From 41a2612fe32b65bcd5565c56195b2d407182598e Mon Sep 17 00:00:00 2001 From: TomatoCake <60300461+DEVTomatoCake@users.noreply.github.com> Date: Wed, 5 Jun 2024 05:53:05 +0200 Subject: [PATCH 1/8] Remove duplicated "border-radius" CSS property --- assets/email_templates/new_login_location.html | 3 +-- assets/email_templates/password_reset_request.html | 3 +-- assets/email_templates/verify_email.html | 1 - 3 files changed, 2 insertions(+), 5 deletions(-) diff --git a/assets/email_templates/new_login_location.html b/assets/email_templates/new_login_location.html index 8c188def..f1c5f8c5 100644 --- a/assets/email_templates/new_login_location.html +++ b/assets/email_templates/new_login_location.html @@ -73,7 +73,6 @@ Date: Wed, 5 Jun 2024 06:01:44 +0200 Subject: [PATCH 2/8] API /:guild_id/bans compat - Fix GET Ban using "ban"/"user" instead of "user_id" in params, making it unusable - Return a processed user object instead of the raw DB one - Silently ignore already banned users to prevent duplicate bans in the DB - Return HTTP 204 on successful bans instead of the raw DB ban object --- src/api/routes/guilds/#guild_id/bans.ts | 31 ++++++++++++++----------- 1 file changed, 17 insertions(+), 14 deletions(-) diff --git a/src/api/routes/guilds/#guild_id/bans.ts b/src/api/routes/guilds/#guild_id/bans.ts index d399e549..ab1b5cbd 100644 --- a/src/api/routes/guilds/#guild_id/bans.ts +++ b/src/api/routes/guilds/#guild_id/bans.ts @@ -1,17 +1,17 @@ /* Spacebar: A FOSS re-implementation and extension of the Discord.com backend. Copyright (C) 2023 Spacebar and Spacebar Contributors - + This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. - + You should have received a copy of the GNU Affero General Public License along with this program. If not, see . */ @@ -19,7 +19,6 @@ import { getIpAdress, route } from "@spacebar/api"; import { Ban, - BanModeratorSchema, BanRegistrySchema, DiscordApiErrors, GuildBanAddEvent, @@ -82,7 +81,7 @@ router.get( ); router.get( - "/:user", + "/:user_id", route({ permission: "BAN_MEMBERS", responses: { @@ -98,8 +97,7 @@ router.get( }, }), async (req: Request, res: Response) => { - const { guild_id } = req.params; - const user_id = req.params.ban; + const { guild_id, user_id } = req.params; let ban = (await Ban.findOneOrFail({ where: { guild_id: guild_id, user_id: user_id }, @@ -108,13 +106,12 @@ router.get( if (ban.user_id === ban.executor_id) throw DiscordApiErrors.UNKNOWN_BAN; // pretend self-bans don't exist to prevent victim chasing - /* Filter secret from registry. */ + const banInfo = { + user: await User.getPublicUser(ban.user_id), + reason: ban.reason, + } - ban = ban as BanModeratorSchema; - - delete ban.ip; - - return res.json(ban); + return res.json(banInfo); }, ); @@ -151,6 +148,12 @@ router.put( if (req.permission?.cache.guild?.owner_id === banned_user_id) throw new HTTPError("You can't ban the owner", 400); + const existingBan = await Ban.findOne({ + where: { guild_id: guild_id, user_id: banned_user_id }, + }); + // Bans on already banned users are silently ignored + if (existingBan) return res.status(204).send(); + const banned_user = await User.getPublicUser(banned_user_id); const ban = Ban.create({ @@ -174,7 +177,7 @@ router.put( } as GuildBanAddEvent), ]); - return res.json(ban); + return