--- /dev/null
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Security.Cryptography;
+using System.Text;
+using System.Text.Json;
+using System.Text.Json.Nodes;
+using System.Threading.Tasks;
+using Content.Server.Administration.Systems;
+using Content.Server.GameTicking;
+using Content.Server.GameTicking.Presets;
+using Content.Server.GameTicking.Rules.Components;
+using Content.Server.Maps;
+using Content.Server.RoundEnd;
+using Content.Shared.Administration.Managers;
+using Content.Shared.CCVar;
+using Content.Shared.Prototypes;
+using Robust.Server.ServerStatus;
+using Robust.Shared.Asynchronous;
+using Robust.Shared.Configuration;
+using Robust.Shared.Network;
+using Robust.Shared.Player;
+using Robust.Shared.Prototypes;
+using Robust.Shared.Utility;
+
+namespace Content.Server.Administration;
+
+/// <summary>
+/// Exposes various admin-related APIs via the game server's <see cref="StatusHost"/>.
+/// </summary>
+public sealed partial class ServerApi : IPostInjectInit
+{
+ private const string SS14TokenScheme = "SS14Token";
+
+ private static readonly HashSet<string> PanicBunkerCVars =
+ [
+ CCVars.PanicBunkerEnabled.Name,
+ CCVars.PanicBunkerDisableWithAdmins.Name,
+ CCVars.PanicBunkerEnableWithoutAdmins.Name,
+ CCVars.PanicBunkerCountDeadminnedAdmins.Name,
+ CCVars.PanicBunkerShowReason.Name,
+ CCVars.PanicBunkerMinAccountAge.Name,
+ CCVars.PanicBunkerMinOverallHours.Name,
+ CCVars.PanicBunkerCustomReason.Name,
+ ];
+
+ [Dependency] private readonly IStatusHost _statusHost = default!;
+ [Dependency] private readonly IConfigurationManager _config = default!;
+ [Dependency] private readonly ISharedPlayerManager _playerManager = default!;
+ [Dependency] private readonly ISharedAdminManager _adminManager = default!;
+ [Dependency] private readonly IGameMapManager _gameMapManager = default!;
+ [Dependency] private readonly IServerNetManager _netManager = default!;
+ [Dependency] private readonly IPrototypeManager _prototypeManager = default!;
+ [Dependency] private readonly IComponentFactory _componentFactory = default!;
+ [Dependency] private readonly ITaskManager _taskManager = default!;
+ [Dependency] private readonly EntityManager _entityManager = default!;
+ [Dependency] private readonly ILogManager _logManager = default!;
+ [Dependency] private readonly IEntitySystemManager _entitySystemManager = default!;
+ [Dependency] private readonly ILocalizationManager _loc = default!;
+
+ private string _token = string.Empty;
+ private ISawmill _sawmill = default!;
+
+ void IPostInjectInit.PostInject()
+ {
+ _sawmill = _logManager.GetSawmill("serverApi");
+
+ // Get
+ RegisterActorHandler(HttpMethod.Get, "/admin/info", InfoHandler);
+ RegisterHandler(HttpMethod.Get, "/admin/game_rules", GetGameRules);
+ RegisterHandler(HttpMethod.Get, "/admin/presets", GetPresets);
+
+ // Post
+ RegisterActorHandler(HttpMethod.Post, "/admin/actions/round/start", ActionRoundStart);
+ RegisterActorHandler(HttpMethod.Post, "/admin/actions/round/end", ActionRoundEnd);
+ RegisterActorHandler(HttpMethod.Post, "/admin/actions/round/restartnow", ActionRoundRestartNow);
+ RegisterActorHandler(HttpMethod.Post, "/admin/actions/kick", ActionKick);
+ RegisterActorHandler(HttpMethod.Post, "/admin/actions/add_game_rule", ActionAddGameRule);
+ RegisterActorHandler(HttpMethod.Post, "/admin/actions/end_game_rule", ActionEndGameRule);
+ RegisterActorHandler(HttpMethod.Post, "/admin/actions/force_preset", ActionForcePreset);
+ RegisterActorHandler(HttpMethod.Post, "/admin/actions/set_motd", ActionForceMotd);
+ RegisterActorHandler(HttpMethod.Patch, "/admin/actions/panic_bunker", ActionPanicPunker);
+ }
+
+ public void Initialize()
+ {
+ _config.OnValueChanged(CCVars.AdminApiToken, UpdateToken, true);
+ }
+
+ public void Shutdown()
+ {
+ _config.UnsubValueChanged(CCVars.AdminApiToken, UpdateToken);
+ }
+
+ private void UpdateToken(string token)
+ {
+ _token = token;
+ }
+
+
+ #region Actions
+
+ /// <summary>
+ /// Changes the panic bunker settings.
