Mirror/SponsorBlockServer
1
0
Fork 0
mirror of https://github.com/ajayyy/SponsorBlockServer.git synced 2025-12-07 03:57:06 +03:00
Code Issues Packages Projects Releases Wiki Activity

Block voting without submitting and on the same IP

Browse Source
This commit is contained in:
Ajay Ramachandran
2020-07-25 21:35:43 -04:00
parent 005e88d169
commit e71680c8e3
3 changed files with 96 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/app.js
View File

@@ -49,8 +49,8 @@ app.get('/api/skipSegments', getSkipSegments);
app.post('/api/skipSegments', postSkipSegments); app.post('/api/skipSegments', postSkipSegments);
//voting endpoint //voting endpoint
app.get('/api/voteOnSponsorTime', voteOnSponsorTime); app.get('/api/voteOnSponsorTime', voteOnSponsorTime.endpoint);
app.post('/api/voteOnSponsorTime', voteOnSponsorTime); app.post('/api/voteOnSponsorTime', voteOnSponsorTime.endpoint);
//Endpoint when a sponsorTime is used up //Endpoint when a sponsorTime is used up
app.get('/api/viewedVideoSponsorTime', viewedVideoSponsorTime); app.get('/api/viewedVideoSponsorTime', viewedVideoSponsorTime);

20
src/routes/voteOnSponsorTime.js
View File

@@ -71,7 +71,7 @@ function categoryVote(UUID, userID, isVIP, category, hashedIP, res) {
res.sendStatus(200); res.sendStatus(200);
} }
module.exports = async function voteOnSponsorTime(req, res) { async function voteOnSponsorTime(req, res) {
let UUID = req.query.UUID; let UUID = req.query.UUID;
let userID = req.query.userID; let userID = req.query.userID;
let type = req.query.type; let type = req.query.type;
@@ -131,6 +131,9 @@ module.exports = async function voteOnSponsorTime(req, res) {
} else if (type == 0 || type == 10) { } else if (type == 0 || type == 10) {
//downvote //downvote
incrementAmount = -1; incrementAmount = -1;
} else if (type == 20) {
//undo/cancel vote
incrementAmount = 0;
} else { } else {
//unrecongnised type of vote //unrecongnised type of vote
res.sendStatus(400); res.sendStatus(400);
@@ -243,6 +246,12 @@ module.exports = async function voteOnSponsorTime(req, res) {
} }
} }
// Only change the database if they have made a submission before and haven't voted recently
let ableToVote = isVIP
|| (db.prepare("get", "SELECT count(*) as count FROM sponsorTimes WHERE userID = ?", [nonAnonUserID]).count > 0
&& privateDB.prepare("get", "SELECT count(*) as count FROM votes WHERE UUID = ? AND hashedIP = ? AND userID != ?", [UUID, hashedIP, userID]).count === 0);
if (ableToVote) {
//update the votes table //update the votes table
if (votesRow != undefined) { if (votesRow != undefined) {
privateDB.prepare('run', "UPDATE votes SET type = ? WHERE userID = ? AND UUID = ?", [type, userID, UUID]); privateDB.prepare('run', "UPDATE votes SET type = ? WHERE userID = ? AND UUID = ?", [type, userID, UUID]);
@@ -285,8 +294,8 @@ module.exports = async function voteOnSponsorTime(req, res) {
} }
} }
} }
}
//added to db
res.sendStatus(200); res.sendStatus(200);
} catch (err) { } catch (err) {
console.error(err); console.error(err);
@@ -294,3 +303,10 @@ module.exports = async function voteOnSponsorTime(req, res) {
res.status(500).json({error: 'Internal error creating segment vote'}); res.status(500).json({error: 'Internal error creating segment vote'});
} }
} }
module.exports = {
voteOnSponsorTime,
endpoint: function (req, res) {
voteOnSponsorTime(req, res);
},
};

