diff --git a/TShockAPI/Rest/RestManager.cs b/TShockAPI/Rest/RestManager.cs index bb0e136d..5af02ef1 100644 --- a/TShockAPI/Rest/RestManager.cs +++ b/TShockAPI/Rest/RestManager.cs @@ -109,7 +109,7 @@ namespace TShockAPI if (string.IsNullOrWhiteSpace(parameters["cmd"])) return RestMissingParam("cmd"); - TSRestPlayer tr = new TSRestPlayer(tokenData.Username, tokenData.UserGroup); + TSRestPlayer tr = new TSRestPlayer(tokenData.Username, TShock.Groups.GetGroupByName(tokenData.UserGroupName)); Commands.HandleCommand(tr, parameters["cmd"]); return RestResponse(string.Join("\n", tr.GetCommandOutput())); } @@ -119,7 +119,7 @@ namespace TShockAPI if (string.IsNullOrWhiteSpace(parameters["cmd"])) return RestMissingParam("cmd"); - TSRestPlayer tr = new TSRestPlayer(tokenData.Username, tokenData.UserGroup); + TSRestPlayer tr = new TSRestPlayer(tokenData.Username, TShock.Groups.GetGroupByName(tokenData.UserGroupName)); Commands.HandleCommand(tr, parameters["cmd"]); return new RestObject() { @@ -153,7 +153,7 @@ namespace TShockAPI private object ServerReload(RestVerbs verbs, IParameterCollection parameters, SecureRest.TokenData tokenData) { - TShock.Utils.Reload(new TSRestPlayer(tokenData.Username, tokenData.UserGroup)); + TShock.Utils.Reload(new TSRestPlayer(tokenData.Username, TShock.Groups.GetGroupByName(tokenData.UserGroupName))); return RestResponse("Configuration, permissions, and regions reload complete. Some changes may require a server restart."); } diff --git a/TShockAPI/Rest/SecureRest.cs b/TShockAPI/Rest/SecureRest.cs index 2b721512..6d6b300c 100644 --- a/TShockAPI/Rest/SecureRest.cs +++ b/TShockAPI/Rest/SecureRest.cs @@ -33,7 +33,7 @@ namespace Rests public static readonly TokenData None = default(TokenData); public string Username { get; set; } - public Group UserGroup { get; set; } + public string UserGroupName { get; set; } } public Dictionary Tokens { get; protected set; } @@ -112,7 +112,7 @@ namespace Rests tokenHash = randbytes.Aggregate("", (s, b) => s + b.ToString("X2")); } while (Tokens.ContainsKey(tokenHash)); - Tokens.Add(tokenHash, new TokenData { Username = userAccount.Name, UserGroup = userGroup }); + Tokens.Add(tokenHash, new TokenData { Username = userAccount.Name, UserGroupName = userGroup.Name }); RestObject response = new RestObject("200") { Response = "Successful login" }; response["token"] = tokenHash; @@ -141,7 +141,22 @@ namespace Rests } }; - if (secureCmd.Permissions.Length > 0 && secureCmd.Permissions.All(perm => !tokenData.UserGroup.HasPermission(perm))) + Group userGroup = TShock.Groups.GetGroupByName(tokenData.UserGroupName); + if (userGroup == null) + { + Tokens.Remove(token); + + return new Dictionary + { + {"status", "403"}, + { + "error", + "Not authorized. The provided token became invalid due to group changes, please create a new token." + } + }; + } + + if (secureCmd.Permissions.Length > 0 && secureCmd.Permissions.All(perm => !userGroup.HasPermission(perm))) { return new Dictionary { diff --git a/TShockAPI/TShock.cs b/TShockAPI/TShock.cs index b3101d5c..833bf3f3 100644 --- a/TShockAPI/TShock.cs +++ b/TShockAPI/TShock.cs @@ -479,7 +479,7 @@ namespace TShockAPI break; case "-rest-token": string token = Convert.ToString(parms[++i]); - RESTStartupTokens.Add(token, new SecureRest.TokenData { Username = "null", UserGroup = new SuperAdminGroup() }); + RESTStartupTokens.Add(token, new SecureRest.TokenData { Username = "null", UserGroupName = "superadmin" }); Console.WriteLine("Startup parameter overrode REST token."); break; case "-rest-enabled":