+ /// </summary>
+ private async Task ActionPanicPunker(IStatusHandlerContext context, Actor actor)
+ {
+ var request = await ReadJson<JsonObject>(context);
+ if (request == null)
+ return;
+
+ var toSet = new Dictionary<string, object>();
+ foreach (var (cVar, value) in request)
+ {
+ if (!PanicBunkerCVars.Contains(cVar))
+ {
+ await RespondBadRequest(context, $"Invalid panic bunker CVar: '{cVar}'");
+ return;
+ }
+
+ if (value == null)
+ {
+ await RespondBadRequest(context, $"Value is null: '{cVar}'");
+ return;
+ }
+
+ if (value is not JsonValue jsonValue)
+ {
+ await RespondBadRequest(context, $"Value is not valid: '{cVar}'");
+ return;
+ }
+
+ object castValue;
+ var cVarType = _config.GetCVarType(cVar);
+ if (cVarType == typeof(bool))
+ {
+ if (!jsonValue.TryGetValue(out bool b))
+ {
+ await RespondBadRequest(context, $"CVar '{cVar}' must be of type bool.");
+ return;
+ }
+
+ castValue = b;
+ }
+ else if (cVarType == typeof(int))
+ {
+ if (!jsonValue.TryGetValue(out int i))
+ {
+ await RespondBadRequest(context, $"CVar '{cVar}' must be of type int.");
+ return;
+ }
+
+ castValue = i;
+ }
+ else if (cVarType == typeof(string))
+ {
+ if (!jsonValue.TryGetValue(out string? s))
+ {
+ await RespondBadRequest(context, $"CVar '{cVar}' must be of type string.");
+ return;
+ }
+
+ castValue = s;
+ }
+ else
+ {
+ throw new NotSupportedException("Unsupported CVar type");
+ }
+
+ toSet[cVar] = castValue;
+ }
+
+ await RunOnMainThread(() =>
+ {
+ foreach (var (cVar, value) in toSet)
+ {
+ _config.SetCVar(cVar, value);
+ _sawmill.Info(
+ $"Panic bunker property '{cVar}' changed to '{value}' by {FormatLogActor(actor)}.");
+ }
+ });
+
+ await RespondOk(context);
+ }
+
+ /// <summary>
+ /// Sets the current MOTD.
+ /// </summary>
+ private async Task ActionForceMotd(IStatusHandlerContext context, Actor actor)
+ {
+ var motd = await ReadJson<MotdActionBody>(context);
+ if (motd == null)
+ return;
+
+ _sawmill.Info($"MOTD changed to \"{motd.Motd}\" by {FormatLogActor(actor)}.");
+
+ await RunOnMainThread(() => _config.SetCVar(CCVars.MOTD, motd.Motd));
+ // A hook in the MOTD system sends the changes to each client
+ await RespondOk(context);
+ }
+
+ /// <summary>
+ /// Forces the next preset-
+ /// </summary>
+ private async Task ActionForcePreset(IStatusHandlerContext context, Actor actor)
+ {
+ var body = await ReadJson<PresetActionBody>(context);
+ if (body == null)
+ return;
+
+ await RunOnMainThread(async () =>
+ {
+ var ticker = _entitySystemManager.GetEntitySystem<GameTicker>();
+ if (ticker.RunLevel != GameRunLevel.PreRoundLobby)
+ {
+ await RespondError(
+ context,
+ ErrorCode.InvalidRoundState,
+ HttpStatusCode.Conflict,
+ "Game must be in pre-round lobby");
+ return;
+ }
+
+ var preset = ticker.FindGamePreset(body.PresetId);
+ if (preset == null)
+ {
+ await RespondError(
+ context,
+ ErrorCode.GameRuleNotFound,
+ HttpStatusCode.UnprocessableContent,
+ $"Game rule '{body.PresetId}' doesn't exist");
+ return;
+ }
+
+ ticker.SetGamePreset(preset);
+ _sawmill.Info($"Forced the game to start with preset {body.PresetId} by {FormatLogActor(actor)}.");
+
+ await RespondOk(context);
+ });
+ }
+
+ /// <summary>
+ /// Ends an active game rule.
