diff --git a/bot/add_character.py b/bot/add_card.py similarity index 74% rename from bot/add_character.py rename to bot/add_card.py index 18b0f98..16834a9 100644 --- a/bot/add_character.py +++ b/bot/add_card.py @@ -1,27 +1,27 @@ import requests from misskey.exceptions import MisskeyAPIException from client import client_connection -from db_utils import insert_character -from custom_types import Character +from db_utils import insert_card +from custom_types import Card from config import RARITY_TO_WEIGHT -def add_character( +def add_card( name: str, rarity: int, image_url: str) -> tuple[int, str]: ''' - Adds a character to the database, uploading the image from a public URL to + Adds a card to the database, uploading the image from a public URL to the bot's Misskey Drive. Args: - name (str): Character name. - rarity (int): Character rarity (e.g., 1-5). + name (str): Card name. + rarity (int): Card rarity (e.g., 1-5). image_url (str): Public URL of the image from the post (e.g., from note['files'][i]['url']). Returns: - tuple[int, str]: Character ID and bot's Drive file_id. + tuple[int, str]: Card ID and bot's Drive file_id. Raises: ValueError: If inputs are invalid. @@ -32,7 +32,7 @@ def add_character( # Validate inputs if not stripped_name: - raise ValueError('Character name cannot be empty.') + raise ValueError('Card name cannot be empty.') if rarity < 1: raise ValueError('Rarity must be a positive integer.') if rarity not in RARITY_TO_WEIGHT.keys(): @@ -55,10 +55,9 @@ def add_character( from e # Insert into database - character_id = insert_character( + card_id = insert_card( stripped_name, rarity, - RARITY_TO_WEIGHT[rarity], file_id ) - return character_id, file_id + return card_id, file_id diff --git a/bot/bot_app.py b/bot/bot_app.py index 38ac5d6..02e6baf 100644 --- a/bot/bot_app.py +++ b/bot/bot_app.py @@ -19,7 +19,7 @@ import misskey as misskey from client import client_connection import db_utils as db -from config import NOTIFICATION_POLL_INTERVAL +from config import NOTIFICATION_POLL_INTERVAL, USE_WHITELIST from notification import process_notifications if __name__ == '__main__': @@ -28,6 +28,13 @@ if __name__ == '__main__': # Connect to DB db.connect() + # Setup default administrators + db.setup_administrators() + + # Show whitelist status + whitelist_status = "enabled" if USE_WHITELIST else "disabled" + print(f'Instance whitelisting: {whitelist_status}') + print('Listening for notifications...') while True: if not process_notifications(client): diff --git a/bot/config.py b/bot/config.py index 227f949..57cbfa9 100644 --- a/bot/config.py +++ b/bot/config.py @@ -1,5 +1,7 @@ '''Essentials for the bot to function''' import configparser +import json +import re from os import environ, path @@ -12,8 +14,10 @@ def get_config_file() -> str: env: str | None = environ.get('KEMOVERSE_ENV') if not env: raise ConfigError('Error: KEMOVERSE_ENV is unset') - if not (env in ['prod', 'dev']): - raise ConfigError(f'Error: Invalid environment: {env}') + + # Validate environment name contains only alphanumeric, dash, and underscore + if not re.match(r'^[a-zA-Z0-9_-]+$', env): + raise ValueError(f'KEMOVERSE_ENV "{env}" contains invalid characters. Only alphanumeric, dash (-), and underscore (_) are allowed.') config_path: str = f'config_{env}.ini' @@ -21,7 +25,53 @@ def get_config_file() -> str: raise ConfigError(f'Could not find {config_path}') return config_path -def get_rarity_to_weight(config_section): + +def normalize_user(user_string: str) -> str: + """ + Normalizes a user string to the format @user@domain.tld where domain is lowercase and user is case-sensitive + + Args: + user_string: User string in various formats + + Returns: + Normalized user string + + Raises: + ValueError: If the user string is invalid or domain is malformed + """ + if not user_string or not user_string.strip(): + raise ValueError("User string cannot be empty") + + user_string = user_string.strip() + + # Add leading @ if missing + if not user_string.startswith('@'): + user_string = '@' + user_string + + # Split into user and domain parts + parts = user_string[1:].split('@', 1) # Remove leading @ and split + if len(parts) != 2: + raise ValueError(f"Invalid user format: {user_string}. Expected @user@domain.tld") + + username, domain = parts + + if not username: + raise ValueError("Username cannot be empty") + + if not domain: + raise ValueError("Domain cannot be empty") + + # Validate domain format (basic check for valid domain structure) + domain_pattern = r'^[a-zA-Z0-9]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(\.