reports api endpoint ref #366

3 years ago · 9e62be3404
parent a1417d2bff
commit 9e62be3404
4 changed files with 75 additions and 37 deletions
--- a/controllers/pages.js
+++ b/controllers/pages.js
@ -52,7 +52,7 @@ router.get('/:board/banners.html', Boards.exists, banners); //banners
 router.get('/randombanner', randombanner); //random banner

 //board manage pages
-router.get('/:board/manage/reports.html', useSession, sessionRefresh, isLoggedIn, Boards.exists, calcPerms, hasPerms(3), csrf, manageReports);
+router.get('/:board/manage/reports.(html|json)', useSession, sessionRefresh, isLoggedIn, Boards.exists, calcPerms, hasPerms(3), csrf, manageReports);
 router.get('/:board/manage/recent.(html|json)', useSession, sessionRefresh, isLoggedIn, Boards.exists, calcPerms, hasPerms(3), csrf, manageRecent);
 router.get('/:board/manage/bans.html', useSession, sessionRefresh, isLoggedIn, Boards.exists, calcPerms, hasPerms(3), csrf, manageBans);
 router.get('/:board/manage/logs.html', useSession, sessionRefresh, isLoggedIn, Boards.exists, calcPerms, hasPerms(3), csrf, manageLogs);
@ -64,7 +64,7 @@ router.get('/:board/manage/:page(1[0-9]{1,}|[2-9][0-9]{0,}|index).html', useSess
 router.get('/:board/manage/thread/:id([1-9][0-9]{0,}).html', useSession, sessionRefresh, isLoggedIn, Boards.exists, threadParamConverter, calcPerms, hasPerms(3), csrf, Posts.exists, manageThread);

 //global manage pages
-router.get('/globalmanage/reports.html', useSession, sessionRefresh, isLoggedIn, calcPerms, hasPerms(1), csrf, globalManageReports);
+router.get('/globalmanage/reports.(html|json)', useSession, sessionRefresh, isLoggedIn, calcPerms, hasPerms(1), csrf, globalManageReports);
 router.get('/globalmanage/bans.html', useSession, sessionRefresh, isLoggedIn, calcPerms, hasPerms(1), csrf, globalManageBans);
 router.get('/globalmanage/recent.(html|json)', useSession, sessionRefresh, isLoggedIn, calcPerms, hasPerms(1), csrf, globalManageRecent);
 router.get('/globalmanage/boards.(html|json)', useSession, sessionRefresh, isLoggedIn, calcPerms, hasPerms(1), globalManageBoards);
--- a/db/posts.js
+++ b/db/posts.js
@ -529,23 +529,43 @@ module.exports = {
 		})
 	},

-	getReports: (board) => {
-		return db.find({
+	getReports: async (board, permLevel) => {
+		const projection = {
+			'salt': 0,
+			'password': 0,
+			'globalreports': 0,
+		};
+		if (permLevel > config.get.ipHashPermLevel) {
+			projection['ip.raw'] = 0;
+			projection['reports'] = { ip: { raw: 0 } };
+		}
+		const posts = await db.find({
 			'reports.0': {
 				'$exists': true
 			},
 			'board': board
-		}, {
-			'projection': {
-				'salt': 0,
-				'password': 0,
-				//'ip': 0,
-				'globalreports': 0,
-			}
-		}).toArray();
+		}, { projection }).toArray();
+		posts.forEach(p => {
+			p.ip.single = p.ip.single.slice(-10);
+			p.ip.qrange = p.ip.qrange.slice(-10);
+			p.ip.hrange = p.ip.hrange.slice(-10);
+			p.reports.forEach(r => {
+				r.ip.single = r.ip.single.slice(-10);
+			});
+		});
+		return posts;
 	},

-	getGlobalReports: (offset=0, limit, ip) => {
+	getGlobalReports: async (offset=0, limit, ip, permLevel) => {
+		const projection = {
+			'salt': 0,
+			'password': 0,
+			'reports': 0,
+		};
+		if (permLevel > config.get.ipHashPermLevel) {
+			projection['ip.raw'] = 0;
+			projection['globalreports'] = { ip: { raw: 0 } };
+		}
 		const query = {
 			'globalreports.0': {
 				'$exists': true
@ -562,13 +582,16 @@ module.exports = {
 				{ 'globalreports.ip.raw': ip }
 			];
 		}
-		return db.find(query, {
-			'projection': {
-				'salt': 0,
-				'password': 0,
-				'reports': 0,
-			}
-		}).skip(offset).limit(limit).toArray();
+		const posts = await db.find(query, { projection }).skip(offset).limit(limit).toArray();
+		posts.forEach(p => {
+			p.ip.single = p.ip.single.slice(-10);
+			p.ip.qrange = p.ip.qrange.slice(-10);
+			p.ip.hrange = p.ip.hrange.slice(-10);
+			p.globalreports.forEach(r => {
+				r.ip.single = r.ip.single.slice(-10);
+			});
+		});
+		return posts;
 	},

 	deleteOne: (board, options) => {
--- a/models/pages/globalmanage/reports.js
+++ b/models/pages/globalmanage/reports.js
@ -12,19 +12,28 @@ module.exports = async (req, res, next) => {

 	let reports;
 	try {
-		reports = await Posts.getGlobalReports(offset, limit, ipMatch);
+		reports = await Posts.getGlobalReports(offset, limit, ipMatch, res.locals.permLevel);
 	} catch (err) {
 		return next(err)
 	}

-	res
-	.set('Cache-Control', 'private, max-age=5')
-	.render('globalmanagereports', {
-		csrf: req.csrfToken(),
-		reports,
-		page,
-		ip: ipMatch ? req.query.ip : null,
-		queryString,
-	});
+	res.set('Cache-Control', 'private, max-age=5');
+
+	if (req.path.endsWith('/reports.json')) {
+		res.json({
+			reports,
+			page,
+			ip: ipMatch ? req.query.ip : null,
+			queryString,
+		});
+	} else {
+		res.render('globalmanagereports', {
+			csrf: req.csrfToken(),
+			reports,
+			page,
+			ip: ipMatch ? req.query.ip : null,
+			queryString,
+		});
+	}

 }
--- a/models/pages/manage/reports.js
+++ b/models/pages/manage/reports.js
@ -6,16 +6,22 @@ module.exports = async (req, res, next) => {

 	let reports;
 	try {
-		reports = await Posts.getReports(req.params.board);
+		reports = await Posts.getReports(req.params.board, res.locals.permLevel);
 	} catch (err) {
 		return next(err)
 	}

-	res
-	.set('Cache-Control', 'private, max-age=5')
-	.render('managereports', {
-		csrf: req.csrfToken(),
-		reports,
-	});
+	res.set('Cache-Control', 'private, max-age=5');
+
+	if (req.path.endsWith('/reports.json')) {
+		res.json({
+			reports,
+		});
+	} else {
+		res.render('managereports', {
+			csrf: req.csrfToken(),
+			reports,
+		});
+	}

 }