diff --git a/api/src/util/entities/blockedEmailDomains.txt b/src/api/util/entities/blockedEmailDomains.txt
index eb88305d..eb88305d 100644
--- a/api/src/util/entities/blockedEmailDomains.txt
+++ b/src/api/util/entities/blockedEmailDomains.txt
diff --git a/api/src/util/entities/trustedEmailDomains.txt b/src/api/util/entities/trustedEmailDomains.txt
index 38ffa4fa..38ffa4fa 100644
--- a/api/src/util/entities/trustedEmailDomains.txt
+++ b/src/api/util/entities/trustedEmailDomains.txt
diff --git a/api/src/util/handlers/Instance.ts b/src/api/util/handlers/Instance.ts
index 6bddfa98..e03c9488 100644
--- a/api/src/util/handlers/Instance.ts
+++ b/src/api/util/handlers/Instance.ts
@@ -9,7 +9,7 @@ export async function initInstance() {
const { autoJoin } = Config.get().guild;
if (autoJoin.enabled && !autoJoin.guilds?.length) {
- let guild = await Guild.findOne({});
+ let guild = await Guild.findOne({ where: {}, order: { id: "ASC" } });
if (guild) {
// @ts-ignore
await Config.set({ guild: { autoJoin: { guilds: [guild.id] } } });
diff --git a/api/src/util/handlers/Message.ts b/src/api/util/handlers/Message.ts
index 48f87dfe..d760d27c 100644
--- a/api/src/util/handlers/Message.ts
+++ b/src/api/util/handlers/Message.ts
@@ -1,31 +1,32 @@
import {
+ Application,
+ Attachment,
Channel,
+ CHANNEL_MENTION,
+ Config,
Embed,
emitEvent,
+ EVERYONE_MENTION,
+ getPermission,
+ getRights,
Guild,
+ HERE_MENTION,
+ HTTPError,
Message,
MessageCreateEvent,
+ MessageCreateSchema,
+ MessageType,
MessageUpdateEvent,
- getPermission,
- getRights,
- CHANNEL_MENTION,
- Snowflake,
- USER_MENTION,
- ROLE_MENTION,
+ OrmUtils,
Role,
- EVERYONE_MENTION,
- HERE_MENTION,
- MessageType,
+ ROLE_MENTION,
User,
- Application,
- Webhook,
- Attachment,
- Config,
+ USER_MENTION,
+ Webhook
} from "@fosscord/util";
-import { HTTPError } from "lambert-server";
-import fetch from "node-fetch";
import cheerio from "cheerio";
-import { MessageCreateSchema } from "../../routes/channels/#channel_id/messages";
+import fetch from "node-fetch";
+
const allow_empty = false;
// TODO: check webhook, application, system author, stickers
// TODO: embed gifs/videos/images
@@ -47,7 +48,7 @@ export async function handleMessage(opts: MessageOptions): Promise<Message> {
const channel = await Channel.findOneOrFail({ where: { id: opts.channel_id }, relations: ["recipients"] });
if (!channel || !opts.channel_id) throw new HTTPError("Channel not found", 404);
- const message = new Message({
+ const message = OrmUtils.mergeDeep(new Message(), {
...opts,
sticker_items: opts.sticker_ids?.map((x) => ({ id: x })),
guild_id: channel.guild_id,
@@ -59,21 +60,21 @@ export async function handleMessage(opts: MessageOptions): Promise<Message> {
});
if (message.content && message.content.length > Config.get().limits.message.maxCharacters) {
- throw new HTTPError("Content length over max character limit")
+ throw new HTTPError("Content length over max character limit");
}
if (opts.author_id) {
message.author = await User.getPublicUser(opts.author_id);
const rights = await getRights(opts.author_id);
rights.hasThrow("SEND_MESSAGES");
- }
+ }
if (opts.application_id) {
- message.application = await Application.findOneOrFail({ id: opts.application_id });
+ message.application = await Application.findOneOrFail({ where: { id: opts.application_id } });
}
if (opts.webhook_id) {
- message.webhook = await Webhook.findOneOrFail({ id: opts.webhook_id });
+ message.webhook = await Webhook.findOneOrFail({ where: { id: opts.webhook_id } });
}
-
+
const permission = await getPermission(opts.author_id, channel.guild_id, opts.channel_id);
permission.hasThrow("SEND_MESSAGES");
if (permission.cache.member) {
@@ -85,10 +86,12 @@ export async function handleMessage(opts: MessageOptions): Promise<Message> {