res.status(204).send(); }, ); From 92dea0e89cc5f51e4c6b795dc40788df65407e54 Mon Sep 17 00:00:00 2001 From: TomatoCake <60300461+DEVTomatoCake@users.noreply.github.com> Date: Wed, 5 Jun 2024 06:27:39 +0200 Subject: [PATCH 3/8] Add Bulk Ban endpoint - /:guild_id/bulk-ban endpoint - Support multiple required permissions for endpoints (untested as I don't know where those are set) - New API error BULK_BAN_FAILED --- assets/openapi.json | Bin 581350 -> 573995 bytes assets/schemas.json | Bin 20473634 -> 18446882 bytes package.json | 1 + src/api/routes/guilds/#guild_id/bulk-ban.ts | 124 ++++++++++++++++++++ src/api/util/handlers/route.ts | 22 ++-- src/util/schemas/BulkBanSchema.ts | 22 ++++ src/util/util/Constants.ts | 12 +- 7 files changed, 168 insertions(+), 13 deletions(-) create mode 100644 src/api/routes/guilds/#guild_id/bulk-ban.ts create mode 100644 src/util/schemas/BulkBanSchema.ts diff --git a/assets/openapi.json b/assets/openapi.json index a2249dc1c68b4e5ef75eb62f43b5ba384d9fc0fe..f649c9b22c817a2f33ae5c7afdb99e5b8398c25f 100644 GIT binary patch delta 324 zcmaF1S9x`d@`h}V$@j$twx@YBi7-#U5X{8A{hA-sbJ1oE@$DMojMfLHKgeTBn4Wr_ z@!52T!;CT0<;)o4CI@sUOkWVf$U42@KV$6V2KD&qAEa0~Hq|X=+OB_>@p;7L1AnEq z?@eLaRXY8`WhR#G?`|<|Wt?7qi>YLKLL`&N^bIwPa??NXGe%9%w_{}A{_i+bJL7b} zU5xi8KTu`e9{-q0mSg&>1B^V=3wAQfPEVM}A+X)%E>j@$^!i=Q?Cs63nShuXh*^M` zb$jz`wzgol(wuDFq{QhPm#~UVFOXrCnXVwjCO&;$1pBe+0c%*kO)8R|Y@o`qJ>W3= zea7t{wzAG<-p*mquERE6$B$iX`hk0FMhL~*P2JfeS-0~Eadx4UKp#we^uc5& zJ2T(R@B8Na{l4$xi~D|<-#63m&T7!q9^J5PEn?O8s=7|26|fQ#xT z4A=i4We`+^D)2{%#p2HuJ%&&T&P%zPSw)-kGi>E-HjG|Cd&!HNj&i4eLPc!3w}ixE zRA-s<`&oSO5R)6L;L}B;YJ=3|`vaD2_fpx4(TLWq(Jony*qWis z+$2*q(ks&_9iX}`Yr3rR&otHH3byuiKF?8^6PwUahuKk5=%7}%PgWh)oK?8J3zuyskJEGyok&?&#@G3R8jG>DIxpO+mE6p#$q|#`XiT~0bvY@Gz=lq8 zg`yq`8w&RPHT!I^#=~i1&DT8a$nsvt?mQ2_Bq~x1wPHLkY}8jH7KK$y1LZs9!4U({ zZ-SSNPPyS%1?Rx!66}Ke`*DtF#MHqd4(i>NoKTZ?X(o->>`F8X)_*2XvUourv^U~R zhy}3c^)X*!%!g_h!TUXW$U5I{hk%04K|sO^$RnsSvG4%hK8HG-ve**7kNGPK9;@;tTTCOc{*17P6}E`*(VM7J>fw)5H(S^L9HA5c zL5^no-Nk}*{Cv!$mX$1~av1p*70g~v`z0GLeIiMT$pD@mg7vSE2vZ+oJyHA_o0maFdqURgby)s`i|?35X4I*0@XL9`owyv zG>_h4Vq&6LDk89QRpL$H8{&buB7KpVStcHoxK$>-EJCq~av;!&Trl&9+=X>NhnNlt kyJ7Vr*#k2n*BHECD#>tar#laV?}|ASbBdIhQ{3j{pRQ?}WB>pF diff --git a/assets/schemas.json b/assets/schemas.json index ecc87b03290a04a5a4311cf723c224abb54bc159..7a57dfcf5dac412b69d459413e85bcc0240fe948 100644 GIT binary patch delta 5850 zcma)=X;4#F6vyX=KnO7*AcRE{M5$W}!XV&o)Z&H>8Ar5Hqz^uDAeoq_ zaF;v&Onc;!O&os~_w!1(KS=B2Rh5okgLnFR+HX&UhCXT+7`H3P4>&`F75MuLqG>}y z@Guc_u0Ab#HG!~s&Nrzwae=f;42T*eWd2$)J zj06r0g|pislZ;8&GiH4v<<{J47$l!f1@ONX7uaL*3DzXM?x1kRZbXbSxlBRa|_JRQNo^ph1b`k^7h z?8FWeUAi^$6hf5NT#WW|Md&RSk1iG?xc$1Z%T);O*!J-ynD=P@UUvm!H^yah6=G$q zrrL1gLW^}VX$b4@=tG}Poq^D%g*DSBU}C=HX>5i&J4TQlsgI|cD7}$D|FL>!xDly0 zKy}ghkzgosa);}Q9s#z!PYqqMp@a&^PzmLu^&KLpU#peU9X+wrFz$@ZF<|nKPOOa~Fgu`{6Jolj- z;rchT%)tmh=-REHufXK|mMi%`A)KT{ys?v+dqQXnr)~;k&gdoL>SgtpKNEG4IB zLglSsTT3?_+V!Pfh?H7cP*#TVr0V>EQp~OqI3fAplq(Q1qoq-Y^Dx{w)6s5(aVqpU zJ{Y~;wi6rO*ujDJNvVBl%PrF#EJ^=984l9|Kg1Z4g}7Xx{tU}j_5BP@Z41w4`HfVN!2AYBAec| zZ?#XZBx6)-2mLsR8PvxdR1z4SF4xFrrgq8xa5= z^&{rndo<8!#Qy(IWUx*n?)TqS)9O%H$n5m?5+2dOvqi=^keKAJg1SJl3e3sZ_OlZG zkubaMz0ty~TN{#CN=+O@FO>Vi&in`Kpm(8M4TiM7KA@|S`a{7Xvh&Y3G)5~Hu3`q^InA=52j?zD0A7`u4wy>TY#FrE3HT5E_?i+QC zl(4PZUlzQWg;xFfnmNAB{8@et! znq$JT(NcbNcOcOtymz$Ze5iH+S%z_6=(6Q}OiD1>fS|2u`v;LF>_wJL%3hW}DJcVz zl8kz&mh1e$&{`P;H$9dHf+2K#kfqv90h!