From 5426ae826e2231f1a3cbf7dfd6be813029011311 Mon Sep 17 00:00:00 2001
From: Ajay <dev@ajay.app>
Date: Sat, 28 Jan 2023 13:09:04 -0500
Subject: [PATCH] Add IP banning

---
 databases/_sponsorTimes.db.sql |  4 ++
 src/routes/postSkipSegments.ts |  7 +--
 src/routes/shadowBanUser.ts    | 81 +++++++++++++++++++-----------
 test/cases/shadowBanUser.ts    | 91 +++++++++++++++++++++++++++++++++-
 4 files changed, 151 insertions(+), 32 deletions(-)

diff --git a/databases/_sponsorTimes.db.sql b/databases/_sponsorTimes.db.sql
index 1ab5210..4dee14e 100644
--- a/databases/_sponsorTimes.db.sql
+++ b/databases/_sponsorTimes.db.sql
@@ -32,6 +32,10 @@ CREATE TABLE IF NOT EXISTS "categoryVotes" (
 	"votes"	INTEGER NOT NULL default 0
 );
 
+CREATE TABLE IF NOT EXISTS "shadowBannedIPs" (
+	"hashedIP"	TEXT NOT NULL PRIMARY KEY
+);
+
 CREATE TABLE IF NOT EXISTS "config" (
 	"key" TEXT NOT NULL UNIQUE,
 	"value" TEXT NOT NULL
diff --git a/src/routes/postSkipSegments.ts b/src/routes/postSkipSegments.ts
index 069aa5a..1347a89 100644
--- a/src/routes/postSkipSegments.ts
+++ b/src/routes/postSkipSegments.ts
@@ -541,14 +541,15 @@ export async function postSkipSegments(req: Request, res: Response): Promise<Res
         // }
 
         //check to see if this user is shadowbanned
-        const shadowBanRow = await db.prepare("get", `SELECT count(*) as "userCount" FROM "shadowBannedUsers" WHERE "userID" = ? LIMIT 1`, [userID]);
+        const shadowBanCount = (await db.prepare("get", `SELECT count(*) as "userCount" FROM "shadowBannedUsers" WHERE "userID" = ? LIMIT 1`, [userID]))?.userCount
+            || (await db.prepare("get", `SELECT count(*) as "userCount" FROM "shadowBannedIPs" WHERE "hashedIP" = ? LIMIT 1`, [hashedIP]))?.userCount;
         const startingVotes = 0;
         const reputation = await getReputation(userID);
 
         for (const segmentInfo of segments) {
             // Full segments are always rejected since there can only be one, so shadow hide wouldn't work
             if (segmentInfo.ignoreSegment
-                || (shadowBanRow.userCount && segmentInfo.actionType === ActionType.Full)) {
+                || (shadowBanCount && segmentInfo.actionType === ActionType.Full)) {
                 continue;
             }
 
@@ -565,7 +566,7 @@ export async function postSkipSegments(req: Request, res: Response): Promise<Res
                     ("videoID", "startTime", "endTime", "votes", "locked", "UUID", "userID", "timeSubmitted", "views", "category", "actionType", "service", "videoDuration", "reputation", "shadowHidden", "hashedVideoID", "userAgent", "description")
                     VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`, [
                     videoID, segmentInfo.segment[0], segmentInfo.segment[1], startingVotes, startingLocked, UUID, userID, timeSubmitted, 0
-                    , segmentInfo.category, segmentInfo.actionType, service, videoDuration, reputation, shadowBanRow.userCount, hashedVideoID, userAgent, segmentInfo.description
+                    , segmentInfo.category, segmentInfo.actionType, service, videoDuration, reputation, shadowBanCount, hashedVideoID, userAgent, segmentInfo.description
                 ],
                 );
 
