From 8495a9d6c0774dc010b2e521249c83e7a7aabd03 Mon Sep 17 00:00:00 2001
From: Michael C <michael@mchang.name>
Date: Sat, 25 Feb 2023 00:04:15 -0500
Subject: [PATCH] fix unban query hitting limit, use number as type

---
 src/routes/postSkipSegments.ts |  2 +-
 src/routes/shadowBanUser.ts    | 52 ++++++++++++----------------------
 test/cases/shadowBanUser.ts    |  2 +-
 3 files changed, 20 insertions(+), 36 deletions(-)

diff --git a/src/routes/postSkipSegments.ts b/src/routes/postSkipSegments.ts
index d574de9..c48195b 100644
--- a/src/routes/postSkipSegments.ts
+++ b/src/routes/postSkipSegments.ts
@@ -554,7 +554,7 @@ export async function postSkipSegments(req: Request, res: Response): Promise<Res
 
         if (!userBanCount && ipBanCount) {
             // Make sure the whole user is banned
-            banUser(userID, true, true, "1", config.categoryList as Category[])
+            banUser(userID, true, true, 1, config.categoryList as Category[])
                 .catch((e) => Logger.error(`Error banning user after submitting from a banned IP: ${e}`));
         }
 
diff --git a/src/routes/shadowBanUser.ts b/src/routes/shadowBanUser.ts
index d54b125..02527ea 100644
--- a/src/routes/shadowBanUser.ts
+++ b/src/routes/shadowBanUser.ts
@@ -12,7 +12,10 @@ export async function shadowBanUser(req: Request, res: Response): Promise<Respon
     const userID = req.query.userID as UserID;
     const hashedIP = req.query.hashedIP as HashedIP;
     const adminUserIDInput = req.query.adminUserID as UserID;
-    const type = req.query.type as string ?? "1";
+    const type = Number.parseInt(req.query.type as string ?? "1");
+    if (isNaN(type)) {
+        return res.sendStatus(400);
+    }
 
     const enabled = req.query.enabled === undefined
         ? true
@@ -27,7 +30,7 @@ export async function shadowBanUser(req: Request, res: Response): Promise<Respon
 
     const categories: Category[] = parseCategories(req, config.categoryList as Category[]);
 
-    if (adminUserIDInput == undefined || (userID == undefined && hashedIP == undefined || !["1", "2"].includes(type))) {
+    if (adminUserIDInput == undefined || (userID == undefined && hashedIP == undefined || type <= 0)) {
         //invalid request
         return res.sendStatus(400);
     }
@@ -70,7 +73,7 @@ export async function shadowBanUser(req: Request, res: Response): Promise<Respon
     return res.sendStatus(200);
 }
 
-export async function banUser(userID: UserID, enabled: boolean, unHideOldSubmissions: boolean, type: string, categories: Category[]): Promise<number> {
+export async function banUser(userID: UserID, enabled: boolean, unHideOldSubmissions: boolean, type: number, categories: Category[]): Promise<number> {
     //check to see if this user is already shadowbanned
     const row = await db.prepare("get", `SELECT count(*) as "userCount" FROM "shadowBannedUsers" WHERE "userID" = ?`, [userID]);
 
@@ -93,37 +96,22 @@ export async function banUser(userID: UserID, enabled: boolean, unHideOldSubmiss
             return 409;
         }
     } else if (!enabled && row.userCount > 0) {
-        //remove them from the shadow ban list
-        await db.prepare("run", `DELETE FROM "shadowBannedUsers" WHERE "userID" = ?`, [userID]);
-
         //find all previous submissions and unhide them
         if (unHideOldSubmissions) {
-            const segmentsToIgnore = (await db.prepare("all", `SELECT "UUID" FROM "sponsorTimes" st
-                JOIN "lockCategories" ns on "st"."videoID" = "ns"."videoID" AND st.category = ns.category AND "st"."service" = "ns"."service" WHERE "st"."userID" = ?`
-            , [userID])).map((item: { UUID: string }) => item.UUID);
-            const allSegments = (await db.prepare("all", `SELECT "UUID" FROM "sponsorTimes" st WHERE "st"."userID" = ?`, [userID]))
-                .map((item: { UUID: string }) => item.UUID);
-
-            await Promise.all(allSegments.filter((item: { uuid: string }) => {
-                return segmentsToIgnore.indexOf(item) === -1;
-            }).map(async (UUID: string) => {
-                // collect list for unshadowbanning
-                (await db.prepare("all", `SELECT "videoID", "hashedVideoID", "service", "votes", "views", "userID" FROM "sponsorTimes" WHERE "UUID" = ? AND "shadowHidden" >= 1 AND "category" in (${categories.map((c) => `'${c}'`).join(",")})`, [UUID]))
-                    .forEach((videoInfo: { category: Category, videoID: VideoID, hashedVideoID: VideoIDHash, service: Service, userID: UserID }) => {
-                        QueryCacher.clearSegmentCache(videoInfo);
-                    }
-                    );
-
-                return db.prepare("run", `UPDATE "sponsorTimes" SET "shadowHidden" = 0 WHERE "UUID" = ? AND "category" in (${categories.map((c) => `'${c}'`).join(",")})`, [UUID]);
-            }));
+            await unHideSubmissionsByUser(categories, userID, 0);
         }
-        // already shadowbanned
+
+        //remove them from the shadow ban list
+        await db.prepare("run", `DELETE FROM "shadowBannedUsers" WHERE "userID" = ?`, [userID]);
+    } else if (row.userCount == 0) { // already shadowbanned
+        // already not shadowbanned
+        return 400;
     }
 
