Files
NightSpire/web-next/lib/admin.ts
T
Inna 1a45d48412 Admin: corregir columnas de account_access + enlace al panel en la cuenta
- Este build de AzerothCore usa account_access(AccountID, SecurityLevel), no el
  clásico (id, gmlevel). Se corrigen las 4 consultas (admin.ts, forum-perm.ts,
  forum.ts, admin-users.ts) -> isAdmin/forumIsModerator/gmlevel ahora funcionan.
- account page: enlace destacado al Panel de administración, visible solo si isAdmin.
- i18n es/en: Account.adminPanel.

Verificado: build OK; cuenta de prueba con SecurityLevel 3 (>= ADMIN_GMLEVEL) es admin.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-07-13 01:42:04 +00:00

28 lines
1013 B
TypeScript

import type { RowDataPacket } from 'mysql2'
import { db, DB } from './db'
import { normalizeEmail } from './bnet'
import type { SessionData } from './session'
/** ¿Es administrador? Por allowlist de email (ADMIN_EMAILS) o por gmlevel de AzerothCore. */
export async function isAdmin(session: SessionData): Promise<boolean> {
if (!session.bnetId) return false
const allow = (process.env.ADMIN_EMAILS || '')
.split(',')
.map((e) => normalizeEmail(e))
.filter(Boolean)
if (session.bnetEmail && allow.includes(normalizeEmail(session.bnetEmail))) return true
try {
const level = Number(process.env.ADMIN_GMLEVEL || 3)
const [rows] = await db(DB.auth).query<RowDataPacket[]>(
'SELECT SecurityLevel AS gmlevel FROM account_access WHERE AccountID = ? ORDER BY SecurityLevel DESC LIMIT 1',
[session.accountId ?? 0],
)
if (rows[0] && Number(rows[0].gmlevel) >= level) return true
} catch {
// account_access puede no existir (acore sin poblar)
}
return false
}