Separate staff account password changing from rank changing, add staff callback function tests

Author: Eggbertx

frontend/sass/_util.scss

@@ -30,4 +30,4 @@
 			color: $a-visited;
 		}
 	}
-}
+}

frontend/sass/global/_img.scss

@@ -122,7 +122,7 @@ div#upload-box {
 .postblock {
 	margin-left: 8px;
 	margin-right: 8px;
-	width: 100px;
+	// width: 100px;
 }
 
 .post-text, .banned-message {

frontend/sass/pipes/_img.scss

@@ -11,7 +11,7 @@
 }
 
 .postblock,
-table.mgmt-table tr:first-of-type th {
+table.mgmt-table th {
 	background: colors.$postblock;
 	font-weight: 700;
 }

html/css/global.css

@@ -139,7 +139,6 @@ div#upload-box .upload-x, div#upload-box .upload-filename {
 .postblock {
   margin-left: 8px;
   margin-right: 8px;
-  width: 100px;
 }
 
 .post-text, .banned-message {

html/css/pipes.css

@@ -53,7 +53,7 @@ div#recent-posts-header {
 }
 
 .postblock,
-table.mgmt-table tr:first-of-type th {
+table.mgmt-table th {
   background: #25272D;
   font-weight: 700;
 }

pkg/gcsql/staff.go

@@ -107,8 +107,16 @@ func (s *Staff) UpdateRank(rank int) error {
 	if rank < 0 || rank > 3 {
 		return ErrInvalidStaffRank
 	}
-	_, err := ExecTimeoutSQL(nil, "UPDATE DBPREFIXstaff SET global_rank = ? WHERE id = ?", rank, s.ID)
-	if err != nil {
+	var err error
+	if s.ID == 0 {
+		// ID field not set yet, get it from the DB
+		s.ID, err = GetStaffID(s.Username)
+		if err != nil {
+			return err
+		}
+	}
+
+	if _, err = ExecTimeoutSQL(nil, "UPDATE DBPREFIXstaff SET global_rank = ? WHERE id = ?", rank, s.ID); err != nil {
 		return err
 	}
 	s.Rank = rank
@@ -120,47 +128,28 @@ func (s *Staff) UpdatePassword(password string) error {
 	if password == "" {
 		return ErrInvalidStaffPassword
 	}
+	var err error
+	if s.ID == 0 {
+		// ID field not set yet, get it from the DB
+		s.ID, err = GetStaffID(s.Username)
+		if err != nil {
+			return err
+		}
+	}
+
 	checksum := gcutil.BcryptSum(password)
-	_, err := ExecTimeoutSQL(nil, "UPDATE DBPREFIXstaff SET password_checksum = ? WHERE id = ?", checksum, s.ID)
+	_, err = ExecTimeoutSQL(nil, "UPDATE DBPREFIXstaff SET password_checksum = ? WHERE id = ?", checksum, s.ID)
 	if err != nil {
 		return err
 	}
 	s.PasswordChecksum = checksum
 	return nil
 }
 
-// UpdateStaff sets the rank and/or password of the staff account with the given username. If password
-// is blank, only the rank will be updated
-func UpdateStaff(username string, rank int, password string) error {
-	// first check if it's a recognized username
-	id, err := GetStaffID(username)
-	if err != nil {
-		return err
-	}
-	sqlUpdate := "UPDATE DBPREFIXstaff SET global_rank = ?"
-	args := []any{rank}
-	if password != "" {
-		sqlUpdate += ", password_checksum = ?"
-		args = append(args, gcutil.BcryptSum(password))
-	}
-	sqlUpdate += " WHERE id = ?"
-	args = append(args, id)
-
-	_, err = ExecTimeoutSQL(nil, sqlUpdate, args...)
-	return err
-}
-
-// UpdateStaff sets the password of the staff account with the given username
-func UpdatePassword(username string, newPassword string) error {
-	const sqlUPDATE = `UPDATE DBPREFIXstaff SET password_checksum = ? WHERE id = ?`
-	id, err := GetStaffID(username)
-	if err != nil {
-		return err
-	}
-	checksum := gcutil.BcryptSum(newPassword)
-
-	_, err = ExecTimeoutSQL(nil, sqlUPDATE, checksum, id)
-	return err
+// UpdateStaffPassword sets the password of the staff account with the given username
+func UpdateStaffPassword(username string, newPassword string) error {
+	staff := Staff{Username: username}
+	return staff.UpdatePassword(newPassword)
 }
 
