diff --git a/api/src/routes/guilds/#guild_id/bans.ts b/api/src/routes/guilds/#guild_id/bans.ts
index e7d46898..1e09a38d 100644
--- a/api/src/routes/guilds/#guild_id/bans.ts
+++ b/api/src/routes/guilds/#guild_id/bans.ts
@@ -6,13 +6,32 @@ import { getIpAdress, route } from "@fosscord/api";
export interface BanCreateSchema {
delete_message_days?: string;
reason?: string;
-}
+};
+
+export interface BanRegistrySchema {
+ id: string;
+ user_id: string;
+ guild_id: string;
+ executor_id: string;
+ ip?: string;
+ reason?: string | undefined;
+};
const router: Router = Router();
+
+/* TODO: Deleting the secrets is just a temporary go-around. Views should be implemented for both safety and better handling. */
+
router.get("/", route({ permission: "BAN_MEMBERS" }), async (req: Request, res: Response) => {
const { guild_id } = req.params;
- var bans = await Ban.find({ guild_id: guild_id });
+ let bans = await Ban.find({ guild_id: guild_id });
+
+ /* Filter secret from database registry.*/
+
+ bans.forEach((registry: BanRegistrySchema) => {
+ delete registry.ip;
+ });
+
return res.json(bans);
});
@@ -20,7 +39,12 @@ router.get("/:user", route({ permission: "BAN_MEMBERS" }), async (req: Request,
const { guild_id } = req.params;
const user_id = req.params.ban;
- var ban = await Ban.findOneOrFail({ guild_id: guild_id, user_id: user_id });
+ let ban = await Ban.findOneOrFail({ guild_id: guild_id, user_id: user_id }) as BanRegistrySchema;
+
+ /* Filter secret from registry. */
+
+ delete ban.ip
+
return res.json(ban);
});
diff --git a/api/src/routes/stop.ts b/api/src/routes/stop.ts
new file mode 100644
index 00000000..c6a3de50
--- /dev/null
+++ b/api/src/routes/stop.ts
@@ -0,0 +1,25 @@
+import { Router, Request, Response } from "express";
+import { route } from "@fosscord/api";
+import { User } from "@fosscord/util";
+
+const router: Router = Router();
+
+router.post("/", route({}), async (req: Request, res: Response) => {
+ //TODO: have an "OPERATOR" platform permission implemented for this API route
+ const user = await User.findOneOrFail({ where: { id: req.user_id }, select: ["flags"] });
+ if(user.flags == '4096') {
+ console.log("user that POSTed to the API was ALLOWED");
+ console.log(user.flags);
+ res.sendStatus(200)
+ process.kill(process.pid, 'SIGTERM')
+ }
+ else {
+ console.log("operation failed");
+ console.log(user.flags);
+ res.sendStatus(403)
+ }
+});
+
+export default router;
+
+//THIS API CAN ONLY BE USED BY USERS WITH THE 'SYSTEM' FLAG ONLY IF ANY OTHER FLAGS ARE ADDED THE REQUEST WILL RETURN 403 'FORBIDDEN'
diff --git a/bundle/src/Server.ts b/bundle/src/Server.ts
index 83ce10c2..71a60d49 100644
--- a/bundle/src/Server.ts
+++ b/bundle/src/Server.ts
@@ -24,6 +24,14 @@ const cdn = new CDNServer({ server, port, production, app });
// @ts-ignore
const gateway = new Gateway.Server({ server, port, production });
+//this is what has been added for the /stop API route
+process.on('SIGTERM', () => {
+ server.close(() => {
+ console.log("Stop API has been successfully POSTed, SIGTERM sent")
+ })
+})
+//this is what has been added for the /stop API route
+
async function main() {
server.listen(port);
await initDatabase();
|
