Add option to block asset uploads through the config

LittleBigRefresh · Mar 23, 2024 · 422934f · 422934f
1 parent 8d4c2a9
commit 422934f
Show file tree

Hide file tree

Showing 4 changed files with 33 additions and 2 deletions.
diff --git a/Refresh.GameServer/Configuration/GameServerConfig.cs b/Refresh.GameServer/Configuration/GameServerConfig.cs
@@ -8,7 +8,7 @@ namespace Refresh.GameServer.Configuration;
 [SuppressMessage("ReSharper", "RedundantDefaultMemberInitializer")]
 public class GameServerConfig : Config
 {
-    public override int CurrentConfigVersion => 10;
+    public override int CurrentConfigVersion => 11;
     public override int Version { get; set; } = 0;
 
     protected override void Migrate(int oldVer, dynamic oldConfig) {}
@@ -26,4 +26,5 @@ protected override void Migrate(int oldVer, dynamic oldConfig) {}
     public bool TrackRequestStatistics { get; set; } = false;
     public string WebExternalUrl { get; set; } = "https://refresh.example.com";
     public bool AllowInvalidTextureGuids { get; set; } = false;
+    public bool BlockAssetUploads { get; set; } = false;
 }
diff --git a/Refresh.GameServer/Endpoints/Game/ResourceEndpoints.cs b/Refresh.GameServer/Endpoints/Game/ResourceEndpoints.cs
@@ -29,6 +29,10 @@ public class ResourceEndpoints : EndpointGroup
     public Response UploadAsset(RequestContext context, string hash, string type, byte[] body, IDataStore dataStore,
         GameDatabaseContext database, GameUser user, AssetImporter importer, GameServerConfig config, IDateTimeProvider timeProvider, Token token)
     {
+        //If we block asset uploads, return unauthorized, unless the user is an admin
+        if (config.BlockAssetUploads && user.Role != GameUserRole.Admin)
+            return Unauthorized;
+
         if (!CommonPatterns.Sha1Regex().IsMatch(hash)) return BadRequest;
 
         bool isPSP = context.IsPSP();

diff --git a/RefreshTests.GameServer/GameServer/TestRefreshGameServer.cs b/RefreshTests.GameServer/GameServer/TestRefreshGameServer.cs
@@ -25,11 +25,13 @@ public class TestRefreshGameServer : RefreshGameServer
 
     protected override void SetupConfiguration()
     {
-        this.Server.AddConfig(new GameServerConfig());
+        this.Server.AddConfig(this._config = new GameServerConfig());
         this.Server.AddConfig(new RichPresenceConfig());
         this.Server.AddConfig(new IntegrationConfig());
     }
 
+    public GameServerConfig GameServerConfig => this._config!;
+
     public override void Start()
     {
         this.Server.Start(0);

diff --git a/RefreshTests.GameServer/Tests/Assets/AssetUploadTests.cs b/RefreshTests.GameServer/Tests/Assets/AssetUploadTests.cs
@@ -32,6 +32,30 @@ public void CanUploadAsset(bool psp)
         Assert.That(response.StatusCode, Is.EqualTo(OK));
     }
 
+    [TestCase(false)]
+    [TestCase(true)]
+    public void CannotUploadAssetWhenBlocked(bool psp)
+    {
+        using TestContext context = this.GetServer();
+
+        context.Server.Value.GameServerConfig.BlockAssetUploads = true;
+
+        context.Server.Value.Server.AddService<ImportService>();
+        GameUser user = context.CreateUser();
+        using HttpClient client = context.GetAuthenticatedClient(TokenType.Game, user);
+        if(psp)
+            client.DefaultRequestHeaders.UserAgent.TryParseAdd("LBPPSP CLIENT");
+
+        ReadOnlySpan<byte> data = "TEX a"u8;
+
+        string hash = BitConverter.ToString(SHA1.HashData(data))
+            .Replace("-", "")
+            .ToLower();
+
+        HttpResponseMessage response = client.PostAsync("/lbp/upload/" + hash, new ByteArrayContent(data.ToArray())).Result;
+        Assert.That(response.StatusCode, Is.EqualTo(Unauthorized));
+    }
+
     [Test]
     public void CantUploadAssetWithInvalidHash()
     {