*pO1Lg_a)I-YJVN2-jAoVNbd38*C4sy` zB7=ZCXNI!P@us^&$O?r2yjh_o)rctaw!y{+u|)hA`NK&Z#ilw}$2w0JB=QkB?aTS$0E3!?8T8l3zdQfnTF%;NMs_2+IXMaEYa^Rfg zCfu9ceC{{T@3}A8e)c2N_ScSw?6c^jrrDHgyTk3VRk)|tD0aJAm+i~d&!S6xVZqc| zkZSeGx)|E`j%=aJePIS^KAqXAkN340vVv+hLj!M-!E|kvng+=M-t1CU!QmTvf6@^Temib@am1UDR=v-XzOjW5=UG!8=*$8@y z%(Aa{b_|uhZ8Fo+*W;6@^VM~!Klm2Nsb0=AxSbBWo2E2GMs4jpY?dPF^RBKNXkfWy zq7Mhc;>cTcDm5^-pmIkgNjI6}$a$hPm0FU55(CSpUS*m-QYo)fOFb@Csh_0Sn|?xf zeQwGMJV#quA(XShGR`+xm}=1G(X_yK{F(Ug<{P58TuM`MV^tMdOwrd<=aVNV29?)2 zXiDd}Sn}@MHYzYlU*&Ms)0CCTlLB|8+o^S7zBZe0A16CSCVY2SS5Zf~qowbjFqW28 zU0&FHWnrpITgCGC{#dnTmjA~z?e+f9v;}Up^6Kdobq>4#bNk*rWvl;HPg6X~H`D3a zi8Dj4eB6oF+uaWP)&Ip&t4*OJ%cU4fn_;&2O~eLZB={{{{cMka8Y$}KXe#p>BB<=C zE(7)Yq!4oKJeL`y;RrDGubCM^iqlC4=Y`8OIOagHuWWW6U0N0$On>RmPj5RguU4w2 zh9mkhZBdKtwEu~UnKamubrb2%$B*$p8dj}(N>$HPhoja;tx3iV|3riK2B#}@{0`j+ zn)7I=`T7#o<$up^*;Av+Zl_vdtFoz;vQpu(Iqb6bkgO^dHL_Z#)~j}pY_rRX_Sa8< z4vyA)9~ca>QpuyCmMl-B%kIANpj@FbwP{9GddbkY=fjX~OiXyncM1d{h!LIQKo|6k@VFIVasRoSW7T>ouB#%0SU+qBKx z*ZSO8ZFS7oHtFTxPNO5+h9w79dF!#+iF9#Uw2{)6=;QU;%W+ZeZ?coVS$WbIvlDdI zYO?GJPW-o(JogQKg04pK9q&va>2Q214c`--F!bKaa|`o=)uD~|c)OIZx0WkzIuaM2 zC{@t5((EKENi~>g)QJgkH2B2&6obR5G&Iu4jpGxC`ERK%wbJHNE2wp1P&B=sUr-b^ zPs@?3H)G|NoLK(~i<~yU#^#oXws5yRrQ}BKlhfXJl~SR~F4gH$-P*g-J}&Lf&|GA9 zAPxKUrA=1a9+wSP>j{ucB%{oHIne;L?q!*;98M{{>ViV{@)}a zwH*#KcaPLJ=*U@iM+&~{wR!~K^_;%zgQu_bmlia)Ze1?jYtNeo<1o&wp7k|{gmu3g zT#gXOfQ{vVt-Cp7lY|Nd-3X4|h(LP(EbMJPc`sz41oyWDQG#>W{H~`Z`H|k`o;0{$h&QE zIQ32nkMbW;=RX`RQFLzHI73Hk9xF%;OiMj2C1^KH)Y*|~qi}0{^3d^YgU=bv-CI+? zG-8JkIxft12#LjWbwAYsHehpuy=smAZoo#5oZBI(;?SPpLlP1jiOnpr14kH&%C}6- z2Iz)vX1c{5Q`iF3BdABX)gz?A4i#_wID7+&66ofpTV#|+9t3Q_W(RxUM$3JuM*y1} zY|>yG#IOTVO^9vi=B8WR@<~iBU;{Qg*e%iV_XMHwhsGbX#vf_04dTt>#9fGO#5T9s z9@0I_ksN74b|br4X7`xwsXje)LpL+s;_f4IeJo%DHaFP68$N0?#*(PExmDXDVan*2 zQHlUIJJ^pqGoHlWNWkU=yHF9Z!l}Wz+)czl^F3>PR=tr%HBUL zIdGYW`<#o6VtRRAiAglq=gmdbBkFlY{Uk+f-hAEdfDPE}V88m}_?t261Z-Zg3l#C* zm-)>|Y`|s*JAFif8?XVJ9c<<1!XjL$1hCn`u31&I35gBZ++dRiJ6!ZXHl-4}p_`j- z@zv3(U!XMt*z92Mmu@(P#0G43u&c9YwufPdJa)*l+99tsvtO#b$%e#6VzW!^^WIs2 zodMX~U{gy>sa|9~H#-Kg4c$C-N1QC#4c*YqO}EgpyB&=`z-9+~uy{c#5*x6&!6ps1 zUL3YBS{aP)AG&|cx_?8uBRUs9jw_WQyV+%TS^s&HSl54BG%6G5W~bXP(=9aJ ze?_$o*xX=KAhs8ts`&&5x2UW(Rw$w0s?412#L@O<608aCj?VvxD8T^p0?xZUflt zU@us|8V9xFqs4Tw1_MaoW`|p}e$di^as=fFx6~H@FyFleXOIClJJ`2P z{sk_xgHnWFDUx5et_8hpBsROmZfXDZ8I&S`%?&oSM8}7TX)muIhS-K~j=BvZ|U?ORxoC z3t+Ydh!d(v!f+FH3%9yOywdvgS-=KtZm_AS>;)5jekmfHUfXC{<9j`7Dy5#55(0Hg zM~Xhlf5X?YDtqd6miyhW!{sqAf&nU>iH1vyLc~JScgXl{^oK=PSV)teLSEA6(OWe+Xa$HZ$1%f@cd{ z!!tP$VIof`rzF&oH*k)#%j8*$18m_sy_S|r6H(bLtGuPro!#k^ufDPEpVAI&011LnW2a?+!NV>0o za5M56dCe`awXO)deaLHWc`ZuQKZ-OUuo2kY0^5IvrN~?O@rMb}4c**y4?K91;2N&E zxh_2P8QLN!v$>VowEfJft;lQSHMhJDT*qYmQcFB#i$gPfgAW?0G3E46KpoVXQ5UOb zez^jdK1OZAt~SwX?ojGmeir?0;O2%~WNbgzfS>ULY<95A`p>_QOJf2yH`o-oLPNyY z7cNF(6p2wJvr*)b?l;F@%)w9++08S%k5*n@gpwP&+3D`s)nMwm&?-rFD7?X&8}FX% z=Yyn8kPX?