API /:guild_id/bans compat

- Fix GET Ban using "ban"/"user" instead of "user_id" in params, making it unusable
- Return a processed user object instead of the raw DB one
- Silently ignore already banned users to prevent duplicate bans in the DB
- Return HTTP 204 on successful bans instead of the raw DB ban object

src/api/routes/guilds/#guild_id/bans.ts

@@ -19,7 +19,6 @@
 import { getIpAdress, route } from "@spacebar/api";
 import {
 	Ban,
-	BanModeratorSchema,
 	BanRegistrySchema,
 	DiscordApiErrors,
 	GuildBanAddEvent,
@@ -82,7 +81,7 @@ router.get(
 );
 
 router.get(
-	"/:user",
+	"/:user_id",
 	route({
 		permission: "BAN_MEMBERS",
 		responses: {
@@ -98,8 +97,7 @@ router.get(
 		},
 	}),
 	async (req: Request, res: Response) => {
-		const { guild_id } = req.params;
+		const { guild_id, user_id } = req.params;
-		const user_id = req.params.ban;
 
 		let ban = (await Ban.findOneOrFail({
 			where: { guild_id: guild_id, user_id: user_id },
@@ -108,13 +106,12 @@ router.get(
 		if (ban.user_id === ban.executor_id) throw DiscordApiErrors.UNKNOWN_BAN;
 		// pretend self-bans don't exist to prevent victim chasing
 
-		/* Filter secret from registry. */
+		const banInfo = {
+			user: await User.getPublicUser(ban.user_id),
+			reason: ban.reason,
+		}
 
-		ban = ban as BanModeratorSchema;
+		return res.json(banInfo);
-
-		delete ban.ip;
-
-		return res.json(ban);
 	},
 );
 
@@ -151,6 +148,12 @@ router.put(
 		if (req.permission?.cache.guild?.owner_id === banned_user_id)
 			throw new HTTPError("You can't ban the owner", 400);
 
+		const existingBan = await Ban.findOne({
+			where: { guild_id: guild_id, user_id: banned_user_id },
+		});
+		// Bans on already banned users are silently ignored
+		if (existingBan) return res.status(204).send();
+
 		const banned_user = await User.getPublicUser(banned_user_id);
 
 		const ban = Ban.create({
@@ -174,7 +177,7 @@ router.put(
 			} as GuildBanAddEvent),
 		]);
 
-		return res.json(ban);
+		return res.status(204).send();
 	},
 );