Finished up with global user bans.

2024-11-29 15:39:53 -05:00 · 2024-11-29 15:39:53 -05:00 · 8fc699924e
parent 26df91262f
commit 8fc699924e
13 changed files with 180 additions and 37 deletions
--- a/package.json
+++ b/package.json
@ -11,6 +11,7 @@
    "express-session": "^1.18.0",
    "express-validator": "^7.2.0",
    "mongoose": "^8.4.3",
    "node-cron": "^3.0.3",
    "socket.io": "^4.8.1"
  },
  "scripts": {
--- a/src/controllers/api/account/registerController.js
+++ b/src/controllers/api/account/registerController.js
@ -19,6 +19,7 @@ const {validationResult, matchedData} = require('express-validator');
 //local imports
 const {userModel} = require('../../../schemas/userSchema');
 const userBanModel = require('../../../schemas/userBanSchema.js');
 const {exceptionHandler} = require('../../../utils/loggerUtils.js');
 module.exports.post = async function(req, res){
@ -27,6 +28,17 @@ module.exports.post = async function(req, res){
        if(validResult.isEmpty()){
            const user = matchedData(req);
            //Would prefer to stick this in userModel.statics.register() but we end up with circular dependencies >:(
            const nukedBans = await userBanModel.checkProcessedBans(user.user);
            //if we found any related nuked bans
            if(nukedBans != null){
                //Shit our pants!
                res.status(401);
                return res.send({errors:[{msg:"Cannot re-create banned account!",type:"unauthorized"}]});
            }
            await userModel.register(user)
            return res.sendStatus(200);
        }else{
--- a/src/controllers/api/admin/banController.js
+++ b/src/controllers/api/admin/banController.js
@ -65,14 +65,8 @@ module.exports.delete = async function(req, res){
        const validResult = validationResult(req);
        if(validResult.isEmpty()){
            const {user} = matchedData(req);
            const userDB = await userModel.findOne({user});
-            if(userDB == null){
+            await banModel.unban({user});
                res.status(400);
                return res.send({errors:[{type: "Bad Query", msg: "User not found.", date: new Date()}]});
            }
            await banModel.unbanByUserDoc(userDB);
            res.status(200);
            return res.send(await banModel.getBans());
--- a/src/schemas/userBanSchema.js
+++ b/src/schemas/userBanSchema.js
@ -18,12 +18,11 @@ along with this program.  If not, see <https://www.gnu.org/licenses/>.*/
 const {mongoose} = require('mongoose');
 //Local Imports
-const {userSchema} = require('./userSchema');
+const {userModel, userSchema} = require('./userSchema');
 const userBanSchema = new mongoose.Schema({
    user: {
        type: mongoose.SchemaTypes.ObjectID,
        required: true,
        ref: "user"
    },
    //To be used in future when ip-hashing/better session tracking is implemented
@ -36,6 +35,10 @@ const userBanSchema = new mongoose.Schema({
        type: [userSchema],
        required: false
    },
    deletedNames: {
        type: [mongoose.SchemaTypes.String],
        required: false
    },
    banDate: {
        type: mongoose.SchemaTypes.Date,
@ -60,9 +63,11 @@ userBanSchema.statics.checkBanByUserDoc = async function(userDB){
    var foundBan = null;
    banDB.forEach((ban) => {
        if(ban.user != null){
            if(ban.user.toString() == userDB._id.toString()){
                foundBan = ban;
            }
        }
    });
    return foundBan;
@ -73,6 +78,27 @@ userBanSchema.statics.checkBan = async function(user){
    return this.checkBanByUserDoc(userDB);
 }
 userBanSchema.statics.checkProcessedBans = async function(user){
    //Pull banlist and create empty variable to hold any found ban
    const banDB = await this.find({});
    var foundBan = null;
    //For each ban in list
    banDB.forEach((ban)=>{
        //For each deleted account associated with the ban
        ban.deletedNames.forEach((name)=>{
            //If the banned name equals the name we're checking against
            if(name == user){
                //We've found our ban
                foundBan = ban;
            }
        })
    });
    //Return any found associated ban
    return foundBan;
 }
 userBanSchema.statics.banByUserDoc = async function(userDB, permanent, expirationDays){
    //Prevent missing users
    if(userDB == null){
@ -111,20 +137,40 @@ userBanSchema.statics.unbanByUserDoc = async function(userDB){
        throw new Error("User not found")
    }
-    const ban = await this.checkBanByUserDoc(userDB);
+    const banDB = await this.checkBanByUserDoc(userDB);
-    if(!ban){
+    if(!banDB){
        throw new Error("User already un-banned");
    }
    //Use _id in-case mongoose wants to be a cunt
-    var oldBan = await this.deleteOne({_id: ban._id});
+    var oldBan = await this.deleteOne({_id: banDB._id});
    return oldBan;
 }
 userBanSchema.statics.unbanDeleted = async function(user){
    const banDB = await this.checkProcessedBans(user);
    if(!banDB){
        throw new Error("User already un-banned");
    }
    const oldBan = await this.deleteOne({_id: banDB._id});
    return oldBan;
 }
