From 75c38e9cc56fc28fdadb864cbf94c83b00a4693d Mon Sep 17 00:00:00 2001
From: regalijan <r@regalijan.com>
Date: Thu, 19 Oct 2023 16:49:14 -0400
Subject: [PATCH] Move userid validator to ban endpoint
---
functions/api/appeals/[id]/_middleware.ts | 22 ++++++++++++++--------
functions/api/appeals/[id]/ban.ts | 8 ++++++++
2 files changed, 22 insertions(+), 8 deletions(-)
diff --git a/functions/api/appeals/[id]/_middleware.ts b/functions/api/appeals/[id]/_middleware.ts
index ad1f6f1..848479e 100644
--- a/functions/api/appeals/[id]/_middleware.ts
+++ b/functions/api/appeals/[id]/_middleware.ts
@@ -12,16 +12,22 @@ export async function onRequestPost(context: RequestContext) {
const { body } = context.data;
const id = context.params.id as string;
- if (id.search(/^\d{16,19}$/) === -1)
- return new Response('{"error":"Invalid target id"}', {
- headers: {
- "content-type": "application/json",
- },
- status: 400,
- });
-
context.data.targetId = id;
+ if (!new URL(context.request.url).pathname.endsWith("/ban")) {
+ const keyWithMeta = await context.env.DATA.getWithMetadata(`appeal_${id}`);
+
+ if (!keyWithMeta.value)
+ return new Response('{"error":"No appeal with that ID exists"}', {
+ headers: {
+ "content-type": "application/json",
+ },
+ status: 404,
+ });
+
+ context.data.appeal = keyWithMeta;
+ }
+
if (
body.feedback &&
(typeof body.feedback !== "string" || body.feedback.length > 512)
diff --git a/functions/api/appeals/[id]/ban.ts b/functions/api/appeals/[id]/ban.ts
index e9e5f6c..72dbf83 100644
--- a/functions/api/appeals/[id]/ban.ts
+++ b/functions/api/appeals/[id]/ban.ts
@@ -1,6 +1,14 @@
export async function onRequestPost(context: RequestContext) {
const { current_user: currentUser } = context.data;
+ if (context.data.targetId.search(/^\d{16,19}$/) === -1)
+ return new Response('{"error":"Invalid target id"}', {
+ headers: {
+ "content-type": "application/json",
+ },
+ status: 400,
+ });
+
await context.env.DATA.put(
`appealban_${context.data.targetId}`,
JSON.stringify({ moderator: currentUser.id })