Merge pull request #143 from MRuy/feature/getuserinfo

Added getUserInfo endpoint

config.json.example

@@ -23,6 +23,8 @@
     "readOnly": false,
     "webhooks": [],
     "categoryList": ["sponsor", "intro", "outro", "interaction", "selfpromo", "music_offtopic"], // List of supported categories any other category will be rejected
+    "maxNumberOfActiveWarnings": 3, // Users with this number of warnings will be blocked until warnings expire
+    "hoursAfterWarningExpire": 24,
     "rateLimit": {
       "vote": {
         "windowMs": 900000, // 15 minutes

databases/_upgrade_sponsorTimes_4.sql

@@ -0,0 +1,12 @@
+BEGIN TRANSACTION;
+
+/* Create warnings table */
+CREATE TABLE "warnings" (
+    userID TEXT NOT NULL,
+    issueTime INTEGER NOT NULL,
+    issuerUserID TEXT NOT NULL
+);
+
+UPDATE config SET value = 4 WHERE key = "version";
+
+COMMIT;

src/app.js

@@ -27,8 +27,10 @@ var getViewsForUser = require('./routes/getViewsForUser.js');
 var getTopUsers = require('./routes/getTopUsers.js');
 var getTotalStats = require('./routes/getTotalStats.js');
 var getDaysSavedFormatted = require('./routes/getDaysSavedFormatted.js');
+var getUserInfo = require('./routes/getUserInfo.js');
 var postNoSegments = require('./routes/postNoSegments.js');
 var getIsUserVIP = require('./routes/getIsUserVIP.js');
+var warnUser = require('./routes/postWarning.js');
 var postSegmentShift = require('./routes/postSegmentShift.js');
 
 // Old Routes
@@ -105,6 +107,8 @@ app.get('/api/getTopUsers', getTopUsers);
 //send the total submissions, total views and total minutes saved
 app.get('/api/getTotalStats', getTotalStats);
 
+app.get('/api/getUserInfo', getUserInfo);
+
 //send out a formatted time saved total
 app.get('/api/getDaysSavedFormatted', getDaysSavedFormatted);
 
@@ -114,10 +118,12 @@ app.post('/api/noSegments', postNoSegments);
 //get if user is a vip
 app.get('/api/isUserVIP', getIsUserVIP);
 
+//sent user a warning
+app.post('/api/warnUser', warnUser);
+
 //get if user is a vip
 app.post('/api/segmentShift', postSegmentShift);
 
-
 app.get('/database.db', function (req, res) {
     res.sendFile("./databases/sponsorTimes.db", { root: "./" });
 });

src/config.js

@@ -20,7 +20,9 @@ addDefaults(config, {
   "privateDBSchema": "./databases/_private.db.sql",
   "readOnly": false,
   "webhooks": [],
-  "categoryList": ["sponsor", "intro", "outro", "interaction", "selfpromo", "music_offtopic"]
+  "categoryList": ["sponsor", "intro", "outro", "interaction", "selfpromo", "music_offtopic"],
+  "maxNumberOfActiveWarnings": 3,
+  "hoursAfterWarningExpires": 24
 })
 
 module.exports = config;

src/routes/getUserInfo.js

@@ -0,0 +1,82 @@
+const db = require('../databases/databases.js').db;
+const getHash = require('../utils/getHash.js');
+
+function dbGetSubmittedSegmentSummary (userID) {
+  try {
+    let row = db.prepare("get", "SELECT SUM(((endTime - startTime) / 60) * views) as minutesSaved, count(*) as segmentCount FROM sponsorTimes WHERE userID = ? AND votes > -2 AND shadowHidden != 1", [userID]);
+    if (row.minutesSaved != null) {
+      return {
+        minutesSaved: row.minutesSaved,
+        segmentCount: row.segmentCount,
+      };
+    } else {
+      return {
+        minutesSaved: 0,
+        segmentCount: 0,
+      };
+    }
+  } catch (err) {
+    return false;
+  }
+}
+
+function dbGetUsername (userID) {
+  try {
+    let row = db.prepare('get', "SELECT userName FROM userNames WHERE userID = ?", [userID]);
+    if (row !== undefined) {
+      return row.userName;
+    } else {
+      //no username yet, just send back the userID
+      return userID;
+    }
+  } catch (err) {
+    return false;
+  }
+}
+
+function dbGetViewsForUser (userID) {
+  try {
+    let row = db.prepare('get', "SELECT SUM(views) as viewCount FROM sponsorTimes WHERE userID = ? AND votes > -2 AND shadowHidden != 1", [userID]);
+    //increase the view count by one
+    if (row.viewCount != null) {
+      return row.viewCount;
+    } else {
+      return 0;
+    }
+  } catch (err) {
+    return false;
+  }
+}
+
+function dbGetWarningsForUser (userID) {
+  try {
+    let rows = db.prepare('all', "SELECT * FROM warnings WHERE userID = ?", [userID]);
+    return rows.length;
+  } catch (err) {
+    logger.error('Couldn\'t get warnings for user ' + userID + '. returning 0') ;
+    return 0;
+  }
+}
+
+module.exports = function getUserInfo (req, res) {
+  let userID = req.query.userID;
+
+  if (userID == undefined) {
+    //invalid request
+    res.status(400).send('Parameters are not valid');
+    return;
+  }
+
+  //hash the userID
+  userID = getHash(userID);
+  
+  const segmentsSummary = dbGetSubmittedSegmentSummary(userID);
+  res.send({
+    userID,
+    userName: dbGetUsername(userID),
+    minutesSaved: segmentsSummary.minutesSaved,
+    segmentCount: segmentsSummary.segmentCount,
+    viewCount: dbGetViewsForUser(userID),
+    warnings: dbGetWarningsForUser(userID)
+  });
+}