permission.hasThrow("READ_MESSAGE_HISTORY");
// code below has to be redone when we add custom message routing
if (message.guild_id !== null) {
- const guild = await Guild.findOneOrFail({ id: channel.guild_id });
+ const guild = await Guild.findOneOrFail({ where: { id: channel.guild_id } });
if (!guild.features.includes("CROSS_CHANNEL_REPLIES")) {
- if (opts.message_reference.guild_id !== channel.guild_id) throw new HTTPError("You can only reference messages from this guild");
- if (opts.message_reference.channel_id !== opts.channel_id) throw new HTTPError("You can only reference messages from this channel");
+ if (opts.message_reference.guild_id !== channel.guild_id)
+ throw new HTTPError("You can only reference messages from this guild");
+ if (opts.message_reference.channel_id !== opts.channel_id)
+ throw new HTTPError("You can only reference messages from this channel");
}
}
/** Q: should be checked if the referenced message exists? ANSWER: NO
@@ -98,17 +101,18 @@ export async function handleMessage(opts: MessageOptions): Promise<Message> {
}
// TODO: stickers/activity
- if (!allow_empty && (!opts.content && !opts.embeds?.length && !opts.attachments?.length && !opts.sticker_ids?.length)) {
+ if (!allow_empty && !opts.content && !opts.embeds?.length && !opts.attachments?.length && !opts.sticker_ids?.length) {
throw new HTTPError("Empty messages are not allowed", 50006);
}
- var content = opts.content;
- var mention_channel_ids = [] as string[];
- var mention_role_ids = [] as string[];
- var mention_user_ids = [] as string[];
- var mention_everyone = false;
+ let content = opts.content;
+ let mention_channel_ids = [] as string[];
+ let mention_role_ids = [] as string[];
+ let mention_user_ids = [] as string[];
+ let mention_everyone = false;
- if (content) { // TODO: explicit-only mentions
+ if (content) {
+ // TODO: explicit-only mentions
message.content = content.trim();
for (const [_, mention] of content.matchAll(CHANNEL_MENTION)) {
if (!mention_channel_ids.includes(mention)) mention_channel_ids.push(mention);
@@ -120,7 +124,7 @@ export async function handleMessage(opts: MessageOptions): Promise<Message> {
await Promise.all(
Array.from(content.matchAll(ROLE_MENTION)).map(async ([_, mention]) => {
- const role = await Role.findOneOrFail({ id: mention, guild_id: channel.guild_id });
+ const role = await Role.findOneOrFail({ where: { id: mention, guild_id: channel.guild_id } });
if (role.mentionable || permission.has("MANAGE_ROLES")) {
mention_role_ids.push(mention);
}
@@ -132,9 +136,9 @@ export async function handleMessage(opts: MessageOptions): Promise<Message> {
}
}
- message.mention_channels = mention_channel_ids.map((x) => new Channel({ id: x }));
- message.mention_roles = mention_role_ids.map((x) => new Role({ id: x }));
- message.mentions = mention_user_ids.map((x) => new User({ id: x }));
+ message.mention_channels = mention_channel_ids.map((x) => OrmUtils.mergeDeep(new Channel(), { id: x }));
+ message.mention_roles = mention_role_ids.map((x) => OrmUtils.mergeDeep(new Role(), { id: x }));
+ message.mentions = mention_user_ids.map((x) => OrmUtils.mergeDeep(new User(), { id: x }));
message.mention_everyone = mention_everyone;
// TODO: check and put it all in the body
@@ -144,7 +148,7 @@ export async function handleMessage(opts: MessageOptions): Promise<Message> {
// TODO: cache link result in db
export async function postHandleMessage(message: Message) {
- var links = message.content?.match(LINK_REGEX);
+ let links = message.content?.match(LINK_REGEX);
if (!links) return;
const data = { ...message };
@@ -156,7 +160,7 @@ export async function postHandleMessage(message: Message) {
try {
const request = await fetch(link, {
...DEFAULT_FETCH_OPTIONS,
