Ban and unban working

client/components/panels/banned-emails.jsx

@@ -2,10 +2,10 @@ import React, { useState, useEffect } from 'react';
 
 const BannedEmails = props => {
 	const [data, setData] = useState(null);
-	let usernameElement, emailElement, dateElement, reasonElement;
+	let usernameElement, emailElement, expiryElement, reasonElement;
 	let unbanElement;
 
-	fetch('/api/admin/banned', { method: 'POST' })
+	fetch('/api/admin/banned', { method: 'GET' })
 		.then(banned => banned.json())
 		.then(banned => !data ? setData(banned) : null)
 		.catch(e => console.error(e))
@@ -30,7 +30,7 @@ const BannedEmails = props => {
 						<td>{entry.username}</td>
 						<td>{entry.email}</td>
 						<td>{entry.privilege}</td>
-						<td>{entry.expiry}</td>
+						<td>{entry.expiry ? (new Date(entry.expiry)).toISOString() : null}</td>
 						<td>{entry.reason}</td>
 					</tr>
 					)}
@@ -38,24 +38,24 @@ const BannedEmails = props => {
 			</table>
 
 			<h2>Ban</h2>
-			<form onSubmit={async e => { e.preventDefault(); await handleBan(usernameElement.value, emailElement.value, dateElement.value, reasonElement.value); }}>
+			<form onSubmit={async e => { e.preventDefault(); await handleBan(usernameElement.value, emailElement.value, expiryElement.value, reasonElement.value); }}>
 				<div>
-					<label htmlFor='username'>Username:</label>
+					<label htmlFor='username'>Username: </label>
 					<input type='text' name='username' ref={e => usernameElement = e} />
 				</div>
 
 				<div>
-					<label htmlFor='email'>Email:</label>
+					<label htmlFor='email'>Email: </label>
 					<input type='email' name='email' ref={e => emailElement = e} />
 				</div>
 
 				<div>
-					<label htmlFor='expiry'>Expiry:</label>
-					<input type='date' name='expiry' ref={e => dateElement = e} />
+					<label htmlFor='expiry'>Expiry: </label>
+					<input type='date' name='expiry' ref={e => expiryElement = e} />
 				</div>
 
 				<div>
-					<label htmlFor='reason'>Reason:</label>
+					<label htmlFor='reason'>Reason: </label>
 					<textarea rows='4' cols='50' name='reason' ref={e => reasonElement = e} />
 				</div>
 
@@ -65,8 +65,8 @@ const BannedEmails = props => {
 			<h2>Unban</h2>
 			<form onSubmit={async e => { e.preventDefault(); await handleUnban(unbanElement.value); }}>
 				<div>
-					<label htmlFor='username'>Unban User</label>
-					<input type='text' name='username' ref={e => unbanElement = e} />
+					<label htmlFor='entry'>Unban User: </label>
+					<input type='text' name='entry' ref={e => unbanElement = e} />
 				</div>
 
 				<button type='submit'>Release From Horny Jail</button>
@@ -75,7 +75,7 @@ const BannedEmails = props => {
 	);
 };
 
-const handleBan = async (username, email, date, reason) => {
+const handleBan = async (username, email, expiry, reason) => {
 	username = username.trim();
 	email = email.trim();
 	reason = reason.trim();
@@ -85,7 +85,7 @@ const handleBan = async (username, email, date, reason) => {
 
 	formData.append('username', username);
 	formData.append('email', email);
-	formData.append('date', date);
+	formData.append('expiry', expiry);
 	formData.append('reason', reason);
 
 	const result = await fetch('/api/admin/ban', { method: 'POST', body: formData });
@@ -93,12 +93,12 @@ const handleBan = async (username, email, date, reason) => {
 	alert(await result.text());
 };
 
-const handleUnban = async (username) => {
-	username = username.trim();
+const handleUnban = async (entry) => {
+	entry = entry.trim();
 
 	let formData = new FormData();
 