43
test/cases/voteOnSponsorTime.js
View File

@@ -7,17 +7,20 @@ describe('voteOnSponsorTime', () => {
before(() => { before(() => {
let startOfQuery = "INSERT INTO sponsorTimes (videoID, startTime, endTime, votes, UUID, userID, timeSubmitted, views, category, shadowHidden) VALUES"; let startOfQuery = "INSERT INTO sponsorTimes (videoID, startTime, endTime, votes, UUID, userID, timeSubmitted, views, category, shadowHidden) VALUES";
db.exec(startOfQuery + "('vote-testtesttest', 1, 11, 2, 'vote-uuid-0', 'testman', 0, 50, 'sponsor', 0)"); db.exec(startOfQuery + "('vote-testtesttest', 1, 11, 2, 'vote-uuid-0', 'testman', 0, 50, 'sponsor', 0)");
db.exec(startOfQuery + "('vote-testtesttest', 20, 33, 10, 'vote-uuid-2', 'testman', 0, 50, 'intro', 0)"); db.exec(startOfQuery + "('vote-testtesttest2', 1, 11, 2, 'vote-uuid-1', 'testman', 0, 50, 'sponsor', 0)");
db.exec(startOfQuery + "('vote-testtesttest2', 1, 11, 10, 'vote-uuid-1.5', 'testman', 0, 50, 'outro', 0)");
db.exec(startOfQuery + "('vote-testtesttest3', 20, 33, 10, 'vote-uuid-2', 'testman', 0, 50, 'intro', 0)");
db.exec(startOfQuery + "('vote-testtesttest,test', 1, 11, 100, 'vote-uuid-3', 'testman', 0, 50, 'sponsor', 0)"); db.exec(startOfQuery + "('vote-testtesttest,test', 1, 11, 100, 'vote-uuid-3', 'testman', 0, 50, 'sponsor', 0)");
db.exec(startOfQuery + "('vote-test3', 1, 11, 2, 'vote-uuid-4', 'testman', 0, 50, 'sponsor', 0)"); db.exec(startOfQuery + "('vote-test3', 1, 11, 2, 'vote-uuid-4', 'testman', 0, 50, 'sponsor', 0)");
db.exec(startOfQuery + "('vote-test3', 7, 22, -3, 'vote-uuid-5', 'testman', 0, 50, 'intro', 0)"); db.exec(startOfQuery + "('vote-test3', 7, 22, -3, 'vote-uuid-5', 'testman', 0, 50, 'intro', 0)");
db.exec(startOfQuery + "('vote-multiple', 1, 11, 2, 'vote-uuid-6', 'testman', 0, 50, 'intro', 0)"); db.exec(startOfQuery + "('vote-multiple', 1, 11, 2, 'vote-uuid-6', 'testman', 0, 50, 'intro', 0)");
db.exec(startOfQuery + "('vote-multiple', 20, 33, 2, 'vote-uuid-7', 'testman', 0, 50, 'intro', 0)"); db.exec(startOfQuery + "('vote-multiple', 20, 33, 2, 'vote-uuid-7', 'testman', 0, 50, 'intro', 0)");
db.exec(startOfQuery + "('voter-submitter', 1, 11, 2, 'vote-uuid-8', '" + getHash("randomID") + "', 0, 50, 'sponsor', 0)");
db.exec(startOfQuery + "('voter-submitter2', 1, 11, 2, 'vote-uuid-9', '" + getHash("randomID2") + "', 0, 50, 'sponsor', 0)");
db.exec("INSERT INTO vipUsers (userID) VALUES ('" + getHash("VIPUser") + "')"); db.exec("INSERT INTO vipUsers (userID) VALUES ('" + getHash("VIPUser") + "')");
}); });
it('Should be able to upvote a segment', (done) => { it('Should be able to upvote a segment', (done) => {
request.get(utils.getbaseURL() request.get(utils.getbaseURL()
+ "/api/voteOnSponsorTime?userID=randomID&UUID=vote-uuid-0&type=1", null, + "/api/voteOnSponsorTime?userID=randomID&UUID=vote-uuid-0&type=1", null,
@@ -54,6 +57,42 @@ describe('voteOnSponsorTime', () => {
}); });
}); });
it("Should not be able to upvote a segment if the user hasn't submitted yet", (done) => {
request.get(utils.getbaseURL()
+ "/api/voteOnSponsorTime?userID=hasNotSubmittedID&UUID=vote-uuid-1&type=1", null,
(err, res, body) => {
if (err) done(err);
else if (res.statusCode === 200) {
let row = db.prepare('get', "SELECT votes FROM sponsorTimes WHERE UUID = ?", ["vote-uuid-1"]);
if (row.votes === 2) {
done()
} else {
done("Vote did not fail. Submission went from 2 votes to " + row.votes);
}
} else {
done("Status code was " + res.statusCode);
}
});
});
it("Should not be able to downvote a segment if the user hasn't submitted yet", (done) => {
request.get(utils.getbaseURL()
+ "/api/voteOnSponsorTime?userID=hasNotSubmittedID&UUID=vote-uuid-1.5&type=0", null,
(err, res, body) => {
if (err) done(err);
else if (res.statusCode === 200) {
let row = db.prepare('get', "SELECT votes FROM sponsorTimes WHERE UUID = ?", ["vote-uuid-1.5"]);
if (row.votes === 10) {
done()
} else {
done("Vote did not fail. Submission went from 10 votes to " + row.votes);
}
} else {
done("Status code was " + res.statusCode);
}
});
});
it('VIP should be able to completely downvote a segment', (done) => { it('VIP should be able to completely downvote a segment', (done) => {
request.get(utils.getbaseURL() request.get(utils.getbaseURL()
+ "/api/voteOnSponsorTime?userID=VIPUser&UUID=vote-uuid-3&type=0", null, + "/api/voteOnSponsorTime?userID=VIPUser&UUID=vote-uuid-3&type=0", null,