mirror of https://gitgud.io/fatchan/jschan.git
parent
cbc7135c90
commit
e823cad14e
13 changed files with 308 additions and 188 deletions
@ -0,0 +1,29 @@ |
||||
'use strict'; |
||||
|
||||
const Mongo = require(__dirname+'/../helpers/db.js') |
||||
, db = Mongo.client.db('jschan').collection('bans'); |
||||
|
||||
module.exports = { |
||||
|
||||
find: (ip, board) => { |
||||
return db.find({ |
||||
'ip': ip, |
||||
'board': { |
||||
'$in': [board, null] |
||||
} |
||||
}).toArray(); |
||||
}, |
||||
|
||||
insertOne: (ban) => { |
||||
return db.insertOne(ban); |
||||
}, |
||||
|
||||
insertMany: (bans) => { |
||||
return db.insertMany(bans); |
||||
}, |
||||
|
||||
deleteAll: () => { |
||||
return db.deleteMany({}); |
||||
}, |
||||
|
||||
} |
@ -0,0 +1,22 @@ |
||||
'use strict'; |
||||
|
||||
const Bans = require(__dirname+'/../db-models/bans.js') |
||||
, hasPerms = require(__dirname+'/has-perms.js'); |
||||
|
||||
module.exports = async (req, res, next) => { |
||||
|
||||
if (!hasPerms(req, res)) { |
||||
const ip = req.headers['x-real-ip'] || req.connection.remoteAddress; |
||||
const bans = await Bans.find(ip, res.locals.board._id); |
||||
if (bans && bans.length > 0) { |
||||
//TODO: show posts banned for, expiry, etc
|
||||
return res.status(403).render('message', { |
||||
'title': 'Forbidden', |
||||
'message': 'You are banned', |
||||
'redirect': '/' |
||||
}); |
||||
} |
||||
} |
||||
next(); |
||||
|
||||
} |
@ -0,0 +1,52 @@ |
||||
'use strict'; |
||||
|
||||
const uploadDirectory = require(__dirname+'/../../helpers/uploadDirectory.js') |
||||
, hasPerms = require(__dirname+'/../../helpers/has-perms.js') |
||||
, Bans = require(__dirname+'/../../db-models/bans.js') |
||||
, Posts = require(__dirname+'/../../db-models/posts.js'); |
||||
|
||||
module.exports = async (req, res, board) => { |
||||
|
||||
//if user is not logged in or if logged in but not authed, they cannot ban
|
||||
if (!hasPerms(req, res)) { |
||||
throw { |
||||
'status': 403, |
||||
'message': { |
||||
'title': 'Forbidden', |
||||
'message': 'You do not have permission to issue bans', |
||||
'redirect': `/${req.params.board}` |
||||
} |
||||
}; |
||||
} |
||||
|
||||
//get all posts that were checked
|
||||
let posts = await Posts.getPosts(req.params.board, req.body.checked, true); //admin arument true, fetches passwords and salts
|
||||
|
||||
if (!posts || posts.length === 0) { |
||||
throw { |
||||
'status': 400, |
||||
'message': { |
||||
'title': 'Bad requests', |
||||
'message': 'No posts found', |
||||
'redirect': `/${req.params.board}` |
||||
} |
||||
}; |
||||
} |
||||
|
||||
const bans = posts.map(post => { |
||||
return { |
||||
'ip': post.ip, |
||||
'board': board, |
||||
'post': post, |
||||
'issuer': req.session.user.username |
||||
} |
||||
}); |
||||
|
||||
let bannedIps = 0; |
||||
const result = await Bans.insertMany(bans, board); |
||||
console.log(result) |
||||
bannedIps = result.insertedCount; |
||||
|
||||
return `Banned ${bannedIps} ips`; |
||||
|
||||
} |
Loading…
Reference in new issue