~WN-b|rv}M}(IiHb%tn(vHx`FVE<`pWn^$B{QfS3sOx)0q`n?xdYV7IU z5+RMzQSXl65W1&Smx(Y(m@^A=@((X*O>THhz. +*/ + +import { getIpAdress, route } from "@spacebar/api"; +import { + Ban, + DiscordApiErrors, + GuildBanAddEvent, + Member, + User, + emitEvent, +} from "@spacebar/util"; +import { Request, Response, Router } from "express"; +import { HTTPError } from "lambert-server"; + +const router: Router = Router(); + +router.post( + "/", + route({ + requestBody: "BulkBanSchema", + permission: ["BAN_MEMBERS", "MANAGE_GUILD"], + responses: { + 200: { + body: "Ban", + }, + 400: { + body: "APIErrorResponse", + }, + 403: { + body: "APIErrorResponse", + }, + }, + }), + async (req: Request, res: Response) => { + const { guild_id } = req.params; + + const userIds: Array = req.body.user_ids; + if (!userIds) + throw new HTTPError("The user_ids array is missing", 400); + if (userIds.length > 200) + throw new HTTPError("The user_ids array must be between 1 and 200 in length", 400); + + const banned_users = []; + const failed_users = []; + for await (const banned_user_id of userIds) { + if ( + req.user_id === banned_user_id && + banned_user_id === req.permission?.cache.guild?.owner_id + ) { + failed_users.push(banned_user_id); + continue; + } + + if (req.permission?.cache.guild?.owner_id === banned_user_id) { + failed_users.push(banned_user_id); + continue; + } + + const existingBan = await Ban.findOne({ + where: { guild_id: guild_id, user_id: banned_user_id }, + }); + if (existingBan) { + failed_users.push(banned_user_id); + continue; + } + + let banned_user; + try { + banned_user = await User.getPublicUser(banned_user_id); + } catch { + failed_users.push(banned_user_id); + continue; + } + + const ban = Ban.create({ + user_id: banned_user_id, + guild_id: guild_id, + ip: getIpAdress(req), + executor_id: req.user_id, + reason: req.body.reason, // || otherwise empty + }); + + try { + await Promise.all([ + Member.removeFromGuild(banned_user_id, guild_id), + ban.save(), + emitEvent({ + event: "GUILD_BAN_ADD", + data: { + guild_id: guild_id, + user: banned_user, + }, + guild_id: guild_id, + } as GuildBanAddEvent), + ]); + banned_users.push(banned_user_id); + } catch { + failed_users.push(banned_user_id); + continue; + } + } + + if (banned_users.length === 0 && failed_users.length > 0) throw DiscordApiErrors.BULK_BAN_FAILED; + return res.json({ banned_users: banned_users, failed_users: failed_users }); + }, +); + +export default router; diff --git a/src/api/util/handlers/route.ts b/src/api/util/handlers/route.ts index 5a0b48e6..fb2b444f 100644 --- a/src/api/util/handlers/route.ts +++ b/src/api/util/handlers/route.ts @@ -1,17 +1,17 @@ /* Spacebar: A FOSS re-implementation and extension of the Discord.com backend. Copyright (C) 2023 Spacebar and Spacebar Contributors - + This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. - + You should have received a copy of the GNU Affero General Public License along with this program. If not, see . */ @@ -90,19 +90,21 @@ export function route(opts: RouteOptions) { return async (req: Request, res: Response, next: NextFunction) => { if (opts.permission) { - const required = new Permissions(opts.permission); req.permission = await getPermission( req.user_id, req.params.guild_id, req.params.channel_id, ); - // bitfield comparison: check if user lacks certain permission - if (!req.permission.has(required)) { - throw DiscordApiErrors.MISSING_PERMISSIONS.withParams( - opts.permission as string, - ); - } + const requiredPerms = Array.isArray(opts.permission) ? opts.permission : [opts.permission]; + requiredPerms.forEach((perm) => { + // bitfield comparison: check if user lacks certain permission + if (!req.permission!.has(new Permissions(perm))) { + throw DiscordApiErrors.MISSING_PERMISSIONS.withParams( + perm as string, + ); + } + }); } if (opts.right) { diff --git a/src/util/schemas/BulkBanSchema.ts b/src/util/schemas/BulkBanSchema.ts new file mode 100644 index 00000000..48a7bac8 --- /dev/null +++ b/src/util/schemas/BulkBanSchema.ts @@ -0,0 +1,22 @@ +/* + Spacebar: A FOSS re-implementation and extension of the Discord.com backend. + Copyright (C) 2023 Spacebar and Spacebar Contributors + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as published + by the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see . +*/ + +export interface BulkBanSchema { + user_ids: string[]; + delete_message_seconds?: number; +} diff --git a/src/util/util/Constants.ts b/src/util/util/Constants.ts index e68bb0b7..d61bcaca 100644 --- a/src/util/util/Constants.ts +++ b/src/util/util/Constants.ts @@ -1,17 +1,17 @@ /* Spacebar: A FOSS re-implementation and extension of the Discord.com backend. Copyright (C) 2023 Spacebar and Spacebar Contributors - + This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. - + You should have received a copy of the GNU Affero General Public License along with this program. If not, see . */ @@ -553,6 +553,8 @@ export const VerificationLevels = [ * * LOTTIE_ANIMATION_MAXIMUM_DIMENSIONS * * STICKER_FRAME_RATE_TOO_SMALL_OR_TOO_LARGE * * STICKER_ANIMATION_DURATION_MAXIMUM + * * AUTOMODERATOR_BLOCK + * * BULK_BAN_FAILED * * UNKNOWN_VOICE_STATE * @typedef {string} APIError */ @@ -1001,6 +1003,10 @@ export const DiscordApiErrors = { "Message was blocked by automatic moderation", 200000, ), + BULK_BAN_FAILED: new ApiError( + "Failed to ban users", + 500000 + ), //Other errors UNKNOWN_VOICE_STATE: new ApiError("Unknown Voice State", 10065, 404), From ea523d06b7d763ddccad7ce850139a44920984a0 Mon Sep 17 00:00:00 2001 From: TomatoCake <60300461+DEVTomatoCake@users.noreply.github.com> Date: Wed, 5 Jun 2024 07:05:30 +0200 Subject: [PATCH 4/8] Fix lint: let -> const --- src/api/routes/guilds/#guild_id/bans.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/api/routes/guilds/#guild_id/bans.ts b/src/api/routes/guilds/#guild_id/bans.ts index ab1b5cbd..5d580ebe 100644 --- a/src/api/routes/guilds/#guild_id/bans.ts +++ b/src/api/routes/guilds/#guild_id/bans.ts @@ -99,7 +99,7 @@ router.get( async (req: Request, res: Response) => { const { guild_id, user_id } = req.params; - let ban = (await Ban.findOneOrFail({ + const ban = (await Ban.findOneOrFail({ where: { guild_id: guild_id, user_id: user_id }, })) as BanRegistrySchema; From a3a28f522f7c8639c8b1a2911fa178207b74d52f Mon Sep 17 00:00:00 2001 From: Madeline <46743919+MaddyUnderStars@users.noreply.github.com> Date: Wed, 5 Jun 2024 15:17:20 +1000 Subject: [PATCH 5/8] prettier --- src/api/routes/guilds/#guild_id/bans.ts | 2 +- src/api/routes/guilds/#guild_id/bulk-ban.ts | 16 +++++++++++----- src/api/util/handlers/route.ts | 4 +++- src/util/util/Constants.ts | 5 +---- 4 files changed, 16 insertions(+), 11 deletions(-) diff --git a/src/api/routes/guilds/#guild_id/bans.ts b/src/api/routes/guilds/#guild_id/bans.ts index 5d580ebe..5ae9bdb9 100644 --- a/src/api/routes/guilds/#guild_id/bans.ts +++ b/src/api/routes/guilds/#guild_id/bans.ts @@ -109,7 +109,7 @@ router.get( const banInfo = { user: await User.getPublicUser(ban.user_id), reason: ban.reason, - } + }; return res.json(banInfo); }, diff --git a/src/api/routes/guilds/#guild_id/bulk-ban.ts b/src/api/routes/guilds/#guild_id/bulk-ban.ts index 47e7c4cb..f544103a 100644 --- a/src/api/routes/guilds/#guild_id/bulk-ban.ts +++ b/src/api/routes/guilds/#guild_id/bulk-ban.ts @@ -51,10 +51,12 @@ router.post( const { guild_id } = req.params; const userIds: Array = req.body.user_ids; - if (!userIds) - throw new HTTPError("The user_ids array is missing", 400); + if (!userIds) throw new HTTPError("The user_ids array is missing", 400); if (userIds.length > 200) - throw new HTTPError("The user_ids array must be between 1 and 200 in length", 400); + throw new HTTPError( + "The user_ids array must be between 1 and 200 in length", + 400, + ); const banned_users = []; const failed_users = []; @@ -116,8 +118,12 @@ router.post( } } - if (banned_users.length === 0 && failed_users.length > 0) throw DiscordApiErrors.BULK_BAN_FAILED; - return res.json({ banned_users: banned_users, failed_users: failed_users }); + if (banned_users.length === 0 && failed_users.length > 0) + throw DiscordApiErrors.BULK_BAN_FAILED; + return res.json({ + banned_users: banned_users, + failed_users: failed_users, + }); }, ); diff --git a/src/api/util/handlers/route.ts b/src/api/util/handlers/route.ts index fb2b444f..2c98783a 100644 --- a/src/api/util/handlers/route.ts +++ b/src/api/util/handlers/route.ts @@ -96,7 +96,9 @@ export function route(opts: RouteOptions) { req.params.channel_id, ); - const requiredPerms = Array.isArray(opts.permission) ? opts.permission : [opts.permission]; + const requiredPerms = Array.isArray(opts.permission) + ? opts.permission + : [opts.permission]; requiredPerms.forEach((perm) => { // bitfield comparison: check if user lacks certain permission if (!req.permission!.has(new Permissions(perm))) { diff --git a/src/util/util/Constants.ts b/src/util/util/Constants.ts index d61bcaca..98ae2d31 100644 --- a/src/util/util/Constants.ts +++ b/src/util/util/Constants.ts @@ -1003,10 +1003,7 @@ export const DiscordApiErrors = { "Message was blocked by automatic moderation", 200000, ), - BULK_BAN_FAILED: new ApiError( - "Failed to ban users", - 500000 - ), + BULK_BAN_FAILED: new ApiError("Failed to ban users", 500000), //Other errors UNKNOWN_VOICE_STATE: new ApiError("Unknown Voice State", 10065, 404), From aa412e0e60257029ee6dd92ba7099231f43d2774 Mon Sep 17 00:00:00 2001 From: TomatoCake <60300461+DEVTomatoCake@users.noreply.github.com> Date: Wed, 5 Jun 2024 21:59:29 +0200 Subject: [PATCH 6/8] Remove parent for childs on category deletion --- src/api/routes/channels/#channel_id/index.ts | 24 +++++++++++++++++--- src/util/entities/Channel.ts | 8 +++---- 2 files changed, 25 insertions(+), 7 deletions(-) diff --git a/src/api/routes/channels/#channel_id/index.ts b/src/api/routes/channels/#channel_id/index.ts index 567c7c92..99f9a647 100644 --- a/src/api/routes/channels/#channel_id/index.ts +++ b/src/api/routes/channels/#channel_id/index.ts @@ -1,17 +1,17 @@ /* Spacebar: A FOSS re-implementation and extension of the Discord.com backend. Copyright (C) 2023 Spacebar