- size: Config.get().limits.message.maxEmbedDownloadSize,
+ size: Config.get().limits.message.maxEmbedDownloadSize
});
const text = await request.text();
@@ -201,9 +205,10 @@ export async function postHandleMessage(message: Message) {
export async function sendMessage(opts: MessageOptions) {
const message = await handleMessage({ ...opts, timestamp: new Date() });
+ //TODO: check this, removed toJSON call
await Promise.all([
Message.insert(message),
- emitEvent({ event: "MESSAGE_CREATE", channel_id: opts.channel_id, data: message.toJSON() } as MessageCreateEvent)
+ emitEvent({ event: "MESSAGE_CREATE", channel_id: opts.channel_id, data: message } as MessageCreateEvent)
]);
postHandleMessage(message).catch((e) => {}); // no await as it should catch error non-blockingly
diff --git a/api/src/util/handlers/Voice.ts b/src/api/util/handlers/Voice.ts
index 4d60eb91..4d60eb91 100644
--- a/api/src/util/handlers/Voice.ts
+++ b/src/api/util/handlers/Voice.ts
diff --git a/api/src/util/handlers/route.ts b/src/api/util/handlers/route.ts
index 3d3bbc37..d43ae103 100644
--- a/api/src/util/handlers/route.ts
+++ b/src/api/util/handlers/route.ts
@@ -1,8 +1,6 @@
import {
DiscordApiErrors,
EVENT,
- Event,
- EventData,
FieldErrors,
FosscordApiErrors,
getPermission,
@@ -12,14 +10,14 @@ import {
RightResolvable,
Rights
} from "@fosscord/util";
+import Ajv from "ajv";
+import addFormats from "ajv-formats";
+import { AnyValidateFunction } from "ajv/dist/core";
import { NextFunction, Request, Response } from "express";
import fs from "fs";
import path from "path";
-import Ajv from "ajv";
-import { AnyValidateFunction } from "ajv/dist/core";
-import addFormats from "ajv-formats";
-const SchemaPath = path.join(__dirname, "..", "..", "..", "assets", "schemas.json");
+const SchemaPath = path.join(__dirname, "..", "..", "..", "..", "assets", "schemas.json");
const schemas = JSON.parse(fs.readFileSync(SchemaPath, { encoding: "utf8" }));
export const ajv = new Ajv({
@@ -87,7 +85,7 @@ const normalizeBody = (body: any = {}) => {
};
export function route(opts: RouteOptions) {
- var validate: AnyValidateFunction<any> | undefined;
+ let validate: AnyValidateFunction<any> | undefined;
if (opts.body) {
validate = ajv.getSchema(opts.body);
if (!validate) throw new Error(`Body schema ${opts.body} not found`);
@@ -117,6 +115,11 @@ export function route(opts: RouteOptions) {
const valid = validate(normalizeBody(req.body));
if (!valid) {
const fields: Record<string, { code?: string; message: string }> = {};
+ if (process.env.LOG_INVALID_BODY) {
+ console.log(`Got invalid request: ${req.method} ${req.originalUrl}`);
+ console.log(req.body);
+ validate.errors?.forEach((x) => console.log(x.params));
+ }
validate.errors?.forEach((x) => (fields[x.instancePath.slice(1)] = { code: x.keyword, message: x.message || "" }));
throw FieldErrors(fields);
}
diff --git a/api/src/util/index.ts b/src/api/util/index.ts
index ffbcf24e..31e75325 100644
--- a/api/src/util/index.ts
+++ b/src/api/util/index.ts
@@ -1,8 +1,10 @@
+export * from "./entities/AssetCacheItem";
+export * from "./handlers/Message";
+export * from "./handlers/route";
+export * from "./handlers/Voice";
export * from "./utility/Base64";
export * from "./utility/ipAddress";
-export * from "./handlers/Message";
export * from "./utility/passwordStrength";
export * from "./utility/RandomInviteID";
-export * from "./handlers/route";
export * from "./utility/String";
-export * from "./handlers/Voice";
+export * from "./utility/captcha";
\ No newline at end of file
diff --git a/api/src/util/utility/Base64.ts b/src/api/util/utility/Base64.ts
index 46cff77a..46cff77a 100644
--- a/api/src/util/utility/Base64.ts
+++ b/src/api/util/utility/Base64.ts
