From 90353c2bc5309213c74e6b1234fb84bfe69845ac Mon Sep 17 00:00:00 2001
From: WolverinDEV <git@teaspeak.de>
Date: Mon, 30 Mar 2020 22:53:15 +0200
Subject: [PATCH] Fixed some stuff

---
 server/src/client/command_handler/misc.cpp | 44 ++++++++++++++++------
 server/src/manager/SqlDataManager.cpp      | 24 ++++++++++--
 2 files changed, 53 insertions(+), 15 deletions(-)

diff --git a/server/src/client/command_handler/misc.cpp b/server/src/client/command_handler/misc.cpp
index ecca6e2..a14cd09 100644
--- a/server/src/client/command_handler/misc.cpp
+++ b/server/src/client/command_handler/misc.cpp
@@ -2088,6 +2088,7 @@ command_result ConnectedClient::handleCommandQueryCreate(ts::Command &cmd) {
     OptionalServerId server_id = this->getServerId();
     if(cmd[0].has("server_id"))
         server_id = cmd["server_id"];
+
     if(cmd[0].has("sid"))
         server_id = cmd["sid"];
 
@@ -2095,24 +2096,43 @@ command_result ConnectedClient::handleCommandQueryCreate(ts::Command &cmd) {
     if(!server && server_id != EmptyServerId && server_id != 0)
         return command_result{error::server_invalid_id};
 
-    if(server) {
-        if(!permission::v2::permission_granted(1, server->calculate_permission(permission::b_client_query_create, this->getClientDatabaseId(), this->getType(), 0)))
-            return command_result{permission::b_client_query_create};
-    } else {
-        if(!permission::v2::permission_granted(1, serverInstance->calculate_permission(permission::b_client_query_create, this->getClientDatabaseId(), this->getType(), 0)))
-            return command_result{permission::b_client_query_create};
-    }
-
     auto username = cmd["client_login_name"].as<string>();
     auto password = cmd[0].has("client_login_password") ? cmd["client_login_password"].as<string>() : "";
 
-    if(password.empty())
-        password = rnd_string(QUERY_PASSWORD_LENGTH);
-
     auto account = serverInstance->getQueryServer()->find_query_account_by_name(username);
     if(account) return command_result{error::query_already_exists};
 
-    account = serverInstance->getQueryServer()->create_query_account(username, server_id, this->getUid(), password);
+    std::string uid = this->getUid();
+    if(cmd[0].has("cldbid")){
+        if(!serverInstance->databaseHelper()->validClientDatabaseId(server, cmd["cldbid"].as<ClientDbId>()))
+            return command_result{error::database_empty_result};
+
+        if(server) {
+            if(!permission::v2::permission_granted(1, server->calculate_permission(permission::b_client_query_create, this->getClientDatabaseId(), this->getType(), 0)))
+                return command_result{permission::b_client_query_create};
+        } else {
+            if(!permission::v2::permission_granted(1, serverInstance->calculate_permission(permission::b_client_query_create, this->getClientDatabaseId(), this->getType(), 0)))
+                return command_result{permission::b_client_query_create};
+        }
+
+        auto info = serverInstance->databaseHelper()->queryDatabaseInfo(server, {cmd["cldbid"].as<ClientDbId>()});
+        if(info.empty())
+            return command_result{error::database_empty_result};
+        uid = info[0]->uniqueId;
+    } else {
+        if(server) {
+            if(!permission::v2::permission_granted(1, server->calculate_permission(permission::b_client_query_create_own, this->getClientDatabaseId(), this->getType(), 0)))
+                return command_result{permission::b_client_query_create_own};
+        } else {
+            if(!permission::v2::permission_granted(1, serverInstance->calculate_permission(permission::b_client_query_create_own, this->getClientDatabaseId(), this->getType(), 0)))
+                return command_result{permission::b_client_query_create_own};
+        }
+    }
+
+    if(password.empty())
+        password = rnd_string(QUERY_PASSWORD_LENGTH);
+
+    account = serverInstance->getQueryServer()->create_query_account(username, server_id, uid, password);
     if(!account)
         return command_result{error::vs_critical};
 