 // EndStaffSession deletes any session rows associated with the requests session cookie and then

pkg/gcsql/tables.go

@@ -118,46 +118,47 @@ func (u *Upload) IsEmbed() bool {
 	return strings.HasPrefix(u.Filename, "embed:")
 }
 
-// IPBanBase used to composition IPBan and IPBanAudit. It does not represent a SQL table by itself
+// IPBanBase is used by IPBan and IPBanAudit. It does not represent a SQL table by itself
 type IPBanBase struct {
-	IsActive    bool
-	IsThreadBan bool
-	ExpiresAt   time.Time
-	StaffID     int
-	AppealAt    time.Time
-	Permanent   bool
-	StaffNote   string
-	Message     string
-	CanAppeal   bool
+	IsActive    bool      // sql: is_active
+	IsThreadBan bool      // sql: is_thread_ban
+	ExpiresAt   time.Time // sql: expires_at
+	StaffID     int       // sql: staff_id
+	AppealAt    time.Time // sql: appeal_at
+	Permanent   bool      // sql: permanent
+	StaffNote   string    // sql: staff_note
+	Message     string    // sql: message
+	CanAppeal   bool      // sql: can_appeal
 }
 
 // IPBan contains the information association with a specific ip ban.
 // table: DBPREFIXip_ban
 type IPBan struct {
-	ID              int
-	BoardID         *int
-	BannedForPostID *int
-	CopyPostText    template.HTML
-	RangeStart      string
-	RangeEnd        string
-	IssuedAt        time.Time
+	ID              int           // sql: id
+	BoardID         *int          // sql: board_id
+	BannedForPostID *int          // sql: banned_for_post_id
+	CopyPostText    template.HTML // sql: copy_post_text
+	RangeStart      string        // sql: range_start
+	RangeEnd        string        // sql: range_end
+	IssuedAt        time.Time     // sql: issued_at
 	IPBanBase
 }
 
 // Deprecated: Use the RangeStart and RangeEnd fields or gcutil.GetIPRangeSubnet.
 // IP was previously a field in the IPBan struct before range bans were
 // implemented. This is here as a fallback for templates
-func (ipb *IPBan) IP() string {
+func (ipb *IPBan) IP() (string, error) {
 	if ipb.RangeStart == ipb.RangeEnd {
-		return ipb.RangeStart
+		return ipb.RangeStart, nil
 	}
 	inet, err := gcutil.GetIPRangeSubnet(ipb.RangeStart, ipb.RangeEnd)
 	if err != nil {
-		return "?"
+		return "", err
 	}
-	return inet.String()
+	return inet.String(), nil
 }
 
+// IsBanned returns true if the given IP is banned
 func (ipb *IPBan) IsBanned(ipStr string) (bool, error) {
 	ipn, err := gcutil.GetIPRangeSubnet(ipb.RangeStart, ipb.RangeEnd)
 	if err != nil {

pkg/manage/actionsAdminPerm.go

@@ -16,12 +16,13 @@ import (
 	"github.com/gochan-org/gochan/pkg/gctemplates"
 	"github.com/gochan-org/gochan/pkg/gcutil"
 	"github.com/gochan-org/gochan/pkg/posting"
+	"github.com/gochan-org/gochan/pkg/server"
 	"github.com/gochan-org/gochan/pkg/server/serverutil"
 	"github.com/rs/zerolog"
 )
 
 var (
-	ErrInsufficientPermission = errors.New("insufficient account permission")
+	ErrInsufficientPermission = server.NewServerError("insufficient account permission", http.StatusForbidden)
 )
 
 type uploadInfo struct {