From 0259d5e21762c7c95d65b6f7596adc611caa72c4 Mon Sep 17 00:00:00 2001
From: regalijan <r@regalijan.com>
Date: Thu, 19 Oct 2023 16:51:04 -0400
Subject: [PATCH] Create modern game appeal submission endpoint

---
 functions/api/game-appeals/submit.ts | 65 ++++++++++++++++++++++++++++
 1 file changed, 65 insertions(+)
 create mode 100644 functions/api/game-appeals/submit.ts

diff --git a/functions/api/game-appeals/submit.ts b/functions/api/game-appeals/submit.ts
new file mode 100644
index 0000000..1625a02
--- /dev/null
+++ b/functions/api/game-appeals/submit.ts
@@ -0,0 +1,65 @@
+import { jsonError } from "../../common.js";
+import precheck from "./precheck.js";
+
+export async function onRequestPost(context: RequestContext) {
+  const authHeader = context.request.headers.get("authorization");
+
+  if (authHeader !== `Bearer ${context.env.ROBLOX_APPEALS_TOKEN}`)
+    return jsonError("Unauthorized", 401);
+
+  const { id, reasonForUnban, username, whatHappened } = context.data.body;
+
+  if (
+    typeof id !== "number" ||
+    typeof reasonForUnban !== "string" ||
+    typeof username !== "string" ||
+    typeof whatHappened !== "string"
+  )
+    return jsonError("Invalid data", 400);
+
+  if (!reasonForUnban.length || !whatHappened.length)
+    return jsonError("Missing required fields", 400);
+
+  if (reasonForUnban.length > 5000 || whatHappened.length > 5000)
+    return jsonError(
+      "The maximum length of each text field is 5000 characters",
+      400,
+    );
+
+  if (reasonForUnban.length < 100)
+    return jsonError(
+      "Your explanation of why you should be unbanned must be longer",
+      400,
+    );
+
+  if (whatHappened.length < 50)
+    return jsonError("Your explanation of your ban must be longer", 400);
+
+  const precheckData = await precheck(context, id);
+
+  if (precheckData.error)
+    return jsonError("Unable to check your eligibility, try again later", 500);
+
+  if (!precheckData.can_appeal)
+    return jsonError(precheckData.reason as string, 400);
+
+  const appealId = `${id}${context.request.headers
+    .get("cf-ray")
+    ?.split("-")[0]}${Date.now()}`;
+
+  await context.env.DATA.put(
+    `gameappeal_${appealId}`,
+    JSON.stringify({
+      reasonForUnban,
+      whatHappened,
+    }),
+  );
+
+  await context.env.D1.prepare(
+    "INSERT INTO game_appeals (created_at, id, open, user) VALUES (?, ?, ?, ?);",
+  ).bind(Date.now(), appealId, 1, id);
+
+  return new Response(null, {
+    status: 204,
+  });
+}