diff options
author | Nobody <git@n0bodysec.com> | 2022-03-08 12:01:00 -0300 |
---|---|---|
committer | Nobody <git@n0bodysec.com> | 2022-03-08 12:01:00 -0300 |
commit | 4294c6a8753379a06b5f4c21c4d4258352ec139d (patch) | |
tree | fb9cec416166bb1262a7c3ee008272405c907e71 /api | |
parent | Revert "Type change" (diff) | |
download | server-4294c6a8753379a06b5f4c21c4d4258352ec139d.tar.xz |
fix(api): working ban list
We should never use await inside loops
Diffstat (limited to 'api')
-rw-r--r-- | api/src/routes/guilds/#guild_id/bans.ts | 31 |
1 files changed, 23 insertions, 8 deletions
diff --git a/api/src/routes/guilds/#guild_id/bans.ts b/api/src/routes/guilds/#guild_id/bans.ts index 7ccf34d7..1ce41936 100644 --- a/api/src/routes/guilds/#guild_id/bans.ts +++ b/api/src/routes/guilds/#guild_id/bans.ts @@ -33,17 +33,32 @@ router.get("/", route({ permission: "BAN_MEMBERS" }), async (req: Request, res: const { guild_id } = req.params; let bans = await Ban.find({ guild_id: guild_id }); + let promisesToAwait: object[] = []; + const bansObj: object[] = []; - /* Filter secret from database registry.*/ + bans.filter((ban) => ban.user_id !== ban.executor_id); // pretend self-bans don't exist to prevent victim chasing - bans.filter(ban => ban.user_id !== ban.executor_id); - // pretend self-bans don't exist to prevent victim chasing - - bans.forEach((registry: BanRegistrySchema) => { - delete registry.ip; + bans.forEach((ban) => { + promisesToAwait.push(User.getPublicUser(ban.user_id)); }); - - return res.json(bans); + + const bannedUsers: object[] = await Promise.all(promisesToAwait); + + bans.forEach((ban, index) => { + const user = bannedUsers[index] as User; + bansObj.push({ + reason: ban.reason, + user: { + username: user.username, + discriminator: user.discriminator, + id: user.id, + avatar: user.avatar, + public_flags: user.public_flags + } + }); + }); + + return res.json(bansObj); }); router.get("/:user", route({ permission: "BAN_MEMBERS" }), async (req: Request, res: Response) => { |