diff --git a/src/routes/shadowBanUser.ts b/src/routes/shadowBanUser.ts
index 35df540..f7579a1 100644
--- a/src/routes/shadowBanUser.ts
+++ b/src/routes/shadowBanUser.ts
@@ -1,8 +1,8 @@
-import { db } from "../databases/databases";
+import { db, privateDB } from "../databases/databases";
 import { getHashCache } from "../utils/getHashCache";
 import { Request, Response } from "express";
 import { config } from "../config";
-import { Category, Service, VideoID, VideoIDHash } from "../types/segments.model";
+import { Category, HashedIP, Service, VideoID, VideoIDHash } from "../types/segments.model";
 import { UserID } from "../types/user.model";
 import { QueryCacher } from "../utils/queryCacher";
 import { isUserVIP } from "../utils/isUserVIP";
@@ -10,7 +10,7 @@ import { parseCategories } from "../utils/parseParams";
 
 export async function shadowBanUser(req: Request, res: Response): Promise<Response> {
     const userID = req.query.userID as UserID;
-    const hashedIP = req.query.hashedIP as string;
+    const hashedIP = req.query.hashedIP as HashedIP;
     const adminUserIDInput = req.query.adminUserID as UserID;
     const type = req.query.type as string ?? "1";
 
@@ -49,7 +49,7 @@ export async function shadowBanUser(req: Request, res: Response): Promise<Respon
 
             //find all previous submissions and hide them
             if (unHideOldSubmissions) {
-                await unHideSubmissions(categories, userID, type);
+                await unHideSubmissionsByUser(categories, userID, type);
             }
         } else if (!enabled && row.userCount > 0) {
             //remove them from the shadow ban list
@@ -59,16 +59,16 @@ export async function shadowBanUser(req: Request, res: Response): Promise<Respon
             if (unHideOldSubmissions) {
                 const segmentsToIgnore = (await db.prepare("all", `SELECT "UUID" FROM "sponsorTimes" st
                     JOIN "lockCategories" ns on "st"."videoID" = "ns"."videoID" AND st.category = ns.category AND "st"."service" = "ns"."service" WHERE "st"."userID" = ?`
-                , [userID])).map((item: {UUID: string}) => item.UUID);
+                , [userID])).map((item: { UUID: string }) => item.UUID);
                 const allSegments = (await db.prepare("all", `SELECT "UUID" FROM "sponsorTimes" st WHERE "st"."userID" = ?`, [userID]))
-                    .map((item: {UUID: string}) => item.UUID);
+                    .map((item: { UUID: string }) => item.UUID);
 
-                await Promise.all(allSegments.filter((item: {uuid: string}) => {
+                await Promise.all(allSegments.filter((item: { uuid: string }) => {
                     return segmentsToIgnore.indexOf(item) === -1;
                 }).map(async (UUID: string) => {
                     // collect list for unshadowbanning
                     (await db.prepare("all", `SELECT "videoID", "hashedVideoID", "service", "votes", "views", "userID" FROM "sponsorTimes" WHERE "UUID" = ? AND "shadowHidden" >= 1 AND "category" in (${categories.map((c) => `'${c}'`).join(",")})`, [UUID]))
-                        .forEach((videoInfo: {category: Category, videoID: VideoID, hashedVideoID: VideoIDHash, service: Service, userID: UserID}) => {
+                        .forEach((videoInfo: { category: Category, videoID: VideoID, hashedVideoID: VideoIDHash, service: Service, userID: UserID }) => {
                             QueryCacher.clearSegmentCache(videoInfo);
                         }
                         );
@@ -76,11 +76,11 @@ export async function shadowBanUser(req: Request, res: Response): Promise<Respon
                     return db.prepare("run", `UPDATE "sponsorTimes" SET "shadowHidden" = 0 WHERE "UUID" = ? AND "category" in (${categories.map((c) => `'${c}'`).join(",")})`, [UUID]);
                 }));
             }
-        // already shadowbanned
+            // already shadowbanned
         } else if (enabled && row.userCount > 0) {
             // apply unHideOldSubmissions if applicable
             if (unHideOldSubmissions) {
-                await unHideSubmissions(categories, userID, type);
+                await unHideSubmissionsByUser(categories, userID, type);
                 return res.sendStatus(200);
             }
 