+ /// </summary>
+ private async Task ActionEndGameRule(IStatusHandlerContext context, Actor actor)
+ {
+ var body = await ReadJson<GameRuleActionBody>(context);
+ if (body == null)
+ return;
+
+ await RunOnMainThread(async () =>
+ {
+ var ticker = _entitySystemManager.GetEntitySystem<GameTicker>();
+ var gameRule = ticker
+ .GetActiveGameRules()
+ .FirstOrNull(rule =>
+ _entityManager.MetaQuery.GetComponent(rule).EntityPrototype?.ID == body.GameRuleId);
+
+ if (gameRule == null)
+ {
+ await RespondError(context,
+ ErrorCode.GameRuleNotFound,
+ HttpStatusCode.UnprocessableContent,
+ $"Game rule '{body.GameRuleId}' not found or not active");
+
+ return;
+ }
+
+ _sawmill.Info($"Ended game rule {body.GameRuleId} by {FormatLogActor(actor)}.");
+ ticker.EndGameRule(gameRule.Value);
+
+ await RespondOk(context);
+ });
+ }
+
+ /// <summary>
+ /// Adds a game rule to the current round.
+ /// </summary>
+ private async Task ActionAddGameRule(IStatusHandlerContext context, Actor actor)
+ {
+ var body = await ReadJson<GameRuleActionBody>(context);
+ if (body == null)
+ return;
+
+ await RunOnMainThread(async () =>
+ {
+ var ticker = _entitySystemManager.GetEntitySystem<GameTicker>();
+ if (!_prototypeManager.HasIndex<EntityPrototype>(body.GameRuleId))
+ {
+ await RespondError(context,
+ ErrorCode.GameRuleNotFound,
+ HttpStatusCode.UnprocessableContent,
+ $"Game rule '{body.GameRuleId}' not found or not active");
+ return;
+ }
+
+ var ruleEntity = ticker.AddGameRule(body.GameRuleId);
+ _sawmill.Info($"Added game rule {body.GameRuleId} by {FormatLogActor(actor)}.");
+ if (ticker.RunLevel == GameRunLevel.InRound)
+ {
+ ticker.StartGameRule(ruleEntity);
+ _sawmill.Info($"Started game rule {body.GameRuleId} by {FormatLogActor(actor)}.");
+ }
+
+ await RespondOk(context);
+ });
+ }
+
+ /// <summary>
+ /// Kicks a player.
+ /// </summary>
+ private async Task ActionKick(IStatusHandlerContext context, Actor actor)
+ {
+ var body = await ReadJson<KickActionBody>(context);
+ if (body == null)
+ return;
+
+ await RunOnMainThread(async () =>
+ {
+ if (!_playerManager.TryGetSessionById(new NetUserId(body.Guid), out var player))
+ {
+ await RespondError(
+ context,
+ ErrorCode.PlayerNotFound,
+ HttpStatusCode.UnprocessableContent,
+ "Player not found");
+ return;
+ }
+
+ var reason = body.Reason ?? "No reason supplied";
+ reason += " (kicked by admin)";
+
+ _netManager.DisconnectChannel(player.Channel, reason);
+ await RespondOk(context);
+
+ _sawmill.Info($"Kicked player {player.Name} ({player.UserId}) for {reason} by {FormatLogActor(actor)}");
+ });
+ }
+
+ private async Task ActionRoundStart(IStatusHandlerContext context, Actor actor)
+ {
+ await RunOnMainThread(async () =>
+ {
+ var ticker = _entitySystemManager.GetEntitySystem<GameTicker>();
+
+ if (ticker.RunLevel != GameRunLevel.PreRoundLobby)
+ {
+ await RespondError(
+ context,
+ ErrorCode.InvalidRoundState,
+ HttpStatusCode.Conflict,
+ "Round already started");
+ return;
+ }
+
+ ticker.StartRound();
+ _sawmill.Info($"Forced round start by {FormatLogActor(actor)}");
+ await RespondOk(context);
+ });
+ }
+
+ private async Task ActionRoundEnd(IStatusHandlerContext context, Actor actor)
+ {
+ await RunOnMainThread(async () =>
+ {
+ var roundEndSystem = _entitySystemManager.GetEntitySystem<RoundEndSystem>();
+ var ticker = _entitySystemManager.GetEntitySystem<GameTicker>();
+
+ if (ticker.RunLevel != GameRunLevel.InRound)
+ {
+ await RespondError(
+ context,
+ ErrorCode.InvalidRoundState,
+ HttpStatusCode.Conflict,
+ "Round is not active");
+ return;
+ }
+
+ roundEndSystem.EndRound();
+ _sawmill.Info($"Forced round end by {FormatLogActor(actor)}");
+ await RespondOk(context);
+ });
+ }
+
+ private async Task ActionRoundRestartNow(IStatusHandlerContext context, Actor actor)
+ {
+ await RunOnMainThread(async () =>
+ {
+ var ticker = _entitySystemManager.GetEntitySystem<GameTicker>();
+
+ ticker.RestartRound();
+ _sawmill.Info($"Forced instant round restart by {FormatLogActor(actor)}");
+ await RespondOk(context);
+ });
+ }
+
+ #endregion
+
+ #region Fetching
+
+ /// <summary>
+ /// Returns an array containing all available presets.