     return 200;
 }
 
-export async function banIP(hashedIP: HashedIP, enabled: boolean, unHideOldSubmissions: boolean, type: string, categories: Category[], banUsers: boolean): Promise<number> {
+export async function banIP(hashedIP: HashedIP, enabled: boolean, unHideOldSubmissions: boolean, type: number, categories: Category[], banUsers: boolean): Promise<number> {
     //check to see if this user is already shadowbanned
     const row = await db.prepare("get", `SELECT count(*) as "userCount" FROM "shadowBannedIPs" WHERE "hashedIP" = ?`, [hashedIP]);
 
@@ -153,17 +141,15 @@ export async function banIP(hashedIP: HashedIP, enabled: boolean, unHideOldSubmi
 
         //find all previous submissions and unhide them
         if (unHideOldSubmissions) {
-            await unHideSubmissionsByIP(categories, hashedIP, "0");
+            await unHideSubmissionsByIP(categories, hashedIP, 0);
         }
     }
 
     return 200;
 }
 
-async function unHideSubmissionsByUser(categories: string[], userID: UserID, type = "1") {
-    if (!["1", "2"].includes(type)) return;
-
-    await db.prepare("run", `UPDATE "sponsorTimes" SET "shadowHidden" = ${type} WHERE "userID" = ? AND "category" in (${categories.map((c) => `'${c}'`).join(",")})
+async function unHideSubmissionsByUser(categories: string[], userID: UserID, type = 1) {
+    await db.prepare("run", `UPDATE "sponsorTimes" SET "shadowHidden" = '${type}' WHERE "userID" = ? AND "category" in (${categories.map((c) => `'${c}'`).join(",")})
                     AND NOT EXISTS ( SELECT "videoID", "category" FROM "lockCategories" WHERE
                     "sponsorTimes"."videoID" = "lockCategories"."videoID" AND "sponsorTimes"."service" = "lockCategories"."service" AND "sponsorTimes"."category" = "lockCategories"."category")`, [userID]);
 
@@ -174,9 +160,7 @@ async function unHideSubmissionsByUser(categories: string[], userID: UserID, typ
         });
 }
 
-async function unHideSubmissionsByIP(categories: string[], hashedIP: HashedIP, type = "1"): Promise<Set<UserID>> {
-    if (!["0", "1", "2"].includes(type)) return;
-
+async function unHideSubmissionsByIP(categories: string[], hashedIP: HashedIP, type = 1): Promise<Set<UserID>> {
     const submissions = await privateDB.prepare("all", `SELECT "timeSubmitted" FROM "sponsorTimes" WHERE "hashedIP" = ?`, [hashedIP]) as { timeSubmitted: number }[];
 
     const users: Set<UserID> = new Set();
diff --git a/test/cases/shadowBanUser.ts b/test/cases/shadowBanUser.ts
index 7dfb024..06e51eb 100644
--- a/test/cases/shadowBanUser.ts
+++ b/test/cases/shadowBanUser.ts
@@ -296,7 +296,7 @@ describe("shadowBanUser", () => {
                 enabled: true,
                 categories: `["sponsor"]`,
                 unHideOldSubmissions: true,
-                type: "3"
+                type: "bad"
             }
         })
             .then(res => {