), tags::value.eq(value)))
+            .execute(&conn)
+        {
+            Ok(_) => args.msg.react(args.cx, "✅")?,
+            Err(_) => api::send_reply(&args, "A database error occurred when creating the tag.")?,
+        }
+    } else {
+        api::send_reply(
+            &args,
+            "Please reach out to a Rust team/WG member to create a tag.",
+        )?;
     }
 
     Ok(())
@@ -88,12 +97,11 @@ pub fn get_all(args: Args) -> Result<()> {
 /// Print the help message
 pub fn help(args: Args) -> Result<()> {
     let help_string = "```
-?tag {key}
-?tags get {key}
-?tags get-all
-?tags create {key} value...
-?tags delete {key}
-?tags help
+?tags create {key} value...     Create a tag.  Limited to WG & Teams.
+?tags delete {key}              Delete a tag.  Limited to WG & Teams.
+?tags help                      This menu.
+?tags                           Get all the tags.
+?tag {key}                      Get a specific tag.
 ```";
     api::send_reply(&args, &help_string)?;
     Ok(())