As per the discussion in #sim-dev:
- Global permissions should always use User#tempGroup
- Room permissions should check both the roomauth list and user and User#tempGroup
This Config option, intended purely for development test servers,
allows users to log in without a signed token, by using
`/trn [USERNAME]`. This allows logins without a login server.
The rest of the server has been changed to make sure unregistered
users never have any powers they shouldn't have.
* Lint arrow-body-style
* Lint prefer-object-spread
Object spread is faster _and_ more readable.
This also fixes a few unnecessary object clones.
* Enable no-parameter-properties
This isn't currently used, but this makes clear that it shouldn't be.
* Refactor more Promises to async/await
* Remove unnecessary code from getDataMoveHTML etc
* Lint prefer-string-starts-ends-with
* Stop using no-undef
According to the typescript-eslint FAQ, this is redundant with
TypeScript, and they're not wrong. This will save us from needing to
specify globals in two different places which will be nice.
This doesn't really have any nice-to-have automatic restoration
features but it should be all the important parts.
`user.group` no longer exists, and has been replaced with
`user.tempGroup`, which now applies both to temporary promotions of
unregistered users, as well as temporary hidden ranks of auth.
- `ip` and `ipself` are now separate permissions. This means that `ip`
is now a generalized permission for viewing IPs (no more need to use
`globalban`, since `ipself` now controls the ability to see your own
IP address)
- `alts` and `altsself` are now also separate (all users used to be
able to `altsself`).
- `modchat`, `modchatall`, and `manageroom` are now just one `modchat`
permission whose jurisdiction controls how high you can set modchat.
Half the permissions checks were previously in `user.can`, which is
unintuitive. It's now completely self-contained and should be pretty
readable, now, with `getEffectiveSymbol` and `hasJurisdiction` as
separate functions.
Permissions have gotten out-of-date, so this commit syncs them.
Default permissions are now matched with Main, in particular including
the new & rank as admin (removing the old Leader rank and ~ symbol).
Relevant changes:
- Admin (~) and Leader (&) have been merged into Admin (&)
- The 'ban' permission was split into 'globalban' and 'ban'
- The 'broadcast' permission was renamed 'show' (going forward,
"broadcast" should only refer to the big red/blue/green
announcement bars.)
- Bots no longer have global moderation abilities, making it
easier to give untrustworthy bots the "bot" rank.
This implements two big changes:
- All settings shared between `room.chatRoomData` and `room` have been
merged into `room.settings` (so, for instance, `room.slowchat` is now
only `room.settings.slowchat`).
This makes it so we never have to worry about them getting "out of
sync".
- Checking to see if a room is persistent is now `if (room.persist)`
instead of `if (room.chatRoomData)`
- `Rooms.global.writeChatRoomData()` is now rarely called directly;
there's a new `room.saveSettings()` which will handle it for you.
- All properties of `room.settings` are now optional (except
`title`).
- There's a new file `user-groups.ts` which handles authority.
- `room.auth` and `Users.globalAuth` are now
`Auth extends Map<ID, GroupSymbol>` objects.
- `room.auth` is now always defined, removing the need for
`room.auth?.[userid]` workarounds.
- A lot of code relating to usergroups and permission checks have
been refactored.
Co-authored-by: Guangcong Luo <guangcongluo@gmail.com>
