Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
car-crushers-portal/functions/api/appeals/submit.ts
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
126 lines (109 sloc)
3.31 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import { jsonError, jsonResponse } from "../../common.js"; | |
| export async function onRequestGet(context: RequestContext) { | |
| const { current_user: currentUser } = context.data; | |
| if ( | |
| !currentUser.email || | |
| (await context.env.DATA.get("appeal_disabled")) || | |
| (await context.env.D1.prepare( | |
| "SELECT id FROM appeals WHERE open = 1 AND user = ?;", | |
| ) | |
| .bind(currentUser.id) | |
| .first()) || | |
| (await context.env.DATA.get(`blockedappeal_${currentUser.id}`)) | |
| ) | |
| return jsonResponse('{"can_appeal":false}'); | |
| return jsonResponse('{"can_appeal":true}'); | |
| } | |
| export async function onRequestPost(context: RequestContext) { | |
| if (await context.env.DATA.get("appeal_disabled")) | |
| return jsonError("Appeals are disabled", 403); | |
| const { learned, senderTokenId, whyBanned, whyUnban } = context.data.body; | |
| if ( | |
| typeof learned !== "string" || | |
| typeof whyBanned !== "string" || | |
| typeof whyUnban !== "string" || | |
| !learned.length || | |
| learned.length > 2000 || | |
| !whyBanned.length || | |
| whyBanned.length > 500 || | |
| !whyUnban.length || | |
| whyUnban.length > 2000 | |
| ) | |
| return jsonError("One or more fields are missing or invalid", 400); | |
| const { current_user: currentUser } = context.data; | |
| if (!currentUser.email) return jsonError("No email for this session", 403); | |
| const existingBlockedAppeal = await context.env.DATA.get( | |
| `blockedappeal_${currentUser.id}`, | |
| ); | |
| if ( | |
| existingBlockedAppeal || | |
| (await context.env.D1.prepare( | |
| "SELECT approved FROM appeals WHERE approved IS NULL AND json_extract(user, '$.id') = ?;", | |
| ) | |
| .bind(currentUser.id) | |
| .first()) | |
| ) | |
| return jsonError("Appeal already submitted", 403); | |
| if ( | |
| await context.env.D1.prepare("SELECT * FROM appeal_bans WHERE user = ?;") | |
| .bind(currentUser.id) | |
| .first() | |
| ) { | |
| await context.env.DATA.put(`blockedappeal_${currentUser.id}`, "1", { | |
| metadata: { email: currentUser.email }, | |
| }); | |
| return new Response(null, { | |
| status: 204, | |
| }); | |
| } | |
| const appealId = `${currentUser.id}${Date.now()}${crypto | |
| .randomUUID() | |
| .replaceAll("-", "")}`; | |
| await context.env.D1.prepare( | |
| "INSERT INTO appeals (ban_reason, created_at, id, learned, reason_for_unban, user) VALUES (?, ?, ?, ?, ?, ?);", | |
| ) | |
| .bind( | |
| whyBanned, | |
| Date.now(), | |
| appealId, | |
| learned, | |
| whyUnban, | |
| JSON.stringify({ | |
| email: currentUser.email, | |
| id: currentUser.id, | |
| username: currentUser.username, | |
| }), | |
| ) | |
| .run(); | |
| if (typeof senderTokenId === "string") { | |
| await context.env.D1.prepare( | |
| "INSERT INTO push_notifications (created_at, event_id, event_type, token) VALUES (?, ?, 'appeal', ?)", | |
| ) | |
| .bind(Date.now(), appealId, senderTokenId) | |
| .run(); | |
| } | |
| await fetch(context.env.APPEALS_WEBHOOK, { | |
| body: JSON.stringify({ | |
| embeds: [ | |
| { | |
| title: "Appeal Submitted", | |
| color: 3756250, | |
| description: `View this appeal at https://carcrushers.cc/mod-queue?id=${appealId}&type=appeal`, | |
| fields: [ | |
| { | |
| name: "Submitter", | |
| value: `${currentUser.username} (${currentUser.id})`, | |
| }, | |
| ], | |
| }, | |
| ], | |
| }), | |
| headers: { | |
| "content-type": "application/json", | |
| }, | |
| method: "POST", | |
| }); | |
| return new Response(null, { | |
| status: 204, | |
| }); | |
| } |