implement game theft prevention
This commit is contained in:
parent
ad7c1a8cdc
commit
062dd83d29
|
@ -13,7 +13,7 @@ import play.api.libs.iteratee._
|
|||
import play.api.templates.Html
|
||||
import scalaz.effects._
|
||||
|
||||
object Round extends LilaController {
|
||||
object Round extends LilaController with TheftPrevention {
|
||||
|
||||
def gameRepo = env.game.gameRepo
|
||||
def socket = env.round.socket
|
||||
|
@ -47,12 +47,14 @@ object Round extends LilaController {
|
|||
engine ← pov.opponent.userId.fold(
|
||||
u ⇒ userRepo isEngine u,
|
||||
io(false))
|
||||
} yield Ok(html.round.player(
|
||||
pov,
|
||||
version(pov.gameId),
|
||||
engine,
|
||||
roomHtml map { Html(_) },
|
||||
bookmarkers)),
|
||||
} yield PreventTheft(pov) {
|
||||
Ok(html.round.player(
|
||||
pov,
|
||||
version(pov.gameId),
|
||||
engine,
|
||||
roomHtml map { Html(_) },
|
||||
bookmarkers))
|
||||
},
|
||||
io(Redirect(routes.Setup.await(fullId)))
|
||||
)
|
||||
}
|
||||
|
@ -135,7 +137,7 @@ object Round extends LilaController {
|
|||
})
|
||||
}
|
||||
|
||||
type IOValidEvents = IO[Valid[List[Event]]]
|
||||
private type IOValidEvents = IO[Valid[List[Event]]]
|
||||
|
||||
private def performAndRedirect(fullId: String, op: String ⇒ IOValidEvents) =
|
||||
Action {
|
||||
|
|
|
@ -10,7 +10,7 @@ import play.api.data.Form
|
|||
|
||||
import scalaz.effects._
|
||||
|
||||
object Setup extends LilaController {
|
||||
object Setup extends LilaController with TheftPrevention {
|
||||
|
||||
def forms = env.setup.formFactory
|
||||
def processor = env.setup.processor
|
||||
|
@ -55,10 +55,12 @@ object Setup extends LilaController {
|
|||
IOptionResult(gameRepo pov fullId) { pov ⇒
|
||||
pov.game.started.fold(
|
||||
Redirect(routes.Round.player(pov.fullId)),
|
||||
Ok(html.setup.await(
|
||||
pov,
|
||||
version(pov.gameId),
|
||||
friendConfigMemo get pov.game.id))
|
||||
PreventTheft(pov) {
|
||||
Ok(html.setup.await(
|
||||
pov,
|
||||
version(pov.gameId),
|
||||
friendConfigMemo get pov.game.id))
|
||||
}
|
||||
)
|
||||
}
|
||||
}
|
||||
|
|
18
app/controllers/TheftPrevention.scala
Normal file
18
app/controllers/TheftPrevention.scala
Normal file
|
@ -0,0 +1,18 @@
|
|||
package controllers
|
||||
|
||||
import lila._
|
||||
import views._
|
||||
import http.Context
|
||||
import game.{ DbGame, Pov }
|
||||
|
||||
import play.api.mvc._
|
||||
import play.api.mvc.Results.Redirect
|
||||
|
||||
trait TheftPrevention {
|
||||
|
||||
def PreventTheft(pov: Pov)(ok: ⇒ Result)(implicit ctx: Context): Result =
|
||||
isTheft(pov).fold(Redirect(routes.Round.watcher(pov.gameId, pov.color.name)), ok)
|
||||
|
||||
private def isTheft(pov: Pov)(implicit ctx: Context) =
|
||||
pov.player.userId != ctx.userId
|
||||
}
|
|
@ -16,6 +16,8 @@ sealed abstract class Context(val req: RequestHeader, val me: Option[User]) {
|
|||
me.fold(Granter(permission), false)
|
||||
|
||||
def is(user: User) = me == Some(user)
|
||||
|
||||
def userId = me map (_.id)
|
||||
}
|
||||
|
||||
final class BodyContext(val body: Request[_], m: Option[User])
|
||||
|
|
3
todo
3
todo
|
@ -22,8 +22,7 @@ more infos under realtime games
|
|||
cheater slash timeline
|
||||
best game(s) to watch
|
||||
copy spectator chat to rematch
|
||||
prevent people giving their friend game await link
|
||||
advanced board color selector / board colorpicker
|
||||
advanced board color selector / board colorpicker (http://fr.lichess.org/inbox/mjhlougd)
|
||||
|
||||
new translations:
|
||||
-rematchOfferCanceled=Rematch offer canceled
|
||||
|
|
Loading…
Reference in a new issue