diff --git a/src/routes/postWarning.ts b/src/routes/postWarning.ts index dfc7819..6feedef 100644 --- a/src/routes/postWarning.ts +++ b/src/routes/postWarning.ts @@ -22,8 +22,15 @@ export function postWarning(req: Request, res: Response) { let resultStatus = ""; if (enabled) { - db.prepare('run', 'INSERT INTO warnings (userID, issueTime, issuerUserID, enabled) VALUES (?, ?, ?, 1)', [userID, issueTime, issuerUserID]); - resultStatus = "issued to"; + let previousWarning = db.prepare('get', 'SELECT * FROM warnings WHERE userID = ? AND issuerUserID = ?', [userID, issuerUserID]); + + if (!previousWarning) { + db.prepare('run', 'INSERT INTO warnings (userID, issueTime, issuerUserID, enabled) VALUES (?, ?, ?, 1)', [userID, issueTime, issuerUserID]); + resultStatus = "issued to"; + } else { + res.status(409).send(); + return; + } } else { db.prepare('run', 'UPDATE warnings SET enabled = 0 WHERE userID = ? AND issuerUserID = ?', [userID, issuerUserID]); resultStatus = "removed from"; diff --git a/test/cases/postWarning.ts b/test/cases/postWarning.ts index 7122334..6a8c13d 100644 --- a/test/cases/postWarning.ts +++ b/test/cases/postWarning.ts @@ -32,6 +32,30 @@ describe('postWarning', () => { }); }); + it('Should be not be able to create a duplicate warning if vip', (done: Done) => { + let json = { + issuerUserID: 'warning-vip', + userID: 'warning-0', + }; + + request.post(getbaseURL() + + "/api/warnUser", {json}, + (err, res, body) => { + if (err) done(err); + else if (res.statusCode === 409) { + let row = db.prepare('get', "SELECT userID, issueTime, issuerUserID, enabled FROM warnings WHERE userID = ?", [json.userID]); + if (row?.enabled == 1 && row?.issuerUserID == getHash(json.issuerUserID)) { + done(); + } else { + done("Warning missing from database"); + } + } else { + console.log(body); + done("Status code was " + res.statusCode); + } + }); + }); + it('Should be able to remove warning if vip', (done: Done) => { let json = { issuerUserID: 'warning-vip',