deepcrayon/lila
deepcrayon/lila
1
0
Fork 0
Code Releases Activity

implement game theft prevention

Browse source
This commit is contained in:
Thibault Duplessis 2012-06-16 19:56:36 +02:00
parent ad7c1a8cdc
commit 062dd83d29
5 changed files with 38 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
app/controllers/Round.scala
View file

@ -13,7 +13,7 @@ import play.api.libs.iteratee._
import play.api.templates.Html import play.api.templates.Html
import scalaz.effects._ import scalaz.effects._
object Round extends LilaController { object Round extends LilaController with TheftPrevention {
def gameRepo = env.game.gameRepo def gameRepo = env.game.gameRepo
def socket = env.round.socket def socket = env.round.socket
@ -47,12 +47,14 @@ object Round extends LilaController {
engine pov.opponent.userId.fold( engine pov.opponent.userId.fold(
u userRepo isEngine u, u userRepo isEngine u,
io(false)) io(false))
} yield Ok(html.round.player( } yield PreventTheft(pov) {
pov, Ok(html.round.player(
version(pov.gameId), pov,
engine, version(pov.gameId),
roomHtml map { Html(_) }, engine,
bookmarkers)), roomHtml map { Html(_) },
bookmarkers))
},
io(Redirect(routes.Setup.await(fullId))) io(Redirect(routes.Setup.await(fullId)))
) )
} }
@ -135,7 +137,7 @@ object Round extends LilaController {
}) })
} }
type IOValidEvents = IO[Valid[List[Event]]] private type IOValidEvents = IO[Valid[List[Event]]]
private def performAndRedirect(fullId: String, op: String IOValidEvents) = private def performAndRedirect(fullId: String, op: String IOValidEvents) =
Action { Action {

12
app/controllers/Setup.scala
View file

@ -10,7 +10,7 @@ import play.api.data.Form
import scalaz.effects._ import scalaz.effects._
object Setup extends LilaController { object Setup extends LilaController with TheftPrevention {
def forms = env.setup.formFactory def forms = env.setup.formFactory
def processor = env.setup.processor def processor = env.setup.processor
@ -55,10 +55,12 @@ object Setup extends LilaController {
IOptionResult(gameRepo pov fullId) { pov IOptionResult(gameRepo pov fullId) { pov
pov.game.started.fold( pov.game.started.fold(
Redirect(routes.Round.player(pov.fullId)), Redirect(routes.Round.player(pov.fullId)),
Ok(html.setup.await( PreventTheft(pov) {
pov, Ok(html.setup.await(
version(pov.gameId), pov,
friendConfigMemo get pov.game.id)) version(pov.gameId),
friendConfigMemo get pov.game.id))
}
) )
} }
} }

18
app/controllers/TheftPrevention.scala Normal file
View file

@ -0,0 +1,18 @@
package controllers
import lila._
import views._
import http.Context
import game.{ DbGame, Pov }
import play.api.mvc._
import play.api.mvc.Results.Redirect
trait TheftPrevention {
def PreventTheft(pov: Pov)(ok: Result)(implicit ctx: Context): Result =
isTheft(pov).fold(Redirect(routes.Round.watcher(pov.gameId, pov.color.name)), ok)
private def isTheft(pov: Pov)(implicit ctx: Context) =
pov.player.userId != ctx.userId
}

2
app/http/Context.scala
View file

@ -16,6 +16,8 @@ sealed abstract class Context(val req: RequestHeader, val me: Option[User]) {
me.fold(Granter(permission), false) me.fold(Granter(permission), false)
def is(user: User) = me == Some(user) def is(user: User) = me == Some(user)
def userId = me map (_.id)
} }
final class BodyContext(val body: Request[_], m: Option[User]) final class BodyContext(val body: Request[_], m: Option[User])

3
todo
View file

@ -22,8 +22,7 @@ more infos under realtime games
cheater slash timeline cheater slash timeline
best game(s) to watch best game(s) to watch
copy spectator chat to rematch copy spectator chat to rematch
prevent people giving their friend game await link advanced board color selector / board colorpicker (http://fr.lichess.org/inbox/mjhlougd)
advanced board color selector / board colorpicker
new translations: new translations:
-rematchOfferCanceled=Rematch offer canceled -rematchOfferCanceled=Rematch offer canceled