[a-zA-Z0-9]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$' + if not re.match(domain_pattern, domain): + raise ValueError(f"Invalid domain format: {domain}") + + # Return normalized format: @user@domain.tld (domain lowercase, user case-sensitive) + return f"@{username}@{domain.lower()}" + + +def get_rarity_to_weight( + config_section: configparser.SectionProxy) -> dict[int, float]: """Parses Rarity_X keys from config and returns a {rarity: weight} dict.""" rarity_weights = {} for key, value in config_section.items(): @@ -35,22 +85,30 @@ config = configparser.ConfigParser() config.read(get_config_file()) # Username for the bot -USER = config['credentials']['User'].lower() +if 'User' not in config['credentials'] or not config['credentials']['User'].strip(): + raise ConfigError("User must be specified in config.ini under [credentials]") + +USER = normalize_user(config['credentials']['User']) # API key for the bot KEY = config['credentials']['Token'] # Bot's Misskey instance URL INSTANCE = config['credentials']['Instance'].lower() -# TODO: move this to db +# Web server port +WEB_PORT = config['application'].getint('WebPort', 5000) +BIND_ADDRESS = config['application'].get('BindAddress', '127.0.0.1') + # Fedi handles in the traditional 'user@domain.tld' style, allows these users # to use extra admin exclusive commands with the bot -ADMINS = config['application']['DefaultAdmins'] +ADMINS = json.loads(config['application']['DefaultAdmins']) # SQLite Database location -DB_PATH = config['application']['DatabaseLocation'] +DB_PATH = config['application'].get('DatabaseLocation', './gacha_game.db') +# Whether to enable the instance whitelist +USE_WHITELIST = config['application'].getboolean('UseWhitelist', True) NOTIFICATION_POLL_INTERVAL = int(config['notification']['PollInterval']) NOTIFICATION_BATCH_SIZE = int(config['notification']['BatchSize']) GACHA_ROLL_INTERVAL = int(config['gacha']['RollInterval']) -RARITY_TO_WEIGHT = get_rarity_to_weight(config['gacha']) \ No newline at end of file +RARITY_TO_WEIGHT = get_rarity_to_weight(config['gacha']) diff --git a/bot/custom_types.py b/bot/custom_types.py index 0c23cb6..7fc7885 100644 --- a/bot/custom_types.py +++ b/bot/custom_types.py @@ -5,7 +5,7 @@ BotResponse = TypedDict('BotResponse', { 'attachment_urls': List[str] | None }) -Character = TypedDict('Character', { +Card = TypedDict('Card', { 'id': int, 'name': str, 'rarity': int, diff --git a/bot/db_utils.py b/bot/db_utils.py index 68409be..bdbd0d8 100644 --- a/bot/db_utils.py +++ b/bot/db_utils.py @@ -1,7 +1,7 @@ from random import choices import sqlite3 import config -from custom_types import Character +from custom_types import Card DB_PATH = config.DB_PATH CONNECTION: sqlite3.Connection @@ -18,16 +18,38 @@ def connect() -> None: CURSOR = CONNECTION.cursor() -def get_random_character() -> Character | None: - ''' Gets a random character from the database''' - CURSOR.execute('SELECT * FROM characters') - characters = CURSOR.fetchall() +def setup_administrators() -> None: + '''Creates administrator players for each handle in the config file''' + # Get default admins from config + for username in config.ADMINS: + player_id = get_player(username) + if player_id == 0: + # Create player if not exists + print(f'Creating administrator player: {username}') + CURSOR.execute( + 'INSERT INTO players (username, has_rolled, is_administrator) \ + VALUES (?, ?, ?)', + (username, False, True) + ) + else: + # Update is_administrator if exists + print(f'Granting administrator to player: {username}') + CURSOR.execute( + 'UPDATE players SET is_administrator = 1 WHERE id = ?', + (player_id,) + ) - if not characters: + +def get_random_card() -> Card | None: + ''' Gets a random card from the database''' + CURSOR.execute('SELECT * FROM cards') + cards = CURSOR.fetchall() + + if not cards: return None - weights = [config.RARITY_TO_WEIGHT[c['rarity']] for c in characters] - chosen = choices(characters, weights=weights, k=1)[0] + weights = [config.RARITY_TO_WEIGHT[c['rarity']] for c in cards] + chosen = choices(cards, weights=weights, k=1)[0] return { 'id': chosen['id'], @@ -37,77 +59,155 @@ def get_random_character() -> Character | None: 'image_url': chosen['file_id'] } + def get_player(username: str) -> int: '''Retrieve a player ID by username, or return None if not found.''' - CURSOR.execute('SELECT id FROM users WHERE username = ?', (username,)) - user = CURSOR.fetchone() - if user: - return int(user[0]) - -def insert_player(username: str) -> int: - '''Insert a new player with default has_rolled = False and return their user ID.''' CURSOR.execute( - 'INSERT INTO users (username, has_rolled) VALUES (?, ?)', - (username, False) - ) - return CURSOR.lastrowid - -def delete_player(username: str) -> bool: - '''Permanently deletes a user and all their pulls.''' - CURSOR.execute( - 'SELECT id FROM users WHERE username = ?', + 'SELECT id FROM players WHERE username = ?', (username,) ) - user = CURSOR.fetchone() + player = CURSOR.fetchone() + if player: + return int(player[0]) + return 0 - user_id = user[0] + +def insert_player(username: str) -> int: + '''Insert a new player with default has_rolled = False and return their + player ID.''' + CURSOR.execute( + 'INSERT INTO players (username, has_rolled) VALUES (?, ?)', + (username, False) + ) + return CURSOR.lastrowid if CURSOR.lastrowid else 0 + + +def delete_player(username: str) -> bool: + '''Permanently deletes a player and all their pulls.''' + CURSOR.execute( + 'SELECT id FROM players WHERE username = ?', + (username,) + ) + player = CURSOR.fetchone() + + if not player: + return False + + player_id = player[0] # Delete pulls CURSOR.execute( - 'DELETE FROM pulls WHERE user_id = ?', - (user_id,) + 'DELETE FROM pulls WHERE player_id = ?', + (player_id,) ) - # Delete user + # Delete player CURSOR.execute( - 'DELETE FROM users WHERE id = ?', - (user_id,) + 'DELETE FROM players WHERE id = ?', + (player_id,) ) return True +def ban_player(username: str) -> bool: + '''Adds a player to the ban list.''' + try: + CURSOR.execute( + 'INSERT INTO banned_players (handle) VALUES (?)', + (username,) + ) + return True + except sqlite3.IntegrityError: + return False -def insert_character( - name: str, rarity: int, weight: float, file_id: str) -> int: - '''Inserts a character''' + +def unban_player(username: str) -> bool: + '''Removes a player from the ban list.''' CURSOR.execute( - 'INSERT INTO characters (name, rarity, weight, file_id) VALUES \ -(?, ?, ?, ?)', - (name, rarity, weight, file_id) + 'DELETE FROM banned_players WHERE handle = ?', + (username,) ) - character_id = CURSOR.lastrowid - return character_id if character_id else 0 + return CURSOR.rowcount > 0 -def insert_pull(user_id: int, character_id: int) -> None: +def is_player_banned(username: str) -> bool: + CURSOR.execute( + 'SELECT * FROM banned_players WHERE handle = ?', + (username,) + ) + row = CURSOR.fetchone() + return row is not None + + +def is_player_administrator(username: str) -> bool: + CURSOR.execute( + 'SELECT is_administrator FROM players WHERE username = ? LIMIT 1', + (username,) + ) + row = CURSOR.fetchone() + return row[0] if row else False + + +def insert_card( + name: str, rarity: int, file_id: str) -> int: + '''Inserts a card''' + CURSOR.execute( + 'INSERT INTO cards (name, rarity, file_id) VALUES (?, ?, ?)', + (name, rarity, file_id) + ) + card_id = CURSOR.lastrowid + return card_id if card_id else 0 + + +def insert_pull(player_id: int, card_id: int) -> None: '''Creates a pull in the database''' CURSOR.execute( - 'INSERT INTO pulls (user_id, character_id) VALUES (?, ?)', - (user_id, character_id) + 'INSERT INTO pulls (player_id, card_id) VALUES (?, ?)', + (player_id, card_id) ) -def get_last_rolled_at(user_id: int) -> int: - '''Gets the timestamp when the user last rolled''' +def get_last_rolled_at(player_id: int) -> int: + '''Gets the timestamp when the player last rolled''' CURSOR.execute( - "SELECT timestamp FROM pulls WHERE user_id = ? ORDER BY timestamp \ + "SELECT timestamp FROM pulls WHERE player_id = ? ORDER BY timestamp \ DESC", - (user_id,)) + (player_id,)) row = CURSOR.fetchone() return row[0] if row else 0 +def add_to_whitelist(instance: str) -> bool: + '''Adds an instance to the whitelist, returns false if instance was already + present''' + try: + CURSOR.execute( + 'INSERT INTO instance_whitelist (tld) VALUES (?)', (instance,) + ) + return True + except sqlite3.IntegrityError: + return False + + +def remove_from_whitelist(instance: str) -> bool: + '''Removes an instance to the whitelist, returns false if instance was not + present''' + CURSOR.execute( + 'DELETE FROM instance_whitelist WHERE tld = ?', (instance,)) + return CURSOR.rowcount > 0 + + +def is_whitelisted(instance: str) -> bool: + '''Checks whether an instance is in the whitelist''' + if instance == 'local': + return True + CURSOR.execute( + 'SELECT * FROM instance_whitelist WHERE tld = ?', (instance,)) + row = CURSOR.fetchone() + return row is not None + + def get_config(key: str) -> str: '''Reads the value for a specified config key from the db''' CURSOR.execute("SELECT value FROM config WHERE key = ?", (key,)) diff --git a/bot/notification.py b/bot/notification.py index 9427dbf..deb8ec6 100644 --- a/bot/notification.py +++ b/bot/notification.py @@ -4,9 +4,9 @@ from typing import Dict, Any import misskey from misskey.exceptions import MisskeyAPIException -from config import NOTIFICATION_BATCH_SIZE +from config import NOTIFICATION_BATCH_SIZE, USE_WHITELIST from parsing import parse_notification -from db_utils import get_config, set_config +from db_utils import get_config, set_config, is_whitelisted, is_player_banned from response import generate_response from custom_types import BotResponse @@ -24,7 +24,7 @@ def process_notification( host = user.get('host') # None if local user instance = host if host else 'local' - if not (instance in WHITELISTED_INSTANCES or instance == 'local'): + if USE_WHITELIST and not is_whitelisted(instance): print(f'⚠️ Blocked notification from untrusted instance: {instance}') return @@ -44,6 +44,11 @@ def process_notification( if not parsed_notification: return + author = parsed_notification['author'] + if is_player_banned(author): + print(f'⚠️ Blocked notification from banned player: {author}') + return + # Get the note Id to reply to note_id = notification.get('note', {}).get('id') diff --git a/bot/parsing.py b/bot/parsing.py index eece077..e1e8583 100644 --- a/bot/parsing.py +++ b/bot/parsing.py @@ -24,6 +24,8 @@ def parse_notification( note_id = note_obj.get("id") note = note_text.strip().lower() if note_text else "" + # Split words into tokens + parts = note.split() # Check for both short and fully-qualified name mentions username_variants = [ @@ -31,18 +33,16 @@ def parse_notification( f'@{config.USER.split("@")[1]}' ] - # Make sure the notification text explicitly mentions the bot - if not any(variant in note for variant in username_variants): + # Notifs must consist of the initial mention and at least one other token + if len(parts) <= 1: return None - # Find command and arguments after the mention - # Removes all mentions - # regex = mentions that start with @ and may contain @domain - cleaned_text = re.sub(r"@\w+(?:@\S+)?", "", note).strip() - parts = cleaned_text.split() + # Make sure the first token is a mention to the bot + if not parts[0] in username_variants: + return None - command = parts[0].lower() if parts else None - arguments = parts[1:] if len(parts) > 1 else [] + command = parts[1].lower() + arguments = parts[2:] if len(parts) > 2 else [] return { 'author': full_user, diff --git a/bot/response.py b/bot/response.py index 3fde3ed..e661bbf 100644 --- a/bot/response.py +++ b/bot/response.py @@ -1,22 +1,22 @@ from datetime import datetime, timedelta, timezone from typing import TypedDict, Any, List, Dict -from db_utils import get_player, insert_player, delete_player, insert_pull, get_last_rolled_at, \ - get_random_character -from add_character