From 265a01dcded19114353aff1d296600d3dde7cf84 Mon Sep 17 00:00:00 2001 From: Michael C Date: Wed, 25 Aug 2021 01:56:34 -0400 Subject: [PATCH 1/2] re-shadowban user if user is already shadowbanned but unhideOldSubmissions is true, sets all submissions to hidden. If not true, then return 409 duplicate --- src/routes/shadowBanUser.ts | 22 +++++++++++++++++++-- test/cases/shadowBanUser.ts | 38 +++++++++++++++++++++++++++++++++++++ 2 files changed, 58 insertions(+), 2 deletions(-) diff --git a/src/routes/shadowBanUser.ts b/src/routes/shadowBanUser.ts index 3ecb653..b1196b0 100644 --- a/src/routes/shadowBanUser.ts +++ b/src/routes/shadowBanUser.ts @@ -49,8 +49,8 @@ export async function shadowBanUser(req: Request, res: Response): Promise `'${c}'`).join(",")}) - AND NOT EXISTS ( SELECT "videoID", "category" FROM "lockCategories" WHERE - "sponsorTimes"."videoID" = "lockCategories"."videoID" AND "sponsorTimes"."category" = "lockCategories"."category")`, [userID]); + AND NOT EXISTS ( SELECT "videoID", "category" FROM "lockCategories" WHERE + "sponsorTimes"."videoID" = "lockCategories"."videoID" AND "sponsorTimes"."category" = "lockCategories"."category")`, [userID]); // clear cache for all old videos (await db.prepare("all", `SELECT "videoID", "hashedVideoID", "service", "votes", "views" FROM "sponsorTimes" WHERE "userID" = ?`, [userID])) @@ -84,6 +84,24 @@ export async function shadowBanUser(req: Request, res: Response): Promise `'${c}'`).join(",")})`, [UUID]); })); } + // already shadowbanned + } else if (enabled && row.userCount > 0) { + // apply unHideOldSubmissions if applicable + if (unHideOldSubmissions) { + await db.prepare("run", `UPDATE "sponsorTimes" SET "shadowHidden" = 1 WHERE "userID" = ? AND "category" in (${categories.map((c) => `'${c}'`).join(",")}) + AND NOT EXISTS ( SELECT "videoID", "category" FROM "lockCategories" WHERE + "sponsorTimes"."videoID" = "lockCategories"."videoID" AND "sponsorTimes"."category" = "lockCategories"."category")`, [userID]); + + // clear cache for all old videos + (await db.prepare("all", `SELECT "videoID", "hashedVideoID", "service", "votes", "views" FROM "sponsorTimes" WHERE "userID" = ?`, [userID])) + .forEach((videoInfo: {category: Category, videoID: VideoID, hashedVideoID: VideoIDHash, service: Service, userID: UserID}) => { + QueryCacher.clearVideoCache(videoInfo); + } + ); + return res.sendStatus(200); + } + // otherwise ban already exists, send 409 + return res.sendStatus(409); } } else if (hashedIP) { //check to see if this user is already shadowbanned diff --git a/test/cases/shadowBanUser.ts b/test/cases/shadowBanUser.ts index 419c324..56cf15f 100644 --- a/test/cases/shadowBanUser.ts +++ b/test/cases/shadowBanUser.ts @@ -18,7 +18,11 @@ describe("shadowBanUser", () => { await db.prepare("run", insertQuery, ["testtesttest", 1, 11, 2, 0, "shadow-3-uuid-0", "shadowBanned3", 0, 50, "sponsor", "YouTube", 100, 0, 1, getHash("testtesttest", 1)]); await db.prepare("run", insertQuery, ["testtesttest2", 1, 11, 2, 0, "shadow-3-uuid-0-1", "shadowBanned3", 0, 50, "sponsor", "PeerTube", 120, 0, 1, getHash("testtesttest2", 1)]); await db.prepare("run", insertQuery, ["testtesttest", 20, 33, 2, 0, "shadow-3-uuid-2", "shadowBanned3", 0, 50, "intro", "YouTube", 101, 0, 1, getHash("testtesttest", 1)]); + + await db.prepare("run", insertQuery, ["testtesttest", 21, 34, 2, 0, "shadow-4-uuid-1", "shadowBanned4", 0, 50, "sponsor", "YouTube", 101, 0, 0, getHash("testtesttest", 1)]); + await db.prepare("run", `INSERT INTO "shadowBannedUsers" ("userID") VALUES(?)`, ["shadowBanned3"]); + await db.prepare("run", `INSERT INTO "shadowBannedUsers" ("userID") VALUES(?)`, ["shadowBanned4"]); await db.prepare("run", `INSERT INTO "vipUsers" ("userID") VALUES(?)`, [getHash("shadow-ban-vip")]); }); @@ -106,4 +110,38 @@ describe("shadowBanUser", () => { .catch(err => done(err)); }); + it("Should get 409 when re-shadowbanning user", (done: Done) => { + fetch(`${getbaseURL() + }/api/shadowBanUser?userID=shadowBanned4&adminUserID=shadow-ban-vip&enabled=true&categories=["sponsor"]&unHideOldSubmissions=false`, { + method: "POST" + }) + .then(async res => { + assert.strictEqual(res.status, 409); + const videoRow = await db.prepare("all", `SELECT "shadowHidden", "category" FROM "sponsorTimes" WHERE "userID" = ? AND "shadowHidden" = ?