diff --git a/api/src/util/utility/RandomInviteID.ts b/src/api/util/utility/RandomInviteID.ts
index 7ea344e0..feebfd3d 100644
--- a/api/src/util/utility/RandomInviteID.ts
+++ b/src/api/util/utility/RandomInviteID.ts
@@ -22,11 +22,10 @@ export function snowflakeBasedInvite() {
// snowflakes hold ~10.75 characters worth of entropy;
// safe to generate a 8-char invite out of them
let str = "";
- for (let i=0; i < 10; i++) {
-
+ for (let i = 0; i < 10; i++) {
str.concat(chars.charAt(Number(snowflake % base)));
snowflake = snowflake / base;
}
-
- return str.substr(3,8).split("").reverse().join("");
+
+ return str.substr(3, 8).split("").reverse().join("");
}
diff --git a/api/src/util/utility/String.ts b/src/api/util/utility/String.ts
index 982b7e11..a2e491e4 100644
--- a/api/src/util/utility/String.ts
+++ b/src/api/util/utility/String.ts
@@ -1,6 +1,6 @@
+import { FieldErrors } from "@fosscord/util";
import { Request } from "express";
import { ntob } from "./Base64";
-import { FieldErrors } from "@fosscord/util";
export function checkLength(str: string, min: number, max: number, key: string, req: Request) {
if (str.length < min || str.length > max) {
diff --git a/api/src/util/utility/ipAddress.ts b/src/api/util/utility/ipAddress.ts
index 13cc9603..c96feb9e 100644
--- a/api/src/util/utility/ipAddress.ts
+++ b/src/api/util/utility/ipAddress.ts
@@ -65,7 +65,7 @@ export async function IPAnalysis(ip: string): Promise<typeof exampleData> {
const { ipdataApiKey } = Config.get().security;
if (!ipdataApiKey) return { ...exampleData, ip };
- return (await fetch(`https://api.ipdata.co/${ip}?api-key=${ipdataApiKey}`)).json();
+ return (await fetch(`https://api.ipdata.co/${ip}?api-key=${ipdataApiKey}`)).json() as any;
}
export function isProxy(data: typeof exampleData) {
@@ -78,7 +78,11 @@ export function isProxy(data: typeof exampleData) {
export function getIpAdress(req: Request): string {
// @ts-ignore
- return req.headers[Config.get().security.forwadedFor] || req.socket.remoteAddress;
+ return (
+ req.headers[Config.get().security.forwadedFor as string] ||
+ req.headers[Config.get().security.forwadedFor?.toLowerCase() as string] ||
+ req.socket.remoteAddress
+ );
}
export function distanceBetweenLocations(loc1: any, loc2: any): number {
diff --git a/api/src/util/utility/passwordStrength.ts b/src/api/util/utility/passwordStrength.ts
index 439700d0..ff83d3df 100644
--- a/api/src/util/utility/passwordStrength.ts
+++ b/src/api/util/utility/passwordStrength.ts
@@ -1,5 +1,4 @@
import { Config } from "@fosscord/util";
-import "missing-native-js-functions";
const reNUMBER = /[0-9]/g;
const reUPPERCASELETTER = /[A-Z]/g;
@@ -19,7 +18,7 @@ const blocklist: string[] = []; // TODO: update ones passwordblocklist is stored
*/
export function checkPassword(password: string): number {
const { minLength, minNumbers, minUpperCase, minSymbols } = Config.get().register.password;
- var strength = 0;
+ let strength = 0;
// checks for total password len
if (password.length >= minLength - 1) {
@@ -45,16 +44,16 @@ export function checkPassword(password: string): number {
if (password.length == password.count(reNUMBER) || password.length === password.count(reUPPERCASELETTER)) {
strength = 0;
}
-
+
let entropyMap: { [key: string]: number } = {};
for (let i = 0; i < password.length; i++) {
if (entropyMap[password[i]]) entropyMap[password[i]]++;
else entropyMap[password[i]] = 1;
}
-
+
let entropies = Object.values(entropyMap);
-
- entropies.map(x => (x / entropyMap.length));
- strength += entropies.reduceRight((a: number, x: number) => a - (x * Math.log2(x))) / Math.log2(password.length);
+
+ entropies.map((x) => x / entropyMap.length);
+ strength += entropies.reduceRight((a: number, x: number) => a - x * Math.log2(x)) / Math.log2(password.length);
return strength;
}
|