and Spacebar Contributors - + This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. - + You should have received a copy of the GNU Affero General Public License along with this program. If not, see . */ @@ -90,6 +90,24 @@ router.delete( } else if (channel.type === ChannelType.GROUP_DM) { await Channel.removeRecipientFromChannel(channel, req.user_id); } else { + if (channel.type == ChannelType.GUILD_CATEGORY) { + const channels = await Channel.find({ + where: { parent_id: channel_id }, + }); + for await (const c of channels) { + c.parent_id = null; + + await Promise.all([ + c.save(), + emitEvent({ + event: "CHANNEL_UPDATE", + data: c, + channel_id: c.id, + } as ChannelUpdateEvent), + ]); + } + } + await Promise.all([ Channel.delete({ id: channel_id }), emitEvent({ diff --git a/src/util/entities/Channel.ts b/src/util/entities/Channel.ts index 169eab3d..71ccf49e 100644 --- a/src/util/entities/Channel.ts +++ b/src/util/entities/Channel.ts @@ -1,17 +1,17 @@ /* Spacebar: A FOSS re-implementation and extension of the Discord.com backend. Copyright (C) 2023 Spacebar and Spacebar Contributors - + This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. - + You should have received a copy of the GNU Affero General Public License along with this program. If not, see . */ @@ -105,7 +105,7 @@ export class Channel extends BaseClass { @Column({ nullable: true }) @RelationId((channel: Channel) => channel.parent) - parent_id: string; + parent_id: string | null; @JoinColumn({ name: "parent_id" }) @ManyToOne(() => Channel) From c8a90a4ab4c89929617f5dd367a29699b68258a9 Mon Sep 17 00:00:00 2001 From: TomatoCake <60300461+DEVTomatoCake@users.noreply.github.com> Date: Sun, 23 Jun 2024 12:43:42 +0200 Subject: [PATCH 7/8] German translations + EN PW length requirement (#1123) --- assets/locales/de/auth.json | 28 ++++++++++++++++++---------- assets/locales/en/auth.json | 2 +- assets/locales/ur/auth.json | 4 ++-- 3 files changed, 21 insertions(+), 13 deletions(-) diff --git a/assets/locales/de/auth.json b/assets/locales/de/auth.json index e19547a0..f41b67db 100644 --- a/assets/locales/de/auth.json +++ b/assets/locales/de/auth.json @@ -1,16 +1,24 @@ { "login": { - "INVALID_LOGIN": "E-Mail or Phone not found", - "INVALID_PASSWORD": "Invalid Password", - "ACCOUNT_DISABLED": "This account is disabled" + "INVALID_LOGIN": "Ungültiger Benutzername/E-Mail oder Passwort.", + "INVALID_PASSWORD": "Ungültiges Passwort", + "ACCOUNT_DISABLED": "Dieser Account wurde deaktiviert", + "INVALID_TOTP_CODE": "Ungültiger Zwei-Faktor-Authentifierungs-Code.", + "INVALID_TOTP_SECRET": "Ungültiges Zwei-Faktor-Authentifierungs-Secret" }, "register": { - "REGISTRATION_DISABLED": "New user registration is disabled", - "INVITE_ONLY": "You must be invited to register", - "EMAIL_INVALID": "Invalid Email", - "EMAIL_ALREADY_REGISTERED": "Email is already registered", - "DATE_OF_BIRTH_UNDERAGE": "You need to be {{years}} years or older", - "CONSENT_REQUIRED": "You must agree to the Terms of Service and Privacy Policy.", - "USERNAME_TOO_MANY_USERS": "Too many users have this username, please try another" + "REGISTRATION_DISABLED": "Die Registrierung von neuen Benutzern ist deaktiviert", + "INVITE_ONLY": "Du musst eingeladen werden, um dich registrieren zu