`, ["shadowBanned4", 0]); + const shadowRow = await db.prepare("get", `SELECT * FROM "shadowBannedUsers" WHERE "userID" = ?`, ["shadowBanned4"]); + assert.ok(shadowRow); // ban still exists + assert.strictEqual(videoRow.length, 1); // videos should not be hidden + assert.strictEqual(videoRow[0].category, "sponsor"); + done(); + }) + .catch(err => done(err)); + }); + + it("Should be able to re-shadowban user to hide old submissions", (done: Done) => { + fetch(`${getbaseURL() + }/api/shadowBanUser?userID=shadowBanned4&adminUserID=shadow-ban-vip&enabled=true&categories=["sponsor"]&unHideOldSubmissions=true`, { + method: "POST" + }) + .then(async res => { + assert.strictEqual(res.status, 200); + const videoRow = await db.prepare("all", `SELECT "shadowHidden", "category" FROM "sponsorTimes" WHERE "userID" = ? AND "shadowHidden" = ?`, ["shadowBanned4", 1]); + const shadowRow = await db.prepare("get", `SELECT * FROM "shadowBannedUsers" WHERE "userID" = ?`, ["shadowBanned4"]); + assert.ok(shadowRow); // ban still exists + assert.strictEqual(videoRow.length, 1); // videos should be hidden + assert.strictEqual(videoRow[0].category, "sponsor"); + done(); + }) + .catch(err => done(err)); + }); + }); From c3a5b22dadd699b3f33aefe230ffc0355cb4d189 Mon Sep 17 00:00:00 2001 From: Ajay Ramachandran Date: Sat, 28 Aug 2021 00:18:31 -0400 Subject: [PATCH 2/2] Move unHideSubmissions to helper function --- src/routes/shadowBanUser.ts | 36 ++++++++++++++++-------------------- 1 file changed, 16 insertions(+), 20 deletions(-) diff --git a/src/routes/shadowBanUser.ts b/src/routes/shadowBanUser.ts index b1196b0..bd04760 100644 --- a/src/routes/shadowBanUser.ts +++ b/src/routes/shadowBanUser.ts @@ -48,16 +48,7 @@ export async function shadowBanUser(req: Request, res: Response): Promise `'${c}'`).join(",")}) - AND NOT EXISTS ( SELECT "videoID", "category" FROM "lockCategories" WHERE - "sponsorTimes"."videoID" = "lockCategories"."videoID" AND "sponsorTimes"."category" = "lockCategories"."category")`, [userID]); - - // clear cache for all old videos - (await db.prepare("all", `SELECT "videoID", "hashedVideoID", "service", "votes", "views" FROM "sponsorTimes" WHERE "userID" = ?`, [userID])) - .forEach((videoInfo: {category: Category, videoID: VideoID, hashedVideoID: VideoIDHash, service: Service, userID: UserID}) => { - QueryCacher.clearVideoCache(videoInfo); - } - ); + await unHideSubmissions(categories, userID); } } else if (!enabled && row.userCount > 0) { //remove them from the shadow ban list @@ -88,18 +79,10 @@ export async function shadowBanUser(req: Request, res: Response): Promise 0) { // apply unHideOldSubmissions if applicable if (unHideOldSubmissions) { - await db.prepare("run", `UPDATE "sponsorTimes" SET "shadowHidden" = 1 WHERE "userID" = ? AND "category" in (${categories.map((c) => `'${c}'`).join(",")}) - AND NOT EXISTS ( SELECT "videoID", "category" FROM "lockCategories" WHERE - "sponsorTimes"."videoID" = "lockCategories"."videoID" AND "sponsorTimes"."category" = "lockCategories"."category")`, [userID]); - - // clear cache for all old videos - (await db.prepare("all", `SELECT "videoID", "hashedVideoID", "service", "votes", "views" FROM "sponsorTimes" WHERE "userID" = ?`, [userID])) - .forEach((videoInfo: {category: Category, videoID: VideoID, hashedVideoID: VideoIDHash, service: Service, userID: UserID}) => { - QueryCacher.clearVideoCache(videoInfo); - } - ); + await unHideSubmissions(categories, userID); return res.sendStatus(200); } + // otherwise ban already exists, send 409 return res.sendStatus(409); } @@ -133,3 +116,16 @@ export async function shadowBanUser(req: Request, res: Response): Promise `'${c}'`).join(",")}) + AND NOT EXISTS ( SELECT "videoID", "category" FROM "lockCategories" WHERE + "sponsorTimes"."videoID" = "lockCategories"."videoID" AND "sponsorTimes"."category" = "lockCategories"."category")`, [userID]); + + // clear cache for all old videos + (await db.prepare("all", `SELECT "videoID", "hashedVideoID", "service", "votes", "views" FROM "sponsorTimes" WHERE "userID" = ?`, [userID])) + .forEach((videoInfo: { category: Category; videoID: VideoID; hashedVideoID: VideoIDHash; service: Service; userID: UserID; }) => { + QueryCacher.clearVideoCache(videoInfo); + } + ); //eslint-disable-line +} \ No newline at end of file