@@ -89,38 +89,45 @@ export async function shadowBanUser(req: Request, res: Response): Promise<Respon
         }
     } else if (hashedIP) {
         //check to see if this user is already shadowbanned
-        // let row = await privateDB.prepare('get', "SELECT count(*) as userCount FROM shadowBannedIPs WHERE hashedIP = ?", [hashedIP]);
+        const row = await db.prepare("get", `SELECT count(*) as "userCount" FROM "shadowBannedIPs" WHERE "hashedIP" = ?`, [hashedIP]);
 
-        // if (enabled && row.userCount == 0) {
-        if (enabled) {
+        if (enabled && row.userCount == 0) {
             //add them to the shadow ban list
 
             //add it to the table
-            // await privateDB.prepare('run', "INSERT INTO shadowBannedIPs VALUES(?)", [hashedIP]);
-
+            await db.prepare("run", `INSERT INTO "shadowBannedIPs" VALUES(?)`, [hashedIP]);
 
             //find all previous submissions and hide them
             if (unHideOldSubmissions) {
-                await db.prepare("run", `UPDATE "sponsorTimes" SET "shadowHidden" = ${type} WHERE "timeSubmitted" IN
-                    (SELECT "privateDB"."timeSubmitted" FROM "sponsorTimes" LEFT JOIN "privateDB"."sponsorTimes" as "privateDB" ON "sponsorTimes"."timeSubmitted"="privateDB"."timeSubmitted"
-                    WHERE "privateDB"."hashedIP" = ?)`, [hashedIP]);
+                await unHideSubmissionsByIP(categories, hashedIP, type);
+            }
+        } else if (!enabled) {
+            if (row.userCount > 0) {
+                //remove them from the shadow ban list
+                await db.prepare("run", `DELETE FROM "shadowBannedIPs" WHERE "hashedIP" = ?`, [hashedIP]);
             }
-        } /*else if (!enabled && row.userCount > 0) {
-            // //remove them from the shadow ban list
-            // await db.prepare('run', "DELETE FROM shadowBannedUsers WHERE userID = ?", [userID]);
 
-            // //find all previous submissions and unhide them
-            // if (unHideOldSubmissions) {
-            //     await db.prepare('run', "UPDATE sponsorTimes SET shadowHidden = 0 WHERE userID = ?", [userID]);
-            // }
-        }*/
+            //find all previous submissions and unhide them
+            if (unHideOldSubmissions) {
+                await unHideSubmissionsByIP(categories, hashedIP, "0");
+            }
+        } else if (enabled && row.userCount > 0) {
+            // apply unHideOldSubmissions if applicable
+            if (unHideOldSubmissions) {
+                await unHideSubmissionsByIP(categories, hashedIP, type);
+                return res.sendStatus(200);
+            }
+
+            // otherwise ban already exists, send 409
+            return res.sendStatus(409);
+        }
     }
     return res.sendStatus(200);
 }
 
