From fb60de692cb73bc2f4a46135ca3a2275bc5bc52e Mon Sep 17 00:00:00 2001
From: Dunemask <dunemask@gmail.com>
Date: Mon, 11 Mar 2024 19:50:58 -0600
Subject: [PATCH] [FIX] Styling & auth issues

---
 lib/controllers/s3-controller.js         | 12 +++++++++++-
 src/components/servers/BackupsDialog.jsx |  1 -
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/lib/controllers/s3-controller.js b/lib/controllers/s3-controller.js
index 37ea5ce..43c6f7d 100644
--- a/lib/controllers/s3-controller.js
+++ b/lib/controllers/s3-controller.js
@@ -3,6 +3,7 @@ import { getSignedUrl } from "@aws-sdk/s3-request-presigner";
 import { basename } from "node:path";
 import { getServerEntry } from "../database/queries/server-queries.js";
 import { ERR } from "../util/logging.js";
+import { checkAuthorization } from "../database/queries/server-queries.js";
 const s3Region = "us-east-1";
 
 async function getS3BackupData(serverId) {
@@ -27,6 +28,11 @@ async function getS3BackupData(serverId) {
 export async function listS3Backups(req, res) {
   const serverSpec = req.body;
   if (!serverSpec.id) return res.status(400).send("Server id missing!");
+  const authorized = await checkAuthorization(serverSpec.id, req.cairoId);
+  if (!authorized)
+    return res
+      .status(403)
+      .send("You do not have permission to access that server!");
   const s3Data = await getS3BackupData(serverSpec.id);
   if (!s3Data) return res.status(409).send("Backup not configured!");
   const { s3Config, bucket, backupPrefix } = s3Data;
@@ -55,7 +61,11 @@ export async function getS3BackupUrl(req, res) {
   if (!serverSpec.id) return res.status(400).send("Server id missing!");
   if (!serverSpec.backupPath)
     return res.status(400).send("Backup path missing!");
-
+  const authorized = await checkAuthorization(serverSpec.id, req.cairoId);
+  if (!authorized)
+    return res
+      .status(403)
+      .send("You do not have permission to access that server!");
   const s3Data = await getS3BackupData(serverSpec.id);
   if (!s3Data) return res.status(409).send("Backup not configured!");
   const { s3Config, bucket } = s3Data;
diff --git a/src/components/servers/BackupsDialog.jsx b/src/components/servers/BackupsDialog.jsx
index da51609..dff558b 100644
--- a/src/components/servers/BackupsDialog.jsx
+++ b/src/components/servers/BackupsDialog.jsx
@@ -57,7 +57,6 @@ export default function BackupDialog(props) {
       <Toolbar sx={{ display: { md: "none" } }} />
       <DialogTitle>Backups</DialogTitle>
       <DialogContent sx={{ height: "100%" }}>
-        <h1>Thine Backups {serverId}</h1>
         {backups.map((backup, i) => (
           <Stack key={i} sx={{ width: "100%" }} direction="row">
             <Typography variant="subtitle2" sx={{ m: "auto 0", width: "40%" }}>