added cloud and verify

servers/servers.go

@@ -744,36 +744,6 @@ func (con Connection) BrowseServer(ctx *gin.Context) {
 	ctx.JSON(200, browserInfo.Url)
 }
 
-func (con Connection) serverAuthorized(permissions models.Permission) func(*gin.Context) bool {
-	return func(ctx *gin.Context) bool {
-		claims, exists := ctx.Get("claims")
-		if !exists {
-			return false
-		}
-
-		server_id := ctx.Param("server_id")
-		if server_id == "" {
-			return false
-		}
-
-		var serverData models.ServerData
-
-		con.databaseConnection.Database("Backend").Collection("Servers").FindOne(context.TODO(), bson.D{{Key: "Id", Value: server_id}}).Decode(&serverData)
-
-		if serverData.OwnerId == claims.(*auth.AuthClaims).Username {
-			return true
-		}
-
-		userPermissions := serverData.UserPermissions[claims.(*auth.AuthClaims).Username]
-
-		if userPermissions&permissions == permissions || userPermissions&models.Admin == models.Admin {
-			return true
-		}
-
-		return false
-	}
-}
-
 func (con Connection) GetServerUserPermissions(ctx *gin.Context) {
 	claims, exists := ctx.Get("claims")
 	if !exists {
@@ -828,15 +798,16 @@ func LoadGroup(group *gin.RouterGroup, mongo_client *mongo.Client, config models
 	defer apiClient.Close()
 
 	connection := Connection{databaseConnection: mongo_client, dockerClient: apiClient}
-	group.POST("/:server_id/start", auth.AuthorizedTo(models.Start, connection.serverAuthorized(models.Start)), connection.StartServer)
+	authConnection := auth.Connection{databaseConnection: mongo_client, dockerClient: apiClient}
+	group.POST("/:server_id/start", auth.AuthorizedTo(models.Start, authConnection.serverAuthorized(models.Start)), connection.StartServer)
 	group.POST("/", auth.AuthorizedTo(models.Create), connection.CreateServer)
 	group.GET("/", auth.AuthorizedTo(0), connection.GetServers)
-	group.POST("/:server_id/stop", auth.AuthorizedTo(models.Stop, connection.serverAuthorized(models.Stop)), connection.StopServer)
-	group.DELETE("/:server_id", auth.AuthorizedTo(models.Delete, connection.serverAuthorized(models.Delete)), connection.DeleteServer)
-	group.POST("/:server_id/run_command", auth.AuthorizedTo(models.RunCommand, connection.serverAuthorized(models.RunCommand)), connection.RunCommand)
-	group.GET("/:server_id/attach", auth.AuthorizedTo(models.RunCommand, connection.serverAuthorized(models.RunCommand)), connection.AttachServer)
-	group.PATCH("/:server_id", auth.AuthorizedTo(models.Admin, connection.serverAuthorized(models.Admin)), connection.UpdateServer)
-	group.POST("/:server_id/browse", auth.AuthorizedTo(models.Browse, connection.serverAuthorized(models.Admin)), connection.BrowseServer)
-	group.GET("/:server_id/permissions", auth.AuthorizedTo(models.Browse, connection.serverAuthorized(models.Admin)), connection.GetServerUserPermissions)
-	group.POST("/:server_id/permissions", auth.AuthorizedTo(models.Browse, connection.serverAuthorized(models.Admin)), connection.SetServerUserPermissions)
+	group.POST("/:server_id/stop", auth.AuthorizedTo(models.Stop, authConnection.serverAuthorized(models.Stop)), connection.StopServer)
+	group.DELETE("/:server_id", auth.AuthorizedTo(models.Delete, authConnection.serverAuthorized(models.Delete)), connection.DeleteServer)
+	group.POST("/:server_id/run_command", auth.AuthorizedTo(models.RunCommand, authConnection.serverAuthorized(models.RunCommand)), connection.RunCommand)
+	group.GET("/:server_id/attach", auth.AuthorizedTo(models.RunCommand, authConnection.serverAuthorized(models.RunCommand)), connection.AttachServer)
+	group.PATCH("/:server_id", auth.AuthorizedTo(models.Admin, authConnection.serverAuthorized(models.Admin)), connection.UpdateServer)
+	group.POST("/:server_id/browse", auth.AuthorizedTo(models.Browse, authConnection.serverAuthorized(models.Admin)), connection.BrowseServer)
+	group.GET("/:server_id/permissions", auth.AuthorizedTo(models.Browse, authConnection.serverAuthorized(models.Admin)), connection.GetServerUserPermissions)
+	group.POST("/:server_id/permissions", auth.AuthorizedTo(models.Browse, authConnection.serverAuthorized(models.Admin)), connection.SetServerUserPermissions)
 }