können", + "EMAIL_INVALID": "Ungültige E-Mail-Adresse", + "EMAIL_ALREADY_REGISTERED": "E-Mail-Adresse ist bereits registriert", + "DATE_OF_BIRTH_UNDERAGE": "Du musst mindestens {{years}} Jahre oder älter sein", + "PASSWORD_REQUIREMENTS_MIN_LENGTH": "Das Passwort muss mindestens {{min}} Zeichen lang sein.", + "CONSENT_REQUIRED": "Du musst den Nutzungsbedingungen und der Datenschutzerklärung zustimmen.", + "USERNAME_TOO_MANY_USERS": "Zu viele Nutzer haben diesen Benutzernamen, bitte probiere einen anderen", + "TOO_MANY_REGISTRATIONS": "Zu viele Registrierungen, bitte versuche es später erneut" + }, + "password_reset": { + "EMAIL_DOES_NOT_EXIST": "E-Mail-Adresse existiert nicht.", + "INVALID_TOKEN": "Ungültiger Token." } } diff --git a/assets/locales/en/auth.json b/assets/locales/en/auth.json index 2415c657..bdc90642 100644 --- a/assets/locales/en/auth.json +++ b/assets/locales/en/auth.json @@ -12,9 +12,9 @@ "EMAIL_INVALID": "Invalid Email", "EMAIL_ALREADY_REGISTERED": "Email is already registered", "DATE_OF_BIRTH_UNDERAGE": "You need to be {{years}} years or older", + "PASSWORD_REQUIREMENTS_MIN_LENGTH": "The password must be at least {{min}} characters long.", "CONSENT_REQUIRED": "You must agree to the Terms of Service and Privacy Policy.", "USERNAME_TOO_MANY_USERS": "Too many users have this username, please try another", - "GUESTS_DISABLED": "Guest users are disabled", "TOO_MANY_REGISTRATIONS": "Too many registrations, please try again later" }, "password_reset": { diff --git a/assets/locales/ur/auth.json b/assets/locales/ur/auth.json index 1dac2474..7f558d01 100644 --- a/assets/locales/ur/auth.json +++ b/assets/locales/ur/auth.json @@ -10,8 +10,8 @@ "EMAIL_INVALID": "Invalid Email", "EMAIL_ALREADY_REGISTERED": "Email is already registered", "DATE_OF_BIRTH_UNDERAGE": "You need to be {{years}} years or older", - "PASSWORD_REQUIREMENTS_MIN_LENGTH": "Must be at least {{min}} characters long.", - "CONSENT_REQUIRED": "You must agree to the Terms of Service and Privacy Policy.", + "PASSWORD_REQUIREMENTS_MIN_LENGTH": "The password must be at least {{min}} characters long.", + "CONSENT_REQUIRED": "You must agree to the Terms of Service and Privacy Policy.", "USERNAME_TOO_MANY_USERS": "Too many users have this username, please try another" } } From 2d8238f2869adfddb6fdae8e5f9d43dedc4e5d99 Mon Sep 17 00:00:00 2001 From: Diana Nilsson Date: Thu, 27 Jun 2024 10:53:17 +0200 Subject: [PATCH 8/8] Add missing entries to UserSettings --- src/util/entities/UserSettings.ts | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/util/entities/UserSettings.ts b/src/util/entities/UserSettings.ts index 0d5d9aad..0d4b6a7b 100644 --- a/src/util/entities/UserSettings.ts +++ b/src/util/entities/UserSettings.ts @@ -63,6 +63,9 @@ export class UserSettings extends BaseClassWithoutId { @Column({ nullable: true }) explicit_content_filter: number = 0; + @Column({ nullable: true }) + friend_discovery_flags: number = 0; + @Column({ nullable: true, type: "simple-json" }) friend_source_flags: FriendSourceFlags = { all: true }; @@ -116,6 +119,10 @@ export class UserSettings extends BaseClassWithoutId { @Column({ nullable: true }) timezone_offset: number = 0; // e.g -60 + + @Column({ nullable: true }) + view_nsfw_guilds: boolean = true; + } interface CustomStatus {