diff options
| author | Kuna <65683493+Thesourtimes@users.noreply.github.com> | 2021-12-24 19:12:11 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-12-24 19:12:11 +0000 |
| commit | a72d107bb5185da9480bafc5f2fb07f3dadb7eb8 (patch) | |
| tree | aae8ea4d75d8d6f8774c864f04a34da04f150493 | |
| parent | Fix typo (diff) | |
| parent | Comment about the hotfix (diff) | |
| download | server-a72d107bb5185da9480bafc5f2fb07f3dadb7eb8.tar.xz | |
Merge pull request #556 from Thesourtimes/master
(Finally) make a temporary fix for IP leak
| -rw-r--r-- | api/src/routes/guilds/#guild_id/bans.ts | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/api/src/routes/guilds/#guild_id/bans.ts b/api/src/routes/guilds/#guild_id/bans.ts index 4d12ae46..1e09a38d 100644 --- a/api/src/routes/guilds/#guild_id/bans.ts +++ b/api/src/routes/guilds/#guild_id/bans.ts @@ -6,9 +6,21 @@ import { getIpAdress, route } from "@fosscord/api"; export interface BanCreateSchema { delete_message_days?: string; reason?: string; -} +}; + +export interface BanRegistrySchema { + id: string; + user_id: string; + guild_id: string; + executor_id: string; + ip?: string; + reason?: string | undefined; +}; const router: Router = Router(); + +/* TODO: Deleting the secrets is just a temporary go-around. Views should be implemented for both safety and better handling. */ + router.get("/", route({ permission: "BAN_MEMBERS" }), async (req: Request, res: Response) => { const { guild_id } = req.params; @@ -16,7 +28,7 @@ router.get("/", route({ permission: "BAN_MEMBERS" }), async (req: Request, res: /* Filter secret from database registry.*/ - bans.forEach((registry) => { + bans.forEach((registry: BanRegistrySchema) => { delete registry.ip; }); @@ -27,7 +39,7 @@ router.get("/:user", route({ permission: "BAN_MEMBERS" }), async (req: Request, const { guild_id } = req.params; const user_id = req.params.ban; - let ban = await Ban.findOneOrFail({ guild_id: guild_id, user_id: user_id }); + let ban = await Ban.findOneOrFail({ guild_id: guild_id, user_id: user_id }) as BanRegistrySchema; /* Filter secret from registry. */ |