From a860e96d3508528e7e4b8f94d2cbc16e403ed887 Mon Sep 17 00:00:00 2001 From: Michael C Date: Sun, 4 Jul 2021 23:33:12 -0400 Subject: [PATCH] getLockCategoresByHash --- databases/_upgrade_sponsorTimes_18.sql | 9 ++ src/app.ts | 4 + src/routes/getLockCategories.ts | 3 +- src/routes/getLockCategoriesByHash.ts | 27 +++++ test/cases/getLockCategories.ts | 6 +- test/cases/getLockCategoriesByHash.ts | 145 +++++++++++++++++++++++++ 6 files changed, 189 insertions(+), 5 deletions(-) create mode 100644 databases/_upgrade_sponsorTimes_18.sql create mode 100644 src/routes/getLockCategoriesByHash.ts create mode 100644 test/cases/getLockCategoriesByHash.ts diff --git a/databases/_upgrade_sponsorTimes_18.sql b/databases/_upgrade_sponsorTimes_18.sql new file mode 100644 index 0000000..f50d454 --- /dev/null +++ b/databases/_upgrade_sponsorTimes_18.sql @@ -0,0 +1,9 @@ +BEGIN TRANSACTION; + +/* Add hash field */ +ALTER TABLE "lockCategories" ADD "hashedVideoID" TEXT NOT NULL default ''; +UPDATE "lockCategories" SET "hashedVideoID" = sha256("videoID"); + +UPDATE "config" SET value = 18 WHERE key = 'version'; + +COMMIT; diff --git a/src/app.ts b/src/app.ts index 7b05b31..8e67bb1 100644 --- a/src/app.ts +++ b/src/app.ts @@ -34,6 +34,7 @@ import { addUnlistedVideo } from './routes/addUnlistedVideo'; import {postPurgeAllSegments} from './routes/postPurgeAllSegments'; import {getUserID} from './routes/getUserID'; import {getLockCategories} from './routes/getLockCategories'; +import {getLockCategoriesByHash} from './routes/getLockCategoriesByHash'; import ExpressPromiseRouter from 'express-promise-router'; export function createServer(callback: () => void) { @@ -159,6 +160,9 @@ function setupRoutes(router: Router) { // get lock categores from userID router.get('/api/lockCategories', getLockCategories); + // get privacy protecting lock categories functions + router.get('/api/lockCategories/:prefix', getLockCategoriesByHash); + if (config.postgres) { router.get('/database', (req, res) => dumpDatabase(req, res, true)); router.get('/database.json', (req, res) => dumpDatabase(req, res, false)); diff --git a/src/routes/getLockCategories.ts b/src/routes/getLockCategories.ts index 13d1eac..f94b9ec 100644 --- a/src/routes/getLockCategories.ts +++ b/src/routes/getLockCategories.ts @@ -1,8 +1,7 @@ import {db} from '../databases/databases'; -import {getHash} from '../utils/getHash'; import {Logger} from '../utils/logger'; import {Request, Response} from 'express'; -import { Category, CategoryActionType, DBSegment, HashedIP, IPAddress, OverlappingSegmentGroup, Segment, SegmentCache, SegmentUUID, Service, VideoData, VideoID, VideoIDHash, Visibility, VotableObject } from "../types/segments.model"; +import { Category, VideoID } from "../types/segments.model"; import { UserID } from '../types/user.model'; export async function getLockCategories(req: Request, res: Response) { diff --git a/src/routes/getLockCategoriesByHash.ts b/src/routes/getLockCategoriesByHash.ts new file mode 100644 index 0000000..34b3456 --- /dev/null +++ b/src/routes/getLockCategoriesByHash.ts @@ -0,0 +1,27 @@ +import {db} from '../databases/databases'; +import {Logger} from '../utils/logger'; +import {Request, Response} from 'express'; +import {hashPrefixTester} from '../utils/hashPrefixTester'; +import { Category, VideoID, VideoIDHash } from "../types/segments.model"; +import { UserID } from '../types/user.model'; + +export async function getLockCategoriesByHash(req: Request, res: Response): Promise { + let hashPrefix = req.params.prefix as VideoIDHash; + if (!hashPrefixTester(req.params.prefix)) { + return res.status(400).send("Hash prefix does not match format requirements."); // Exit early on faulty prefix + } + hashPrefix = hashPrefix.toLowerCase() as VideoIDHash; + + try { + // Get existing lock categories markers + let lockCategoryList = await db.prepare('all', 'SELECT * from "lockCategories" where "hashedVideoID" LIKE ? ORDER BY videoID', [hashPrefix + '%']) as {videoID: VideoID, userID: UserID,category: Category}[] + if (lockCategoryList.length === 0 || !lockCategoryList[0]) { + return res.sendStatus(404); + } else { + return res.send(lockCategoryList) + } + } catch (err) { + Logger.error(err); + return res.sendStatus(500); + } +} diff --git a/test/cases/getLockCategories.ts b/test/cases/getLockCategories.ts index 27e342f..1f62642 100644 --- a/test/cases/getLockCategories.ts +++ b/test/cases/getLockCategories.ts @@ -4,14 +4,14 @@ import {getHash} from '../../src/utils/getHash'; import {db} from '../../src/databases/databases'; -describe('lockCategoriesRecords', () => { +describe('getLockCategories', () => { before(async () => { const insertVipUserQuery = 'INSERT INTO "vipUsers" ("userID") VALUES (?)'; await db.prepare("run", insertVipUserQuery, [getHash("VIPUser-getLockCategories")]); const insertLockCategoryQuery = 'INSERT INTO "lockCategories" ("userID", "videoID", "category") VALUES (?, ?, ?)'; await db.prepare("run", insertLockCategoryQuery, [getHash("VIPUser-getLockCategories"), 'getLock-1', 'sponsor']); - await db.prepare("run", insertLockCategoryQuery, [getHash("VIPUser-getLockCategories"), 'getLock-1', 'intro']); + await db.prepare("run", insertLockCategoryQuery, [getHash("VIPUser-getLockCategories"), 'getLock-1', 'interaction']); await db.prepare("run", insertLockCategoryQuery, [getHash("VIPUser-getLockCategories"), 'getLock-2', 'preview']); @@ -35,7 +35,7 @@ describe('lockCategoriesRecords', () => { done(`Returned incorrect number of locks "${data.length}"`); } else if (data[0].category !== "sponsor") { done(`Returned incorrect category "${data[0].category}"`); - } else if (data[1].category !== "intro") { + } else if (data[1].category !== "interaction") { done(`Returned incorrect category "${data[1].category}"`); } else { done(); // pass diff --git a/test/cases/getLockCategoriesByHash.ts b/test/cases/getLockCategoriesByHash.ts new file mode 100644 index 0000000..312f2ed --- /dev/null +++ b/test/cases/getLockCategoriesByHash.ts @@ -0,0 +1,145 @@ +import fetch from 'node-fetch'; +import {Done, getbaseURL} from '../utils'; +import {getHash} from '../../src/utils/getHash'; +import {db} from '../../src/databases/databases'; + + +describe('getLockCategoriesByHash', () => { + before(async () => { + const insertVipUserQuery = 'INSERT INTO "vipUsers" ("userID") VALUES (?)'; + await db.prepare("run", insertVipUserQuery, [getHash("VIPUser-getLockCategories")]); + + const insertLockCategoryQuery = 'INSERT INTO "lockCategories" ("userID", "videoID", "category", "hashedVideoID") VALUES (?, ?, ?, ?)'; + await db.prepare("run", insertLockCategoryQuery, [getHash("VIPUser-getLockCategories"), 'getLockHash-1', 'sponsor', '67a654898fda3a5541774aea345796c7709982bb6018cb08d22a18eeddccc1d0']); + await db.prepare("run", insertLockCategoryQuery, [getHash("VIPUser-getLockCategories"), 'getLockHash-1', 'interaction', '67a654898fda3a5541774aea345796c7709982bb6018cb08d22a18eeddccc1d0']); + + await db.prepare("run", insertLockCategoryQuery, [getHash("VIPUser-getLockCategories"), 'getLockHash-2', 'preview', 'dff09120437b4bd594dffae5f3cde3cfc5f6099fb01d0ef4051919b2908d9a50']); + + await db.prepare("run", insertLockCategoryQuery, [getHash("VIPUser-getLockCategories"), 'getLockHash-3', 'nonmusic', 'bf1b122fd5630e0df8626d00c4a95c58954ad715e5595b0f75a19ac131e28928']); + + await db.prepare("run", insertLockCategoryQuery, [getHash("VIPUser-getLockCategories"), 'fakehash-1', 'outro', 'b05a20424f24a53dac1b059fb78d861ba9723645026be2174c93a94f9106bb35']); + await db.prepare("run", insertLockCategoryQuery, [getHash("VIPUser-getLockCategories"), 'fakehash-2', 'intro', 'b05acd1cd6ec7dffe5ffea64ada91ae7469d6db2ce21c7e30ad7fa62075d450']); + }); + + it('Database should be greater or equal to version 18', async () => { + let version = (await db.prepare('get', 'SELECT key, value FROM config where key = ?', ['version'])).value; + if (version >= 18) return; + else return 'Version isn\'t greater than 18. Version is ' + version; + }); + + it('Should be able to get multiple locks', (done: Done) => { + fetch(getbaseURL() + '/api/lockCategories/67a65') + .then(async res => { + if (res.status !