From 1920757a4114032124c00da9bb54d6d366388231 Mon Sep 17 00:00:00 2001
From: zijiren233 <pyh1670605849@gmail.com>
Date: Tue, 16 Apr 2024 14:44:08 +0800
Subject: [PATCH] Fix: login room need check member status

---
 internal/model/member.go |  4 ++++
 internal/op/room.go      | 12 ++++++++++++
 server/handlers/room.go  | 22 ++++++++++++++++++----
 3 files changed, 34 insertions(+), 4 deletions(-)

diff --git a/internal/model/member.go b/internal/model/member.go
index a70c0b5..69ceb5f 100644
--- a/internal/model/member.go
+++ b/internal/model/member.go
@@ -36,6 +36,10 @@ func (r RoomMemberStatus) IsActive() bool {
 	return r == RoomMemberStatusActive
 }
 
+func (r RoomMemberStatus) IsNotActive() bool {
+	return r != RoomMemberStatusActive
+}
+
 func (r RoomMemberStatus) IsBanned() bool {
 	return r == RoomMemberStatusBanned
 }
diff --git a/internal/op/room.go b/internal/op/room.go
index 444d1cb..244edd5 100644
--- a/internal/op/room.go
+++ b/internal/op/room.go
@@ -183,6 +183,12 @@ func (r *Room) LoadOrCreateRoomMember(userID string) (*model.RoomMember, error)
 	if err != nil {
 		return nil, err
 	}
+	if r.IsCreator(userID) {
+		member.Role = model.RoomMemberRoleCreator
+		member.Permissions = model.AllPermissions
+		member.AdminPermissions = model.AllAdminPermissions
+		member.Status = model.RoomMemberStatusActive
+	}
 	member, _ = r.members.LoadOrStore(userID, member)
 	return member, nil
 }
@@ -196,6 +202,12 @@ func (r *Room) LoadRoomMember(userID string) (*model.RoomMember, error) {
 	if err != nil {
 		return nil, err
 	}
+	if r.IsCreator(userID) {
+		member.Role = model.RoomMemberRoleCreator
+		member.Permissions = model.AllPermissions
+		member.AdminPermissions = model.AllAdminPermissions
+		member.Status = model.RoomMemberStatusActive
+	}
 	member, _ = r.members.LoadOrStore(userID, member)
 	return member, nil
 }
diff --git a/server/handlers/room.go b/server/handlers/room.go
index be53c3a..b9f8d7f 100644
--- a/server/handlers/room.go
+++ b/server/handlers/room.go
@@ -282,7 +282,7 @@ func LoginRoom(ctx *gin.Context) {
 		return
 	}
 
-	room, err := op.LoadOrInitRoomByID(req.RoomId)
+	roomE, err := op.LoadOrInitRoomByID(req.RoomId)
 	if err != nil {
 		log.Errorf("login room failed: %v", err)
 		if err == op.ErrRoomBanned || err == op.ErrRoomPending {
@@ -292,14 +292,28 @@ func LoginRoom(ctx *gin.Context) {
 		ctx.AbortWithStatusJSON(http.StatusNotFound, model.NewApiErrorResp(err))
 		return
 	}
+	room := roomE.Value()
 
-	if room.Value().CreatorID != user.ID && !room.Value().CheckPassword(req.Password) {
+	member, err := room.LoadOrCreateRoomMember(user.ID)
+	if err != nil {
+		log.Errorf("login room failed: %v", err)
+		ctx.AbortWithStatusJSON(http.StatusInternalServerError, model.NewApiErrorResp(err))
+		return
+	}
+
+	if member.Status.IsNotActive() {
+		log.Warn("login room failed: member status not active")
+		ctx.AbortWithStatusJSON(http.StatusForbidden, model.NewApiErrorStringResp("member status not active"))
+		return
+	}
+
+	if !member.Role.IsAdmin() && !room.CheckPassword(req.Password) {
 		log.Warn("login room failed: password error")
 		ctx.AbortWithStatusJSON(http.StatusForbidden, model.NewApiErrorStringResp("password error"))
 		return
 	}
 
-	token, err := middlewares.NewAuthRoomToken(user, room.Value())
+	token, err := middlewares.NewAuthRoomToken(user, room)
 	if err != nil {
 		log.Errorf("login room failed: %v", err)
 		ctx.AbortWithStatusJSON(http.StatusInternalServerError, model.NewApiErrorResp(err))
@@ -307,7 +321,7 @@ func LoginRoom(ctx *gin.Context) {
 	}
 
 	ctx.JSON(http.StatusOK, model.NewApiDataResp(gin.H{
-		"roomId": room.Value().ID,
+		"roomId": room.ID,
 		"token":  token,
 	}))
 }