diff --git a/server/src/manager/SqlDataManager.cpp b/server/src/manager/SqlDataManager.cpp
index 51f2ab1..ab5ba47 100644
--- a/server/src/manager/SqlDataManager.cpp
+++ b/server/src/manager/SqlDataManager.cpp
@@ -45,7 +45,7 @@ if(!result && result.msg().find(ignore) == string::npos){
 #define RESIZE_COLUMN(tblName, rowName, size) up vote EXECUTE("Could not change column size", "ALTER TABLE " tblName " ALTER COLUMN " rowName " varchar(" size ")");
 
 #define CURRENT_DATABASE_VERSION 11
-#define CURRENT_PERMISSION_VERSION 2
+#define CURRENT_PERMISSION_VERSION 3
 
 #define CLIENT_UID_LENGTH "64"
 #define CLIENT_NAME_LENGTH "128"
@@ -443,14 +443,14 @@ bool SqlDataManager::update_permissions(std::string &error) {
             else
                 query += "OR IGNORE ";
             query += "INTO `permissions` (`serverId`, `type`, `id`, `channelId`, `permId`, `value`, `grant`, `flag_skip`, `flag_negate`) ";
-            query += string() + "SELECT DISTINCT `permissions`.`serverId`, 0, `groupId`, 0, "
+            query += string() + "SELECT DISTINCT `permissions`.`serverId`, `permissions`.`type`, `groupId`, `permissions`.`channelId`, "
                     + "'" + permission + "', "
                     + to_string(value.has_value ? value.value : -2) + ", "
                     + to_string(granted.has_value ? granted.value : -2) + ", "
                     + to_string(skip) + ", "
                     + to_string(negate) + " FROM groups ";
             query += "INNER JOIN `permissions` ";
-            query += "ON permissions.permId = 'i_group_auto_update_type' AND permissions.channelId = 0 AND permissions.id = groups.groupId AND permissions.serverId = groups.serverId AND permissions.value = " + to_string(update_type);
+            query += "ON permissions.permId = 'i_group_auto_update_type' AND permissions.id = groups.groupId AND permissions.serverId = groups.serverId AND permissions.value = " + to_string(update_type);
 
             logTrace(LOG_GENERAL, "Executing sql update: {}", query);
             auto result = sql::command(this->sql(), query).execute();
@@ -547,6 +547,24 @@ bool SqlDataManager::update_permissions(std::string &error) {
                 if(!auto_update(permission::update::QUERY_ADMIN, "b_channel_conversation_message_delete", {1, true}, false, false, {100, true}))
                     return false;
                 perm_version(2);
+
+            case 2:
+                if(!auto_update(permission::update::SERVER_ADMIN, "b_client_query_create_own", {1, true}, false, false, {75, true}))
+                    return false;
+                if(!auto_update(permission::update::QUERY_ADMIN, "b_client_query_create_own", {1, true}, false, false, {100, true}))
+                    return false;
+
+                /* for some reason some users haven't received these updates from last time */
+                if(!auto_update(permission::update::SERVER_ADMIN, "i_playlist_song_move_power", {75, true}, false, false, {75, true}))
+                    return false;
+                if(!auto_update(permission::update::QUERY_ADMIN, "i_playlist_song_move_power", {100, true}, false, false, {100, true}))
+                    return false;
+                if(!auto_update(permission::update::SERVER_ADMIN, "i_playlist_song_needed_move_power", {0, false}, false, false, {75, true}))
+                    return false;
+                if(!auto_update(permission::update::QUERY_ADMIN, "i_playlist_song_needed_move_power", {0, false}, false, false, {100, true}))
+                    return false;
+
+                perm_version(3);
             default:
                 break;
         }