import add_character +import db_utils as db +from add_card import add_card from config import GACHA_ROLL_INTERVAL from custom_types import BotResponse, ParsedNotification def do_roll(author: str) -> BotResponse: - '''Determines whether the user can roll, then pulls a random character''' - user_id = get_player(author) + '''Determines whether the user can roll, then pulls a random card''' + user_id = db.get_player(author) if not user_id: return { - 'message':f'{author} 🛑 You haven’t signed up yet! Use the `signup` command to start playing.', - 'attachment_urls': None + 'message': f'{author} 🛑 You haven’t signed up yet! Use the \ +`signup` command to start playing.', + 'attachment_urls': None } # Get date of user's last roll - date = get_last_rolled_at(user_id) + date = db.get_last_rolled_at(user_id) # No date means it's users first roll if date: @@ -45,39 +45,43 @@ def do_roll(author: str) -> BotResponse: 'attachment_urls': None } - character = get_random_character() + card = db.get_random_card() - if not character: + if not card: return { 'message': f'{author} Uwaaa... something went wrong! No \ -characters found. 😿', +cards found. 😿', 'attachment_urls': None } - insert_pull(user_id, character['id']) - stars = '⭐️' * character['rarity'] + db.insert_pull(user_id, card['id']) + stars = '⭐️' * card['rarity'] return { 'message': f'{author} 🎲 Congrats! You rolled {stars} \ -**{character['name']}**\nShe\'s all yours now~ 💖✨', - 'attachment_urls': [character['image_url']] +**{card['name']}**\nShe\'s all yours now~ 💖✨', + 'attachment_urls': [card['image_url']] } + def do_signup(author: str) -> BotResponse: '''Registers a new user if they haven’t signed up yet.''' - user_id = get_player(author) + user_id = db.get_player(author) if user_id: return { - 'message':f'{author} 👀 You’re already signed up! Let the rolling begin~ 🎲', + 'message': f'{author} 👀 You’re already signed up! Let the rolling \ +begin~ 🎲', 'attachment_urls': None } - new_user_id = insert_player(author) + new_user_id = db.insert_player(author) return { - 'message': f'{author} ✅ Signed up successfully! Your gacha destiny begins now... ✨ Use the roll command to start!', + 'message': f'{author} ✅ Signed up successfully! Your gacha \ +destiny begins now... ✨ Use the roll command to start!', 'attachment_urls': None } + def is_float(val: Any) -> bool: '''Returns true if `val` can be converted to a float''' try: @@ -91,14 +95,14 @@ def do_create( author: str, arguments: List[str], note_obj: Dict[str, Any]) -> BotResponse: - '''Creates a character''' + '''Creates a card''' # Example call from bot logic image_url = note_obj.get('files', [{}])[0].get('url') \ if note_obj.get('files') else None if not image_url: return { - 'message': f'{author} You need an image to create a character, \ + 'message': f'{author} You need an image to create a card, \ dumbass.', 'attachment_urls': None } @@ -116,20 +120,14 @@ in order: name, rarity', be a number between 1 and 5', 'attachment_urls': None } - if not (is_float(arguments[2]) and 0.0 < float(arguments[2]) <= 1.0): - return { - 'message': f'{author} Invalid drop weight: \'{arguments[2]}\' \ -must be a decimal value between 0.0 and 1.0', - 'attachment_urls': None - } - character_id, file_id = add_character( + card_id, file_id = add_card( name=arguments[0], rarity=int(arguments[1]), image_url=image_url ) return { - 'message': f'{author} Added {arguments[0]}, ID {character_id}.', + 'message': f'{author} Added {arguments[0]}, ID {card_id}.', 'attachment_urls': [file_id] } @@ -137,59 +135,145 @@ must be a decimal value between 0.0 and 1.0', def do_help(author: str) -> BotResponse: '''Provides a list of commands that the bot can do.''' return { - 'message':f'{author} Here\'s what I can do:\n \ - - `roll` Pulls a random character.\ - - `create ` Creates a character using a given image.\ - - `signup` Registers your account.\ - - `delete_account` Deletes your account.\ - - `help` Shows this message', - 'attachment_urls': None + 'message': f'{author} Here\'s what I can do:\n\ +- `roll` Pulls a random card.\n\ +- `create ` Creates a card using a given image.\n\ +- `signup` Registers your account.