implement level deletion

2022-12-31 19:59:43 +03:00 · 2022-12-31 19:59:43 +03:00 · c9e1595185
parent 58bb7ace20
commit c9e1595185
2 changed files with 35 additions and 0 deletions
--- a/src/endpoints/levels/deleteLevel.cr
+++ b/src/endpoints/levels/deleteLevel.cr
@ -0,0 +1,21 @@
+require "uri"
+
+include CrystalGauntlet
+
+CrystalGauntlet.endpoints["/deleteGJLevelUser20.php"] = ->(body : String): String {
+  params = URI::Params.parse(body)
+
+  user_id, account_id = Accounts.auth(params)
+  if !(user_id && account_id)
+    return "-1"
+  end
+
+  level_id = params["levelID"].to_i
+
+  prevent_rated_str = config_get("levels.prevent_deletion_rated").as(Bool | Nil) == true ? "and stars is null" : ""
+  prevent_featured_str = config_get("levels.prevent_deletion_featured").as(Bool | Nil) == true ? "and featured = 0" : ""
+
+  DATABASE.exec("delete from levels where id = ? and user_id = ? #{prevent_rated_str} #{prevent_featured_str}", level_id, user_id)
+
+  return "1"
+}
--- a/src/lib/accounts.cr
+++ b/src/lib/accounts.cr
@ -27,6 +27,20 @@ module CrystalGauntlet::Accounts
    end
  end

+  # returns userid, accountid
+  def auth(params : URI::Params) : (Tuple(Int32, Int32) | Tuple(Nil, Nil))
+    ext_id = Accounts.get_ext_id_from_params(params)
+    if !ext_id || !Accounts.verify_gjp(ext_id.to_i, params["gjp"])
+      return nil, nil
+    end
+    user_id = Accounts.get_user_id(ext_id)
+    if !user_id
+      return nil, nil
+    end
+
+    return user_id, ext_id.to_i
+  end
+
  def get_user_id(ext_id : String) : Int32
    DATABASE.query("select id from users where udid = ? or account_id = ?", ext_id, ext_id) do |rs|
      if rs.move_next