6ff21c4f1d
Add comprehensive access control system for arcade rooms with 6 modes: - open: Anyone can join (default) - locked: Only current members allowed - retired: Room no longer functions - password: Requires password to join - restricted: Only users with pending invitations can join - approval-only: Requires host approval via join request system Database Changes: - Add accessMode field to arcade_rooms (replaces isLocked boolean with enum) - Add password field to arcade_rooms (hashed with bcrypt) - Create room_join_requests table for approval-only mode New API Endpoints: - PATCH /api/arcade/rooms/:roomId/settings - Update room access mode and password (host only) - POST /api/arcade/rooms/:roomId/transfer-ownership - Transfer ownership to another member (host only) - POST /api/arcade/rooms/:roomId/join-request - Request to join approval-only room - GET /api/arcade/rooms/:roomId/join-requests - Get pending join requests (host only) - POST /api/arcade/rooms/:roomId/join-requests/:requestId/approve - Approve join request (host only) - POST /api/arcade/rooms/:roomId/join-requests/:requestId/deny - Deny join request (host only) Updated Endpoints: - POST /api/arcade/rooms/:roomId/join - Now validates access modes before allowing join: * locked: Rejects all joins * retired: Rejects all joins (410 Gone) * password: Requires password validation * restricted: Requires valid pending invitation * approval-only: Requires approved join request * open: Allows anyone (existing behavior) Libraries: - Add room-join-requests.ts for managing join request lifecycle - Ownership transfer updates room.createdBy and member.isCreator flags - Socket.io events for join request notifications and ownership transfers Migration: 0007_access_modes.sql Next Steps (UI not included in this commit): - RoomSettingsModal for configuring access mode and password - Join request approval UI in ModerationPanel - Ownership transfer UI in ModerationPanel - Password input in join flow 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
19 lines
810 B
SQL
19 lines
810 B
SQL
-- Add access control columns to arcade_rooms
|
|
ALTER TABLE `arcade_rooms` ADD `access_mode` text DEFAULT 'open' NOT NULL;--> statement-breakpoint
|
|
ALTER TABLE `arcade_rooms` ADD `password` text(255);--> statement-breakpoint
|
|
|
|
-- Create room_join_requests table for approval-only mode
|
|
CREATE TABLE `room_join_requests` (
|
|
`id` text PRIMARY KEY NOT NULL,
|
|
`room_id` text NOT NULL,
|
|
`user_id` text NOT NULL,
|
|
`user_name` text(50) NOT NULL,
|
|
`status` text DEFAULT 'pending' NOT NULL,
|
|
`requested_at` integer NOT NULL,
|
|
`reviewed_at` integer,
|
|
`reviewed_by` text,
|
|
`reviewed_by_name` text(50),
|
|
FOREIGN KEY (`room_id`) REFERENCES `arcade_rooms`(`id`) ON UPDATE no action ON DELETE cascade
|
|
);--> statement-breakpoint
|
|
CREATE UNIQUE INDEX `idx_room_join_requests_user_room` ON `room_join_requests` (`user_id`,`room_id`);
|