+ /// </summary>
+ private async Task GetPresets(IStatusHandlerContext context)
+ {
+ var presets = await RunOnMainThread(() =>
+ {
+ var presets = new List<PresetResponse.Preset>();
+
+ foreach (var preset in _prototypeManager.EnumeratePrototypes<GamePresetPrototype>())
+ {
+ presets.Add(new PresetResponse.Preset
+ {
+ Id = preset.ID,
+ ModeTitle = _loc.GetString(preset.ModeTitle),
+ Description = _loc.GetString(preset.Description)
+ });
+ }
+
+ return presets;
+ });
+
+ await context.RespondJsonAsync(new PresetResponse
+ {
+ Presets = presets
+ });
+ }
+
+ /// <summary>
+ /// Returns an array containing all game rules.
+ /// </summary>
+ private async Task GetGameRules(IStatusHandlerContext context)
+ {
+ var gameRules = new List<string>();
+ foreach (var gameRule in _prototypeManager.EnumeratePrototypes<EntityPrototype>())
+ {
+ if (gameRule.Abstract)
+ continue;
+
+ if (gameRule.HasComponent<GameRuleComponent>(_componentFactory))
+ gameRules.Add(gameRule.ID);
+ }
+
+ await context.RespondJsonAsync(new GameruleResponse
+ {
+ GameRules = gameRules
+ });
+ }
+
+
+ /// <summary>
+ /// Handles fetching information.
+ /// </summary>
+ private async Task InfoHandler(IStatusHandlerContext context, Actor actor)
+ {
+ /*
+ Information to display
+ Round number
+ Connected players
+ Active admins
+ Active game rules
+ Active game preset
+ Active map
+ MOTD
+ Panic bunker status
+ */
+
+ var info = await RunOnMainThread<InfoResponse>(() =>
+ {
+ var ticker = _entitySystemManager.GetEntitySystem<GameTicker>();
+ var adminSystem = _entitySystemManager.GetEntitySystem<AdminSystem>();
+
+ var players = new List<InfoResponse.Player>();
+
+ foreach (var player in _playerManager.Sessions)
+ {
+ var adminData = _adminManager.GetAdminData(player, true);
+
+ players.Add(new InfoResponse.Player
+ {
+ UserId = player.UserId.UserId,
+ Name = player.Name,
+ IsAdmin = adminData != null,
+ IsDeadminned = !adminData?.Active ?? false
+ });
+ }
+
+ InfoResponse.MapInfo? mapInfo = null;
+ if (_gameMapManager.GetSelectedMap() is { } mapPrototype)
+ {
+ mapInfo = new InfoResponse.MapInfo
+ {
+ Id = mapPrototype.ID,
+ Name = mapPrototype.MapName
+ };
+ }
+
+ var gameRules = new List<string>();
+ foreach (var addedGameRule in ticker.GetActiveGameRules())
+ {
+ var meta = _entityManager.MetaQuery.GetComponent(addedGameRule);
+ gameRules.Add(meta.EntityPrototype?.ID ?? meta.EntityPrototype?.Name ?? "Unknown");
+ }
+
+ var panicBunkerCVars = PanicBunkerCVars.ToDictionary(c => c, c => _config.GetCVar(c));
+ return new InfoResponse
+ {
+ Players = players,
+ RoundId = ticker.RoundId,
+ Map = mapInfo,
+ PanicBunker = panicBunkerCVars,
+ GamePreset = ticker.CurrentPreset?.ID,
+ GameRules = gameRules,
+ MOTD = _config.GetCVar(CCVars.MOTD)
+ };
+ });
+
+ await context.RespondJsonAsync(info);
+ }
+
+ #endregion
+
+ private async Task<bool> CheckAccess(IStatusHandlerContext context)
+ {
+ var auth = context.RequestHeaders.TryGetValue("Authorization", out var authToken);
+ if (!auth)
+ {
+ await RespondError(
+ context,
+ ErrorCode.AuthenticationNeeded,
+ HttpStatusCode.Unauthorized,
+ "Authorization is required");
+ return false;
+ }
+
+ var authHeaderValue = authToken.ToString();
+ var spaceIndex = authHeaderValue.IndexOf(' ');
+ if (spaceIndex == -1)
+ {
+ await RespondBadRequest(context, "Invalid Authorization header value");
+ return false;
+ }
+
+ var authScheme = authHeaderValue[..spaceIndex];
+ var authValue = authHeaderValue[spaceIndex..].Trim();
+
+ if (authScheme != SS14TokenScheme)
+ {
+ await RespondBadRequest(context, "Invalid Authorization scheme");
+ return false;
+ }
+
+ if (_token == "")
+ {
+ _sawmill.Debug("No authorization token set for admin API");