-async function unHideSubmissions(categories: string[], userID: UserID, type = "1") {
+async function unHideSubmissionsByUser(categories: string[], userID: UserID, type = "1") {
     if (!["1", "2"].includes(type)) return;
-    
+
     await db.prepare("run", `UPDATE "sponsorTimes" SET "shadowHidden" = ${type} WHERE "userID" = ? AND "category" in (${categories.map((c) => `'${c}'`).join(",")})
                     AND NOT EXISTS ( SELECT "videoID", "category" FROM "lockCategories" WHERE
                     "sponsorTimes"."videoID" = "lockCategories"."videoID" AND "sponsorTimes"."service" = "lockCategories"."service" AND "sponsorTimes"."category" = "lockCategories"."category")`, [userID]);
@@ -131,3 +138,21 @@ async function unHideSubmissions(categories: string[], userID: UserID, type = "1
             QueryCacher.clearSegmentCache(videoInfo);
         });
 }
+
+async function unHideSubmissionsByIP(categories: string[], hashedIP: HashedIP, type = "1") {
+    if (!["0", "1", "2"].includes(type)) return;
+
+    const submissions = await privateDB.prepare("all", `SELECT "timeSubmitted" FROM "sponsorTimes" WHERE "hashedIP" = ?`, [hashedIP]) as { timeSubmitted: number }[];
+
+    await Promise.all(submissions.map(async (submission) => {
+        (await db.prepare("all", `SELECT "videoID", "hashedVideoID", "service", "votes", "views", "userID" FROM "sponsorTimes" WHERE "timeSubmitted" = ? AND "shadowHidden" >= 1 AND "category" in (${categories.map((c) => `'${c}'`).join(",")})`, [submission.timeSubmitted]))
+            .forEach((videoInfo: { category: Category, videoID: VideoID, hashedVideoID: VideoIDHash, service: Service, userID: UserID }) => {
+                QueryCacher.clearSegmentCache(videoInfo);
+            }
+            );
+
+        await db.prepare("run", `UPDATE "sponsorTimes" SET "shadowHidden" = ${type} WHERE "timeSubmitted" = ? AND "category" in (${categories.map((c) => `'${c}'`).join(",")})
+            AND NOT EXISTS ( SELECT "videoID", "category" FROM "lockCategories" WHERE
+            "sponsorTimes"."videoID" = "lockCategories"."videoID" AND "sponsorTimes"."service" = "lockCategories"."service" AND "sponsorTimes"."category" = "lockCategories"."category")`, [submission.timeSubmitted]);
+    }));
+}
diff --git a/test/cases/shadowBanUser.ts b/test/cases/shadowBanUser.ts
index 9291cbe..9f7b024 100644
--- a/test/cases/shadowBanUser.ts
+++ b/test/cases/shadowBanUser.ts
@@ -1,4 +1,4 @@
-import { db } from "../../src/databases/databases";
+import { db, privateDB } from "../../src/databases/databases";
 import { getHash } from "../../src/utils/getHash";
 import assert from "assert";
 import { Category } from "../../src/types/segments.model";
@@ -9,6 +9,8 @@ describe("shadowBanUser", () => {
     const getShadowBanSegments = (userID: string, status: number) => db.prepare("all", `SELECT "shadowHidden" FROM "sponsorTimes" WHERE "userID" = ? AND "shadowHidden" = ?`, [userID, status]);
     const getShadowBanSegmentCategory = (userID: string, status: number): Promise<{shadowHidden: number, category: Category}[]> => db.prepare("all", `SELECT "shadowHidden", "category" FROM "sponsorTimes" WHERE "userID" = ? AND "shadowHidden" = ?`, [userID, status]);
 
+    const getIPShadowBan = (hashedIP: string) => db.prepare("get", `SELECT * FROM "shadowBannedIPs" WHERE "hashedIP" = ?`, [hashedIP]);
+
     const endpoint = "/api/shadowBanUser";
     const VIPuserID = "shadow-ban-vip";
     const video = "shadowBanVideo";
@@ -35,6 +37,10 @@ describe("shadowBanUser", () => {
         await db.prepare("run", insertQuery, [video, 10, 10, 2, 1, "shadow-60", "shadowBanned6", 0, 50, "sponsor", "YouTube", 0, videohash]);
         await db.prepare("run", insertQuery, ["lockedVideo", 10, 10, 2, 1, "shadow-61", "shadowBanned6", 0, 50, "sponsor", "YouTube", 0, getHash("lockedVideo", 1)]);
 
+        await db.prepare("run", insertQuery, [video, 20, 10, 2, 0, "shadow-70", "shadowBanned7", 383848, 50, "sponsor", "YouTube", 0, videohash]);
+        await db.prepare("run", insertQuery, [video, 20, 10, 2, 0, "shadow-71", "shadowBanned7", 2332, 50, "intro", "YouTube", 0, videohash]);
+        await db.prepare("run", insertQuery, [video, 20, 10, 2, 0, "shadow-72", "shadowBanned7", 4923, 50, "interaction", "YouTube", 0, videohash]);
+
         await db.prepare("run", `INSERT INTO "shadowBannedUsers" ("userID") VALUES(?)`, ["shadowBanned3"]);
         await db.prepare("run", `INSERT INTO "shadowBannedUsers" ("userID") VALUES(?)`, ["shadowBanned4"]);
 