-	formData.append('username', username);
+	formData.append('entry', entry);
 
 	const result = await fetch('/api/admin/unban', { method: 'POST', body: formData });
 

server/accounts/deletion.js

@@ -39,7 +39,6 @@ const route = async (req, res) => {
 
 //actually delete the accounts
 cron.schedule('0 * * * *', () => {
-	console.log('wiping accounts');
 	accounts.destroy({
 		where: {
 			deletion: {

server/admin/ban.js

@@ -0,0 +1,40 @@
+const { Op } = require('sequelize');
+const { bannedEmails, accounts } = require('../database/models');
+
+const route = async (req, res) => {
+	//fetch the account based on the email or username
+	const account = await accounts.findOne({
+		attrubutes: ['username', 'email'],
+		where: {
+			[Op.or]: {
+				username: {
+					[Op.eq]: req.fields.username,
+				},
+				email: {
+					[Op.eq]: req.fields.email
+				}
+			}
+		}
+	});
+
+	//just in case
+	if (account && account.privilege == 'administrator') {
+		return res.status(401).send('Couldn\'t ban an admin');
+	}
+
+	//need either an email or an account
+	if (!account && !req.fields.email) {
+		return res.status(401).send('Couldn\'t determine the ban info');
+	}
+
+	//apply the ban
+	await bannedEmails.upsert({
+		email: (account || req.fields).email,
+		reason: req.fields.reason ? req.fields.reason : null,
+		expiry: req.fields.expiry ? new Date(Date.parse(req.fields.expiry)) : null
+	});
+
+	return res.status(200).send(`Email ${(account || req.fields).email} banned (username ${account ? account.username : 'not found'})`);
+};
+
+module.exports = route;

server/admin/banned.js

@@ -2,12 +2,6 @@ const { Op } = require('sequelize');
 const { bannedEmails, accounts } = require('../database/models');
 
 const route = async (req, res) => {
-	//TODO: move to middleware
-	//make sure the account is an admin
-	if (req.cookies['admin'] !== process.env.SESSION_ADMIN) {
-		return res.status(401).send('invalid admin status');
-	}
-
 	//merge the banned accounts with the account data, if any
 	const data = await bannedEmails.findAll()
 		.then(bans => bans.map(async ban => {

server/admin/index.js

@@ -1,9 +1,19 @@
 const express = require('express');
 const router = express.Router();
 
-//basic account management
-router.post('/banned', require('./banned'));
-//router.post('/ban', require('./ban'));
-//router.post('/unban', require('./unban'));
+//middleware
+router.use((req, res, next) => {
+	//make sure the account is an admin
+	if (req.cookies['admin'] !== process.env.SESSION_ADMIN) {
+		return res.status(401).send('invalid admin status');
+	} else {
+		next();
+	}
+});
+
+//basic account ban management
+router.get('/banned', require('./banned'));
+router.post('/ban', require('./ban'));
+router.post('/unban', require('./unban'));
 
 module.exports = router;

server/admin/unban.js

@@ -0,0 +1,46 @@
+const Sequelize = require('sequelize');
+const Op = Sequelize.Op;
+const { bannedEmails, accounts } = require('../database/models');
+var cron = require('node-cron');
+
+const route = async (req, res) => {
+	console.log(req.fields.entry)
+	//get the account, if one is found
+	const account = await accounts.findOne({
+		where: {
+			[Op.or]: {
+				email: {
+					[Op.eq]: req.fields.entry
+				},
+				username: {
+					[Op.eq]: req.fields.entry
+				}
+			}
+		},
+	});
+
+	//accept either email or username
+	const affectedRows = await bannedEmails.destroy({
+		where: {
+			email: {
+				[Op.eq]: account?.email || req.fields.entry || ''
+			}
+		}
+	});
+
+	return res.status(200).send(`${affectedRows} emails unbanned`);
+};
+
+//delete any expired bans
+cron.schedule('0 * * * *', () => {
+	bannedEmails.destroy({
+		where: {
+			expiry: {
+				[Op.lt]: Sequelize.fn('NOW'),
+				[Op.not]: null
+			}
+		}
+	});
+});
+
+module.exports = route;