 userBanSchema.statics.unban = async function(user){
    //Find user in DB
    const userDB = await userModel.findOne({user: user.user});
-    return this.unbanByUserDoc(userDB);
+
    //If user was deleted
    if(userDB == null){
        //unban deleted user
        return await this.unbanDeleted(user.user);
    }else{
        //unban by user doc
        return await this.unbanByUserDoc(userDB);
    }
 }
 userBanSchema.statics.getBans = async function(){
@ -136,12 +182,15 @@ userBanSchema.statics.getBans = async function(){
        var expirationDate = new Date(ban.banDate);
        expirationDate.setDate(expirationDate.getDate() + ban.expirationDays);
-        const userObj = {
+        //Make sure we're not about to read the properties of a null object
        if(ban.user != null){
            var userObj = {
                id: ban.user.id,
                user: ban.user.user,
                img: ban.user.img,
                date: ban.user.date
            }
        }
        const banObj = {
            banDate: ban.banDate,
@ -150,6 +199,7 @@ userBanSchema.statics.getBans = async function(){
            user: userObj,
            ips: ban.ips,
            alts: ban.alts,
            deletedNames: ban.deletedNames,
            permanent: ban.permanent
        }
@ -159,6 +209,38 @@ userBanSchema.statics.getBans = async function(){
    return bans;
 }
 userBanSchema.statics.processExpiredBans = async function(){
    const banDB = await this.find({});
    banDB.forEach(async (ban) => {
        //This ban was already processed, and it's user has been deleted. There is no more to be done...
        if(ban.user == null){
            console.log(ban);
            return;
        }
        //If the ban hasn't been processed and it's got 0 or less days to go
        if(ban.getDaysUntilExpiration() <= 0){
            //If the ban is permanent
            if(ban.permanent){
                //Populate the user field
                await ban.populate('user');
                //Add the name to our deleted names list
                ban.deletedNames.push(ban.user.user);
                //Hey hey hey, goodbye!
                await userModel.deleteOne({_id: ban.user._id});
                //Empty out the reference
                ban.user = null;
                //Save the ban
                await ban.save();
            }else{
                //Otherwise, delete the ban and let our user back in :P
                await this.deleteOne({_id: ban._id});
            }
        }
    })
 }
 //methods
 userBanSchema.methods.getDaysUntilExpiration = function(){
        //Get ban date
@ -166,7 +248,7 @@ userBanSchema.methods.getDaysUntilExpiration = function(){
        //Get expiration days and calculate expiration date
        expirationDate.setDate(expirationDate.getDate() + this.expirationDays);
        //Calculate and return days until ban expiration
-        return ((expirationDate - new Date()) / (1000 * 60 * 60 * 24)).toFixed(1);
+        return daysUntilExpiraiton = ((expirationDate - new Date()) / (1000 * 60 * 60 * 24)).toFixed(1);
 }
 module.exports = mongoose.model("userBan", userBanSchema);
--- a/src/schemas/userSchema.js
+++ b/src/schemas/userSchema.js
@ -18,10 +18,10 @@ along with this program.  If not, see <https://www.gnu.org/licenses/>.*/
 const {mongoose} = require('mongoose');
 //local imports
-const server = require('../server.js');
+const server = require('../server');
-const statModel = require('./statSchema.js');
+const statModel = require('./statSchema');
-const flairModel = require('./flairSchema.js');
+const flairModel = require('./flairSchema');
-const permissionModel = require('./permissionSchema.js');
+const permissionModel = require('./permissionSchema');
 const hashUtil = require('../utils/hashUtils');
--- a/src/server.js
+++ b/src/server.js
@ -24,9 +24,10 @@ const mongoStore = require('connect-mongo');
 const mongoose = require('mongoose');
 //Define Local Imports
 const channelManager = require('./app/channel/channelManager');
 const scheduler = require('./utils/scheduler');
 const statModel = require('./schemas/statSchema');
 const flairModel = require('./schemas/flairSchema');
 const channelManager = require('./app/channel/channelManager');
 const indexRouter = require('./routers/indexRouter');
 const registerRouter = require('./routers/registerRouter');
 const profileRouter = require('./routers/profileRouter');
@ -112,6 +113,9 @@ statModel.incrementLaunchCount();
 //Load flairs
 flairModel.loadDefaults();
 //Kick off scheduled-jobs
 scheduler.kickoff();
 //Hand over general-namespace socket.io connections to the channel manager
 module.exports.channelManager = new channelManager(io)
--- a/src/utils/scheduler.js
+++ b/src/utils/scheduler.js
@ -0,0 +1,26 @@
 /*Canopy - The next generation of stoner streaming software
 Copyright (C) 2024  Rainbownapkin and the TTN Community
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as
 published by the Free Software Foundation, either version 3 of the
 License, or (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License
 along with this program.  If not, see <https://www.gnu.org/licenses/>.*/