@@ -42,6 +48,11 @@ describe("shadowBanUser", () => {
             [getHash("shadow-ban-vip", 1), "lockedVideo", "skip", "sponsor", "YouTube"]);
 
         await db.prepare("run", `INSERT INTO "vipUsers" ("userID") VALUES(?)`, [getHash(VIPuserID)]);
+
+        const privateInsertQuery = `INSERT INTO "sponsorTimes" ("videoID", "hashedIP", "timeSubmitted", "service") VALUES(?, ?, ?, ?)`;
+        await privateDB.prepare("run", privateInsertQuery, [video, "shadowBannedIP7", 383848, "YouTube"]);
+        await privateDB.prepare("run", privateInsertQuery, [video, "shadowBannedIP7", 2332, "YouTube"]);
+        await privateDB.prepare("run", privateInsertQuery, [video, "shadowBannedIP7", 4923, "YouTube"]);
     });
 
     it("Should be able to ban user and hide submissions", (done) => {
@@ -306,4 +317,82 @@ describe("shadowBanUser", () => {
             })
             .catch(err => done(err));
     });
+
+    it("Should be able to ban user by IP and hide submissions of a specific category", (done) => {
+        const hashedIP = "shadowBannedIP7";
+        const userID = "shadowBanned7";
+        client({
+            method: "POST",
+            url: endpoint,
+            params: {
+                hashedIP,
+                categories: `["sponsor", "intro"]`,
+                adminUserID: VIPuserID,
+            }
+        })
+            .then(async res => {
+                assert.strictEqual(res.status, 200);
+                const videoRow = await getShadowBanSegments(userID, 1);
+                const normalShadowRow = await getShadowBan(userID);
+                const ipShadowRow = await getIPShadowBan(hashedIP);
+                assert.ok(ipShadowRow);
+                assert.ok(!normalShadowRow);
+                assert.strictEqual(videoRow.length, 2);
+                done();
+            })
+            .catch(err => done(err));
+    });
+
+    it("Should be able to unban user by IP", (done) => {
+        const hashedIP = "shadowBannedIP7";
+        const userID = "shadowBanned7";
+        client({
+            method: "POST",
+            url: endpoint,
+            params: {
+                hashedIP,
+                enabled: false,
+                unHideOldSubmissions: false,
+                adminUserID: VIPuserID,
+            }
+        })
+            .then(async res => {
+                assert.strictEqual(res.status, 200);
+                const videoRow = await getShadowBanSegments(userID, 1);
+                const normalShadowRow = await getShadowBan(userID);
+                const ipShadowRow = await getIPShadowBan(hashedIP);
+                assert.ok(!ipShadowRow);
+                assert.ok(!normalShadowRow);
+                assert.strictEqual(videoRow.length, 2);
+                done();
+            })
+            .catch(err => done(err));
+    });
+
+    it("Should be able to unban user by IP and unhide specific category", (done) => {
+        const hashedIP = "shadowBannedIP7";
+        const userID = "shadowBanned7";
+        client({
+            method: "POST",
+            url: endpoint,
+            params: {
+                hashedIP,
+                enabled: false,
+                categories: `["sponsor"]`,
+                unHideOldSubmissions: true,
+                adminUserID: VIPuserID,
+            }
+        })
+            .then(async res => {
+                assert.strictEqual(res.status, 200);
+                const videoRow = await getShadowBanSegments(userID, 1);
+                const normalShadowRow = await getShadowBan(userID);
+                const ipShadowRow = await getIPShadowBan(hashedIP);
+                assert.ok(!ipShadowRow);
+                assert.ok(!normalShadowRow);
+                assert.strictEqual(videoRow.length, 1);
+                done();
+            })
+            .catch(err => done(err));
+    });
 });