Mirror/SponsorBlockServer
1
0
Fork 0
mirror of https://github.com/ajayyy/SponsorBlockServer.git synced 2025-12-11 14:07:09 +03:00
Code Issues Packages Projects Releases Wiki Activity

Don't allow downvoting dead submissions

Browse Source
This commit is contained in:
Ajay Ramachandran
2021-04-17 16:37:39 -04:00
parent 346485da8c
commit 9d06bda4f8
2 changed files with 26 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/routes/voteOnSponsorTime.ts
View File

@@ -286,13 +286,19 @@ export async function voteOnSponsorTime(req: Request, res: Response) {
return categoryVote(UUID, nonAnonUserID, isVIP, isOwnSubmission, category, hashedIP, finalResponse, res); return categoryVote(UUID, nonAnonUserID, isVIP, isOwnSubmission, category, hashedIP, finalResponse, res);
} }
if (type == 1 && !isVIP && !isOwnSubmission) { if (type !== undefined && !isVIP && !isOwnSubmission) {
// Check if upvoting hidden segment // Check if upvoting hidden segment
const voteInfo = await db.prepare('get', `SELECT votes FROM "sponsorTimes" WHERE "UUID" = ?`, [UUID]); const voteInfo = await db.prepare('get', `SELECT votes FROM "sponsorTimes" WHERE "UUID" = ?`, [UUID]);
if (voteInfo && voteInfo.votes <= -2) { if (voteInfo && voteInfo.votes <= -2) {
if (type == 1) {
res.status(403).send("Not allowed to upvote segment with too many downvotes unless you are VIP."); res.status(403).send("Not allowed to upvote segment with too many downvotes unless you are VIP.");
return; return;
} else if (type == 0) {
// Already downvoted enough, ignore
res.status(200).send();
return;
}
} }
} }

19
test/cases/voteOnSponsorTime.ts
View File

@@ -368,10 +368,25 @@ describe('voteOnSponsorTime', () => {
fetch(getbaseURL() fetch(getbaseURL()
+ "/api/voteOnSponsorTime?userID=randomID2&UUID=vote-uuid-5&type=1") + "/api/voteOnSponsorTime?userID=randomID2&UUID=vote-uuid-5&type=1")
.then(async res => { .then(async res => {
if (res.status === 403) { let row = await db.prepare('get', `SELECT "votes" FROM "sponsorTimes" WHERE "UUID" = ?`, ["vote-uuid-5"]);
if (res.status === 403 && row.votes === -3) {
done(); done();
} else { } else {
done("Status code was " + res.status + " instead of 403"); done("Status code was " + res.status + ", row is " + JSON.stringify(row));
}
})
.catch(err => done(err));
});
it('Non-VIP should not be able to downvote "dead" submission', (done: Done) => {
fetch(getbaseURL()
+ "/api/voteOnSponsorTime?userID=randomID2&UUID=vote-uuid-5&type=0")
.then(async res => {
let row = await db.prepare('get', `SELECT "votes" FROM "sponsorTimes" WHERE "UUID" = ?`, ["vote-uuid-5"]);
if (res.status === 200 && row.votes === -3) {
done();
} else {
done("Status code was " + res.status + ", row is " + JSON.stringify(row));
} }
}) })
.catch(err => done(err)); .catch(err => done(err));