 //NPM Imports
 const cron = require('node-cron');
 //Local Imports
 const userBanSchema = require('../schemas/userBanSchema');
 module.exports.kickoff = function(){
    //Process expired bans every night at midnight
    cron.schedule('* * * * *', ()=>{userBanSchema.processExpiredBans()},{scheduled: true, timezone: "UTC"});
 }
--- a/src/utils/sessionUtils.js
+++ b/src/utils/sessionUtils.js
@ -27,10 +27,12 @@ module.exports.authenticateSession = async function(user, pass, req){
    const banDB = await userBanModel.checkBanByUserDoc(userDB);
    if(banDB){
        //Make the number a little prettier despite the lack of precision since we're not doing calculations here :P
        const expiration = banDB.getDaysUntilExpiration() < 1 ? 0 : banDB.getDaysUntilExpiration();
        if(banDB.permanent){
-            throw new Error(`Your account has been banned, and will be permanently deleted in: ${banDB.getDaysUntilExpiration()} day(s)`);
+            throw new Error(`Your account has been banned, and will be permanently deleted in: ${expiration} day(s)`);
        }else{
-            throw new Error(`Your account has been temporarily banned, and will be reinstated in: ${banDB.getDaysUntilExpiration()} day(s)`);
+            throw new Error(`Your account has been temporarily banned, and will be reinstated in: ${expiration} day(s)`);
        }
    }
--- a/www/img/flair/gold.gif
+++ b/www/img/flair/gold.gif
--- a/www/img/flair/gold_big.gif
+++ b/www/img/flair/gold_big.gif
--- a/www/img/nuked.png
+++ b/www/img/nuked.png
--- a/www/js/adminPanel.js
+++ b/www/js/adminPanel.js
@ -283,7 +283,31 @@ class adminUserBanList{
    renderBanList(banList){
        this.clearBanList();
        console.log(banList);
        banList.forEach((ban) => {
            //Calculate expiration date and expiration days
            const expirationDate = new Date(ban.expirationDate);
            const expirationDays = ((expirationDate - new Date()) / (1000 * 60 * 60 * 24)).toFixed(1);
            var expirationDateString = `${expirationDate.toDateString()} (${expirationDays} day(s) left)`;
            var banActionString = ban.permanent ? "Account Deletion" : "Un-Ban";
            console.log(ban);
            if(ban.user == null){
                //Fudge the user object if it's already been deleted
                ban.user = {
                    img: "/img/nuked.png",
                    id: "-",
                    user: ban.deletedNames[0] ? ban.deletedNames[0] : "UNKNOWN",
                    deleted: true
                };
                //Fake the display string
                var signUpDateString = "-"
                expirationDateString = "Accounts Nuked"
                banActionString = "Accounts Nuked"
            }else{
                var signUpDateString = new Date(ban.user.date).toDateString()
            }
            //Create entry row
            const entryRow = document.createElement('tr');
            entryRow.classList.add("admin-list-entry");
@ -293,10 +317,6 @@ class adminUserBanList{
            imgNode.classList.add("admin-list-entry","admin-list-entry-item");
            imgNode.src = ban.user.img;
            //Calculate expiration date and expiration days
            const expirationDate = new Date(ban.expirationDate);
            const expirationDays = ((expirationDate - new Date()) / (1000 * 60 * 60 * 24)).toFixed(1);
            //Create unban icon
            const unbanIcon = document.createElement('i');
            unbanIcon.classList.add("bi-emoji-smile-fill","admin-user-list-icon","admin-user-list-unban-icon");
@ -315,11 +335,11 @@ class adminUserBanList{
            entryRow.appendChild(newCell(imgNode, true));
            entryRow.appendChild(newCell(ban.user.id));
            entryRow.appendChild(newCell(ban.user.user));
-            entryRow.appendChild(newCell(new Date(ban.user.date).toDateString()));
+            entryRow.appendChild(newCell(signUpDateString));
            entryRow.appendChild(newCell(new Date(ban.banDate).toDateString()));
-            entryRow.appendChild(newCell(`${expirationDate.toDateString()} (${expirationDays} day(s) left)`));
+            entryRow.appendChild(newCell(expirationDateString));
-            entryRow.appendChild(newCell(ban.permanent ? "Account Deletion" : "Un-Ban"));
+            entryRow.appendChild(newCell(banActionString));
-            entryRow.appendChild(newCell([unbanIcon, nukeAccount]));
+            entryRow.appendChild(newCell(ban.user.deleted ? unbanIcon : [unbanIcon, nukeAccount]));
            //Append row to table
            this.table.appendChild(entryRow);
--- a/www/js/utils.js
+++ b/www/js/utils.js
@ -25,10 +25,12 @@ class canopyUXUtils{
    constructor(){
    } 
    //Update this and popup class to use nodes
    //and display multiple errors in one popup
    displayResponseError(body){
        const errors = body.errors;
        errors.forEach((err)=>{
-            new canopyUXUtils.popup(`<h3>Server Error:</h3><p><br>Message: ${err.msg}`);
+            new canopyUXUtils.popup(`<h3>Server Error:</h3><p><br>${err.msg}</p>`);
        });
    }