diff --git a/src/routes/postBranding.ts b/src/routes/postBranding.ts index 1be7572..72c34b4 100644 --- a/src/routes/postBranding.ts +++ b/src/routes/postBranding.ts @@ -56,8 +56,10 @@ export async function postBranding(req: Request, res: Response) { const hashedIP = await getHashCache(getIP(req) + config.globalSalt as IPAddress); const isBanned = await checkBanStatus(hashedUserID, hashedIP); - if (!await canVote(hashedUserID)) { - res.status(200).send("OK"); + const permission = await canVote(hashedUserID); + if (!permission.canSubmit) { + res.status(403).send(permission.reason); + return; } if (videoDuration && thumbnail && await checkForWrongVideoDuration(videoID, videoDuration)) { diff --git a/src/routes/postCasual.ts b/src/routes/postCasual.ts index 9a356c2..e7cba7a 100644 --- a/src/routes/postCasual.ts +++ b/src/routes/postCasual.ts @@ -42,8 +42,10 @@ export async function postCasual(req: Request, res: Response) { const hashedIP = await getHashCache(getIP(req) + config.globalSalt as IPAddress); const isBanned = await checkBanStatus(hashedUserID, hashedIP); - if (!await canVote(hashedUserID)) { - res.status(200).send("OK"); + const permission = await canVote(hashedUserID); + if (!permission.canSubmit) { + res.status(403).send(permission.reason); + return; } const lock = await acquireLock(`postCasual:${videoID}.${hashedUserID}`); diff --git a/src/routes/voteOnSponsorTime.ts b/src/routes/voteOnSponsorTime.ts index 215119d..1eb7c9a 100644 --- a/src/routes/voteOnSponsorTime.ts +++ b/src/routes/voteOnSponsorTime.ts @@ -343,8 +343,12 @@ export async function vote(ip: IPAddress, UUID: SegmentUUID, paramUserID: UserID const nonAnonUserID = await getHashCache(paramUserID); const userID = await getHashCache(paramUserID + UUID); - if (!await canVote(nonAnonUserID)) { - return { status: 200 }; + const permission = await canVote(nonAnonUserID); + if (!permission.canSubmit) { + return { + status: 403, + message: permission.reason + }; } //hash the ip 5000 times so no one can get it from the database