+ }
+ else if (CryptographicOperations.FixedTimeEquals(
+ Encoding.UTF8.GetBytes(authValue),
+ Encoding.UTF8.GetBytes(_token)))
+ {
+ return true;
+ }
+
+ await RespondError(
+ context,
+ ErrorCode.AuthenticationInvalid,
+ HttpStatusCode.Unauthorized,
+ "Authorization is invalid");
+
+ // Invalid auth header, no access
+ _sawmill.Info($"Unauthorized access attempt to admin API from {context.RemoteEndPoint}");
+ return false;
+ }
+
+ private async Task<Actor?> CheckActor(IStatusHandlerContext context)
+ {
+ // The actor is JSON encoded in the header
+ var actor = context.RequestHeaders.TryGetValue("Actor", out var actorHeader) ? actorHeader.ToString() : null;
+ if (actor == null)
+ {
+ await RespondBadRequest(context, "Actor must be supplied");
+ return null;
+ }
+
+ Actor? actorData;
+ try
+ {
+ actorData = JsonSerializer.Deserialize<Actor>(actor);
+ if (actorData == null)
+ {
+ await RespondBadRequest(context, "Actor is null");
+ return null;
+ }
+ }
+ catch (JsonException exception)
+ {
+ await RespondBadRequest(context, "Actor field JSON is invalid", ExceptionData.FromException(exception));
+ return null;
+ }
+
+ return actorData;
+ }
+
+ #region From Client
+
+ private sealed class Actor
+ {
+ public required Guid Guid { get; init; }
+ public required string Name { get; init; }
+ }
+
+ private sealed class KickActionBody
+ {
+ public required Guid Guid { get; init; }
+ public string? Reason { get; init; }
+ }
+
+ private sealed class GameRuleActionBody
+ {
+ public required string GameRuleId { get; init; }
+ }
+
+ private sealed class PresetActionBody
+ {
+ public required string PresetId { get; init; }
+ }
+
+ private sealed class MotdActionBody
+ {
+ public required string Motd { get; init; }
+ }
+
+ #endregion
+
+ #region Responses
+
+ private record BaseResponse(
+ string Message,
+ ErrorCode ErrorCode = ErrorCode.None,
+ ExceptionData? Exception = null);
+
+ private record ExceptionData(string Message, string? StackTrace = null)
+ {
+ public static ExceptionData FromException(Exception e)
+ {
+ return new ExceptionData(e.Message, e.StackTrace);
+ }
+ }
+
+ private enum ErrorCode
+ {
+ None = 0,
+ AuthenticationNeeded = 1,
+ AuthenticationInvalid = 2,
+ InvalidRoundState = 3,
+ PlayerNotFound = 4,
+ GameRuleNotFound = 5,
+ BadRequest = 6,
+ }
+
+ #endregion
+
+ #region Misc
+
+ /// <summary>
+ /// Record used to send the response for the info endpoint.
+ /// </summary>
+ private sealed class InfoResponse
+ {
+ public required int RoundId { get; init; }
+ public required List<Player> Players { get; init; }
+ public required List<string> GameRules { get; init; }
+ public required string? GamePreset { get; init; }
+ public required MapInfo? Map { get; init; }
+ public required string? MOTD { get; init; }
+ public required Dictionary<string, object> PanicBunker { get; init; }
+
+ public sealed class Player
+ {
+ public required Guid UserId { get; init; }
+ public required string Name { get; init; }
+ public required bool IsAdmin { get; init; }
+ public required bool IsDeadminned { get; init; }
+ }
+
+ public sealed class MapInfo
+ {
+ public required string Id { get; init; }
+ public required string Name { get; init; }
+ }
+ }
+
+ private sealed class PresetResponse
+ {
+ public required List<Preset> Presets { get; init; }
+
+ public sealed class Preset
+ {
+ public required string Id { get; init; }
+ public required string Description { get; init; }
+ public required string ModeTitle { get; init; }
+ }
+ }
+
+ private sealed class GameruleResponse
+ {
+ public required List<string> GameRules { get; init; }
+ }
+
+ #endregion
+}
projects / space-station-14.git / commitdiff