regalijan/car-crushers-portal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove bypass property

Browse Source
This commit is contained in:
Regalijan 2024-04-15 17:22:17 -04:00
parent 3d7cb08114
commit fa2d97de25
Signed by: regalijan
GPG Key ID: 5D4196DA269EF520
2 changed files with 3 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
app/routes/report.tsx
View File

@ -130,7 +130,6 @@ export default function () {
const submitReq = await fetch("/api/reports/submit", {
body: JSON.stringify({
bypass: false,
description: description || undefined,
files: filelist,
turnstileResponse: logged_in ? undefined : turnstileToken,

23
functions/api/reports/submit.ts
View File

@ -2,15 +2,8 @@ import { jsonError, jsonResponse } from "../../common.js";
import upload from "../../upload.js";
export async function onRequestPost(context: RequestContext) {
const {
actions,
bypass,
description,
files,
senderTokenId,
turnstileResponse,
usernames,
} = context.data.body;
const { description, files, senderTokenId, turnstileResponse, usernames } =
context.data.body;
if (!context.data.current_user) {
if (typeof turnstileResponse !== "string")
@ -36,15 +29,6 @@ export async function onRequestPost(context: RequestContext) {
if (!success) return jsonError("Captcha test failed", 403);
}
const origin = context.request.headers.get("Origin");
if (!origin) return jsonError("No origin header", 400);
if (bypass && !(context.data.current_user?.permissions & (1 << 5)))
return jsonError("Bypass directive cannot be used", 403);
if (typeof bypass !== "boolean")
return jsonError("Bypass must be a boolean", 400);
if (!Array.isArray(usernames))
return jsonError("Usernames must be type of array", 400);
@ -218,7 +202,6 @@ export async function onRequestPost(context: RequestContext) {
created_at: Date.now(),
fcm_token: typeof senderTokenId === "string" ? senderTokenId : undefined,
id: reportId,
open: !bypass,
user: currentUser
? {
email: currentUser.email,
@ -235,7 +218,7 @@ export async function onRequestPost(context: RequestContext) {
await context.env.D1.prepare(
"INSERT INTO reports (created_at, id, open, user) VALUES (?, ?, ?, ?);",
)
.bind(Date.now(), reportId, Number(!bypass), currentUser?.id || null)
.bind(Date.now(), reportId, 1, currentUser?.id || null)
.run();
} catch {}