API /:guild_id/bans compat

- Fix GET Ban using "ban"/"user" instead of "user_id" in params, making it unusable - Return a processed user object instead of the raw DB one - Silently ignore already banned users to prevent duplicate bans in the DB - Return HTTP 204 on successful bans instead of the raw DB ban object
2024-06-05 06:01:44 +02:00 · 2024-06-05 06:01:44 +02:00 · 631788537c
commit 631788537c
parent 41a2612fe3
1 changed files with 17 additions and 14 deletions
--- a/src/api/routes/guilds/#guild_id/bans.ts
+++ b/src/api/routes/guilds/#guild_id/bans.ts
@ -1,17 +1,17 @@
 /*
 	Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
 	Copyright (C) 2023 Spacebar and Spacebar Contributors
-	
+
 	This program is free software: you can redistribute it and/or modify
 	it under the terms of the GNU Affero General Public License as published
 	by the Free Software Foundation, either version 3 of the License, or
 	(at your option) any later version.
-	
+
 	This program is distributed in the hope that it will be useful,
 	but WITHOUT ANY WARRANTY; without even the implied warranty of
 	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 	GNU Affero General Public License for more details.
-	
+
 	You should have received a copy of the GNU Affero General Public License
 	along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
@ -19,7 +19,6 @@
 import { getIpAdress, route } from "@spacebar/api";
 import {
 	Ban,
 	BanModeratorSchema,
 	BanRegistrySchema,
 	DiscordApiErrors,
 	GuildBanAddEvent,
@ -82,7 +81,7 @@ router.get(
 );
 router.get(
-	"/:user",
+	"/:user_id",
 	route({
 		permission: "BAN_MEMBERS",
 		responses: {
@ -98,8 +97,7 @@ router.get(
 		},
 	}),
 	async (req: Request, res: Response) => {
-		const { guild_id } = req.params;
+		const { guild_id, user_id } = req.params;
 		const user_id = req.params.ban;
 		let ban = (await Ban.findOneOrFail({
 			where: { guild_id: guild_id, user_id: user_id },
@ -108,13 +106,12 @@ router.get(
 		if (ban.user_id === ban.executor_id) throw DiscordApiErrors.UNKNOWN_BAN;
 		// pretend self-bans don't exist to prevent victim chasing
-		/* Filter secret from registry. */
+		const banInfo = {
 			user: await User.getPublicUser(ban.user_id),
 			reason: ban.reason,
 		}
-		ban = ban as BanModeratorSchema;
+		return res.json(banInfo);
 		delete ban.ip;
 		return res.json(ban);
 	},
 );
@ -151,6 +148,12 @@ router.put(
 		if (req.permission?.cache.guild?.owner_id === banned_user_id)
 			throw new HTTPError("You can't ban the owner", 400);
 		const existingBan = await Ban.findOne({
 			where: { guild_id: guild_id, user_id: banned_user_id },
 		});
 		// Bans on already banned users are silently ignored
 		if (existingBan) return res.status(204).send();
 		const banned_user = await User.getPublicUser(banned_user_id);
 		const ban = Ban.create({
@ -174,7 +177,7 @@ router.put(
 			} as GuildBanAddEvent),
 		]);
-		return res.json(ban);
+		return res.status(204).send();
 	},
 );