mirror of https://gitgud.io/fatchan/jschan.git
refactor, dedup the combining of post data into strings for filtering, and blocking post/applying ban. also improve the comments. previously was ugly and duplicated between makepost and editpost model
parent
f75fd6dfad
commit
7893947ee6
4 changed files with 117 additions and 96 deletions
@ -0,0 +1,50 @@ |
|||||||
|
'use strict'; |
||||||
|
|
||||||
|
const { Bans } = require(__dirname+'/../../db/') |
||||||
|
, dynamicResponse = require(__dirname+'/../misc/dynamic.js'); |
||||||
|
|
||||||
|
//ehhh, kinda too many args
|
||||||
|
module.exports = async (req, res, hitGlobalFilter, boardFilterMode, globalFilterMode, |
||||||
|
boardFilterBanDuration, globalFilterBanDuration, filterBanAppealable, redirect) => { |
||||||
|
|
||||||
|
//global filter mode takes prio
|
||||||
|
const useFilterMode = hitGlobalFilter ? globalFilterMode : boardFilterMode; |
||||||
|
|
||||||
|
if (useFilterMode === 1) { |
||||||
|
return dynamicResponse(req, res, 400, 'message', { |
||||||
|
'title': 'Bad request', |
||||||
|
'message': 'Your post was blocked by a word filter', |
||||||
|
'redirect': redirect |
||||||
|
}); |
||||||
|
} else { |
||||||
|
const useFilterBanDuration = hitGlobalFilter ? globalFilterBanDuration : boardFilterBanDuration; |
||||||
|
const banBoard = hitGlobalFilter ? null : res.locals.board._id; |
||||||
|
const banDate = new Date(); |
||||||
|
const banExpiry = new Date(useFilterBanDuration + banDate.getTime()); |
||||||
|
const ban = { |
||||||
|
'ip': { |
||||||
|
'cloak': res.locals.ip.cloak, |
||||||
|
'raw': res.locals.ip.raw, |
||||||
|
}, |
||||||
|
'type': res.locals.anonymizer ? 1 : 0, |
||||||
|
'range': 0, |
||||||
|
'reason': `${hitGlobalFilter ? 'global ' :''}word filter auto ban`, |
||||||
|
'board': banBoard, |
||||||
|
'posts': null, |
||||||
|
'issuer': 'system', //todo: make a "system" property instead?
|
||||||
|
'date': banDate, |
||||||
|
'expireAt': banExpiry, |
||||||
|
'allowAppeal': hitGlobalFilter ? filterBanAppealable : true, |
||||||
|
'showUser': true, |
||||||
|
'seen': false |
||||||
|
}; |
||||||
|
const insertedResult = await Bans.insertOne(ban); |
||||||
|
//add and delete some props for the dynamic response
|
||||||
|
ban._id = insertedResult.insertedId; |
||||||
|
ban.ip.raw = null; |
||||||
|
return dynamicResponse(req, res, 403, 'ban', { |
||||||
|
bans: [ban] |
||||||
|
}); |
||||||
|
} |
||||||
|
|
||||||
|
}; |
@ -0,0 +1,35 @@ |
|||||||
|
'use strict'; |
||||||
|
|
||||||
|
module.exports = (req, res, strict=false) => { |
||||||
|
|
||||||
|
//combines a bunch of parts of the post (name, subject, message, filenames+phashes)
|
||||||
|
const fileStrings = res.locals.numFiles === 0 ? '' : req.files.file.map(f => `${f.name}|${f.phash || ''}`).join('|'); |
||||||
|
const combinedString = [req.body.name, req.body.message, req.body.subject, req.body.email, fileStrings].join('|').toLowerCase(); |
||||||
|
let strictCombinedString = combinedString; |
||||||
|
|
||||||
|
//"strict" filtering adds a bunch of permutations to also compare filters with;
|
||||||
|
if (strict === true) { |
||||||
|
|
||||||
|
//diacritics and "zalgo" removed
|
||||||
|
strictCombinedString += combinedString.normalize('NFD').replace(/[\u0300-\u036f]/g, ''); |
||||||
|
|
||||||
|
//zero width spaces removed
|
||||||
|
strictCombinedString += combinedString.replace(/[\u200B-\u200D\uFEFF]/g, ''); |
||||||
|
|
||||||
|
//just a-z, 0-9, . and -
|
||||||
|
strictCombinedString += combinedString.replace(/[^a-zA-Z0-9.-]+/gm, ''); |
||||||
|
|
||||||
|
//urlendoded characters in URLs replaced (todo: remove this if/when the url regex gets updated to no longer match these)
|
||||||
|
strictCombinedString += combinedString.split(/(\%[^\%]+)/).map(part => { |
||||||
|
try { |
||||||
|
return decodeURIComponent(part); |
||||||
|
} catch(e) { |
||||||
|
return ''; |
||||||
|
} |
||||||
|
}).join(''); |
||||||
|
|
||||||
|
} |
||||||
|
|
||||||
|
return [combinedString, strictCombinedString]; |
||||||
|
|
||||||
|
}; |
Loading…
Reference in new issue