== 200) { + done("non 200"); + } else { + const data = await res.json(); + if (data.length !== 2) { + done(`Returned incorrect number of locks "${data.length}"`); + } else if (data[0].category !== "sponsor") { + done(`Returned incorrect category "${data[0].category}"`); + } else if (data[1].category !== "interaction") { + done(`Returned incorrect category "${data[1].category}"`); + } else { + done(); // pass + } + } + }) + .catch(err => ("couldn't call endpoint")); + }); + + it('Should be able to get single locks', (done: Done) => { + fetch(getbaseURL() + '/api/lockCategories/dff09') + .then(async res => { + if (res.status !== 200) { + done("non 200"); + } else { + const data = await res.json(); + if (data.length !== 1) { + done('Returned incorrect number of locks "' + data.length + '"'); + } else if (data[0].category !== "preview") { + done(`Returned incorrect category "${data[0].category}"`); + } else { + done(); // pass + } + } + }) + .catch(err => ("couldn't call endpoint")); + }); + + it('Should be able to get by half full hash', (done: Done) => { + fetch(getbaseURL() + '/api/lockCategories/bf1b122fd5630e0df8626d00c4a95c58') + .then(async res => { + if (res.status !== 200) { + done("non 200"); + } else { + const data = await res.json(); + if (data.length !== 1) { + done('Returned incorrect number of locks "' + data.length + '"'); + } else if (data[0].category !== "nonmusic") { + done(`Returned incorrect category "${data[0].category}"`); + } else { + done(); // pass + } + } + }) + .catch(err => ("couldn't call endpoint")); + }); + + it('Should be able to get multiple by similar hash', (done: Done) => { + fetch(getbaseURL() + '/api/lockCategories/b05a') + .then(async res => { + if (res.status !== 200) { + done("non 200"); + } else { + const data = await res.json(); + if (data.length !== 2) { + done(`Returned incorrect number of locks "${data.length}"`); + } else if (data[0].category !== "outro") { + done(`Returned incorrect category "${data[0].category}"`); + } else if (data[1].category !== "intro") { + done(`Returned incorrect category "${data[1].category}"`); + } else { + done(); // pass + } + } + }) + .catch(err => ("couldn't call endpoint")); + }); + + it('should return 404 once hash prefix varies', (done: Done) => { + fetch(getbaseURL() + '/api/lockCategories/aaaaaa') + .then(res => { + if (res.status !== 404) done('non 404 (' + res.status + ')'); + else done(); // pass + }) + .catch(err => ("couldn't call endpoint")); + }); + + it('should return 404 if no lock exists', (done: Done) => { + fetch(getbaseURL() + '/api/lockCategories/aaaaaa') + .then(res => { + if (res.status !== 404) done('non 404 (' + res.status + ')'); + else done(); // pass + }) + .catch(err => ("couldn't call endpoint")); + }); + + it('should return 400 if no videoID specified', (done: Done) => { + fetch(getbaseURL() + '/api/lockCategories/') + .then(res => { + if (res.status !== 400) done('non 400 (' + res.status + ')'); + else done(); // pass + }) + .catch(err => ("couldn't call endpoint")); + }); + + it('should return 400 if full hash sent', (done: Done) => { + fetch(getbaseURL() + '/api/lockCategories/b05a20424f24a53dac1b059fb78d861ba9723645026be2174c93a94f9106bb35') + .then(res => { + if (res.status !== 400) done('non 400 (' + res.status + ')'); + else done(); // pass + }) + .catch(err => ("couldn't call endpoint")); + }); +});