From fa2d97de25d6a7981a3b812970acfb361b2fb474 Mon Sep 17 00:00:00 2001
From: Regalijan <r@regalijan.com>
Date: Mon, 15 Apr 2024 17:22:17 -0400
Subject: [PATCH] Remove bypass property

---
 app/routes/report.tsx           |  1 -
 functions/api/reports/submit.ts | 23 +++--------------------
 2 files changed, 3 insertions(+), 21 deletions(-)

diff --git a/app/routes/report.tsx b/app/routes/report.tsx
index 52198ed..4263a92 100644
--- a/app/routes/report.tsx
+++ b/app/routes/report.tsx
@@ -130,7 +130,6 @@ export default function () {
 
     const submitReq = await fetch("/api/reports/submit", {
       body: JSON.stringify({
-        bypass: false,
         description: description || undefined,
         files: filelist,
         turnstileResponse: logged_in ? undefined : turnstileToken,
diff --git a/functions/api/reports/submit.ts b/functions/api/reports/submit.ts
index 5ce69f5..13848da 100644
--- a/functions/api/reports/submit.ts
+++ b/functions/api/reports/submit.ts
@@ -2,15 +2,8 @@ import { jsonError, jsonResponse } from "../../common.js";
 import upload from "../../upload.js";
 
 export async function onRequestPost(context: RequestContext) {
-  const {
-    actions,
-    bypass,
-    description,
-    files,
-    senderTokenId,
-    turnstileResponse,
-    usernames,
-  } = context.data.body;
+  const { description, files, senderTokenId, turnstileResponse, usernames } =
+    context.data.body;
 
   if (!context.data.current_user) {
     if (typeof turnstileResponse !== "string")
@@ -36,15 +29,6 @@ export async function onRequestPost(context: RequestContext) {
     if (!success) return jsonError("Captcha test failed", 403);
   }
 
-  const origin = context.request.headers.get("Origin");
-  if (!origin) return jsonError("No origin header", 400);
-
-  if (bypass && !(context.data.current_user?.permissions & (1 << 5)))
-    return jsonError("Bypass directive cannot be used", 403);
-
-  if (typeof bypass !== "boolean")
-    return jsonError("Bypass must be a boolean", 400);
-
   if (!Array.isArray(usernames))
     return jsonError("Usernames must be type of array", 400);
 
@@ -218,7 +202,6 @@ export async function onRequestPost(context: RequestContext) {
       created_at: Date.now(),
       fcm_token: typeof senderTokenId === "string" ? senderTokenId : undefined,
       id: reportId,
-      open: !bypass,
       user: currentUser
         ? {
             email: currentUser.email,
@@ -235,7 +218,7 @@ export async function onRequestPost(context: RequestContext) {
     await context.env.D1.prepare(
       "INSERT INTO reports (created_at, id, open, user) VALUES (?, ?, ?, ?);",
     )
-      .bind(Date.now(), reportId, Number(!bypass), currentUser?.id || null)
+      .bind(Date.now(), reportId, 1, currentUser?.id || null)
       .run();
   } catch {}