\n\ +- `delete_account` Deletes your account.\n\ +- `help` Shows this message', + 'attachment_urls': None } - + + def delete_account(author: str) -> BotResponse: return { - 'message':f'{author} ⚠️ This will permanently delete your account and all your cards.\n' - 'If you’re sure, reply with `confirm_delete` to proceed.\n\n' + 'message': f'{author} ⚠️ This will permanently delete your account \ +and all your cards.\n' + 'If you\'re sure, reply with `confirm_delete_account` to proceed.\n\n' '**There is no undo.** Your gacha luck will be lost to the void... 💀✨', 'attachment_urls': None } + def confirm_delete(author: str) -> BotResponse: - - delete_player(author) + db.delete_player(author) return { - 'message':f'{author} 🧼 Your account and all your cards have been deleted. RIP your gacha history 🕊️✨', + 'message': f'{author} 🧼 Your account and all your cards have been \ +deleted. RIP your gacha history 🕊️✨', 'attachment_urls': None } +def do_whitelist(author: str, args: list[str]) -> BotResponse: + if len(args) == 0: + return { + 'message': f'{author} Please specify an instance to whitelist', + 'attachment_urls': None + } + + if db.add_to_whitelist(args[0]): + return { + 'message': f'{author} Whitelisted instance: {args[0]}', + 'attachment_urls': None + } + else: + return { + 'message': f'{author} Instance already whitelisted: {args[0]}', + 'attachment_urls': None + } + + +def do_unwhitelist(author: str, args: list[str]) -> BotResponse: + if len(args) == 0: + return { + 'message': f'{author} Please specify an instance to remove from \ +the whitelist', + 'attachment_urls': None + } + + if db.remove_from_whitelist(args[0]): + return { + 'message': f'{author} Unwhitelisted instance: {args[0]}', + 'attachment_urls': None + } + else: + return { + 'message': f'{author} Instance not whitelisted: {args[0]}', + 'attachment_urls': None + } + + +def do_ban(author: str, args: list[str]) -> BotResponse: + if len(args) == 0: + return { + 'message': f'{author} Please specify a user to ban', + 'attachment_urls': None + } + + if db.is_player_administrator(args[0]): + return { + 'message': f'{author} Cannot ban other administrators.', + 'attachment_urls': None + } + + if db.ban_player(args[0]): + # Delete banned player's account + db.delete_player(args[0]) + return { + 'message': f'{author} 🔨 **BONK!** Get banned, {args[0]}!', + 'attachment_urls': None + } + else: + return { + 'message': f'{author} Player is already banned: {args[0]}', + 'attachment_urls': None + } + + +def do_unban(author: str, args: list[str]) -> BotResponse: + if len(args) == 0: + return { + 'message': f'{author} Please specify a user to unban', + 'attachment_urls': None + } + + if db.unban_player(args[0]): + return { + 'message': f'{author} Player unbanned: {args[0]}!', + 'attachment_urls': None + } + else: + return { + 'message': f'{author} Player was not banned: {args[0]}', + 'attachment_urls': None + } + + def generate_response(notification: ParsedNotification) -> BotResponse | None: '''Given a command with arguments, processes the game state and returns a response''' # Temporary response variable res: BotResponse | None = None - # TODO: Check if the user has an account author = notification['author'] - user_id = get_player(author) + player_id = db.get_player(author) command = notification['command'] - # Check if the user is an administrator - # user_is_administrator = user_is_administrator() # Unrestricted commands match command: + case 'roll': + res = do_roll(author) case 'signup': res = do_signup(author) case 'help': res = do_help(author) - case 'roll': - res = do_roll(author) case _: pass - if not user_id: + # Commands beyond this point require the user to have an account + if not player_id: return res # User commands @@ -200,15 +284,29 @@ def generate_response(notification: ParsedNotification) -> BotResponse | None: notification['arguments'], notification['note_obj'] ) - case 'signup': - res = do_signup(author) case 'delete_account': res = delete_account(author) - case 'confirm_delete': + case 'confirm_delete_account': res = confirm_delete(author) case _: pass - # if not user_is_administrator: - return res + + # Commands beyond this point require the user to be an administrator + if not db.is_player_administrator(author): + return res + + # Admin commands + match command: + case 'whitelist': + res = do_whitelist(author, notification['arguments']) + case 'unwhitelist': + res = do_unwhitelist(author, notification['arguments']) + case 'ban': + res = do_ban(author, notification['arguments']) + case 'unban': + res = do_unban(author, notification['arguments']) + case _: + pass # Administrator commands go here + return res diff --git a/example_config.ini b/example_config.ini index af7e0f2..8c18c28 100644 --- a/example_config.ini +++ b/example_config.ini @@ -2,9 +2,17 @@ [application] ; Comma separated list of fedi handles for any administrator users ; More can be added through the application -DefaultAdmins = ['admin@example.tld'] +DefaultAdmins = ["@localadmin", "@remoteadmin@example.tld"] ; SQLite Database location DatabaseLocation = ./gacha_game.db +; Web server port (default: 5000) +WebPort = 5000 +; Web server bind address (default: 127.0.0.1, set to 0.0.0.0 to listen on all interfaces) +BindAddress = 127.0.0.1 + +; Whether to lmit access to the bot via an instance whitelist +; The whitelist can be adjusted via the application +UseWhitelist = False [gacha] ; Number of seconds players have to wait between rolls diff --git a/migrations/0003_rename_tables.sql b/migrations/0003_rename_tables.sql new file mode 100644 index 0000000..a3ba3a7 --- /dev/null +++ b/migrations/0003_rename_tables.sql @@ -0,0 +1,4 @@ +ALTER TABLE users RENAME TO players; +ALTER TABLE characters RENAME TO cards; +ALTER TABLE pulls RENAME user_id TO player_id; +ALTER TABLE pulls RENAME character_id TO card_id; diff --git a/migrations/0004_add_administrators.sql b/migrations/0004_add_administrators.sql new file mode 100644 index 0000000..7503e21 --- /dev/null +++ b/migrations/0004_add_administrators.sql @@ -0,0 +1 @@ +ALTER TABLE players ADD COLUMN is_administrator BOOLEAN NOT NULL DEFAULT 0; diff --git a/migrations/0005_add_whitelist.sql b/migrations/0005_add_whitelist.sql new file mode 100644 index 0000000..d24f2e3 --- /dev/null +++ b/migrations/0005_add_whitelist.sql @@ -0,0 +1,7 @@ +CREATE TABLE IF NOT EXISTS instance_whitelist ( + tld TEXT UNIQUE PRIMARY KEY +); + +CREATE TABLE IF NOT EXISTS banned_players ( + handle TEXT UNIQUE PRIMARY KEY +); diff --git a/setup_db.py b/setup_db.py index 8cb5196..45b3aba 100644 --- a/setup_db.py +++ b/setup_db.py @@ -73,16 +73,14 @@ def perform_migration(cursor: sqlite3.Cursor, migration: tuple[int, str]) -> Non def get_db_path() -> str | DBNotFoundError: '''Gets the DB path from config.ini''' env = os.environ.get('KEMOVERSE_ENV') - if not (env and env in ['prod', 'dev']): - raise KemoverseEnvUnset - - print(f'Running in "{env}" mode') config_path = f'config_{env}.ini' if not os.path.isfile(config_path): raise ConfigError(f'Could not find {config_path}') + print(f'Running in "{env}" mode') + config = ConfigParser() config.read(config_path) db_path = config['application']['DatabaseLocation'] @@ -112,7 +110,6 @@ def main(): return except KemoverseEnvUnset: print('Error: KEMOVERSE_ENV is either not set or has an invalid value.') - print('Please set KEMOVERSE_ENV to either "dev" or "prod" before running.') print(traceback.format_exc()) return diff --git a/web/app.py b/web/app.py index 9ede0e4..b98a430 100644 --- a/web/app.py +++ b/web/app.py @@ -15,12 +15,17 @@ #along with this program. If not, see https://www.gnu.org/licenses/. import sqlite3 +import sys +from pathlib import Path +# Add parent directory to Python path so we can import from bot/ +sys.path.append(str(Path(__file__).parent.parent)) + +from bot.config import WEB_PORT, BIND_ADDRESS, DB_PATH from flask import Flask, render_template, abort from werkzeug.exceptions import HTTPException app = Flask(__name__) -DB_PATH = "./gacha_game.db" # Adjust path if needed def get_db_connection(): conn = sqlite3.connect(DB_PATH) @@ -84,4 +89,4 @@ def submit_character(): if __name__ == '__main__': - app.run(host='0.0.0.0', port=5000, debug=True) + app.run(host=BIND_ADDRESS, port=WEB_PORT, debug=True)