src/routes/postSkipSegments.js

@@ -270,6 +270,16 @@ module.exports = async function postSkipSegments(req, res) {
     //hash the ip 5000 times so no one can get it from the database
     let hashedIP = getHash(getIP(req) + config.globalSalt);
     
+    const MILLISECONDS_IN_HOUR = 3600000;
+    const now = Date.now();
+    let warningsCount = db.prepare('get', "SELECT count(1) as count FROM warnings WHERE userID = ? AND issueTime > ?",
+      [userID, Math.floor(now - (config.hoursAfterWarningExpires * MILLISECONDS_IN_HOUR))]
+    ).count;
+    
+    if (warningsCount >= config.maxNumberOfActiveWarnings) {
+      return res.status(403).send('Submission blocked. Too many active warnings!');
+    }
+
     let noSegmentList = db.prepare('all', 'SELECT category from noSegments where videoID = ?', [videoID]).map((list) => { return list.category });
     
     //check if this user is on the vip list

src/routes/postWarning.js

@@ -0,0 +1,24 @@
+const db = require('../databases/databases.js').db;
+const getHash = require('../utils/getHash.js');
+const isUserVIP = require('../utils/isUserVIP.js');
+const logger = require('../utils/logger.js');
+
+module.exports = (req, res) => {
+    // Collect user input data
+    let issuerUserID = getHash(req.body.issuerUserID);
+    let userID = getHash(req.body.userID);
+    let issueTime = new Date().getTime();
+
+    // Ensure user is a VIP
+    if (!isUserVIP(issuerUserID)) {
+        logger.debug("Permission violation: User " + issuerUserID + " attempted to warn user " + userID + "."); // maybe warn?
+        res.status(403).json({"message": "Not a VIP"});
+        return;
+    }
+
+    db.prepare('run', 'INSERT INTO warnings (userID, issueTime, issuerUserID) VALUES (?, ?, ?)', [userID, issueTime, issuerUserID]);
+    res.status(200).json({
+        message: "Warning issued to user '" + userID + "'."
+    });
+
+};

src/routes/voteOnSponsorTime.js

@@ -248,6 +248,16 @@ async function voteOnSponsorTime(req, res) {
         }
     }
     
+    const MILLISECONDS_IN_HOUR = 3600000;
+    const now = Date.now();
+    let warningsCount = db.prepare('get', "SELECT count(1) as count FROM warnings WHERE userID = ? AND issueTime > ?",
+      [nonAnonUserID, Math.floor(now - (config.hoursAfterWarningExpires * MILLISECONDS_IN_HOUR))]
+    ).count;
+    
+    if (warningsCount >= config.maxNumberOfActiveWarnings) {
+      return res.status(403).send('Vote blocked. Too many active warnings!');
+    }
+
     let voteTypeEnum = (type == 0 || type == 1) ? voteTypes.normal : voteTypes.incorrect;
 
     try {

test.json

@@ -50,6 +50,8 @@
         }
     ],
     "categoryList": ["sponsor", "intro", "outro", "interaction", "selfpromo", "music_offtopic"],
+    "maxNumberOfActiveWarnings": 3,
+    "hoursAfterWarningExpires": 24,
     "rateLimit": {
         "vote": {
           "windowMs": 900000,

test/cases/getUserInfo.js

@@ -0,0 +1,167 @@
+var request = require('request');
+var utils = require('../utils.js');
+var db = require('../../src/databases/databases.js').db;
+var getHash = require('../../src/utils/getHash.js');
+
+describe('getUserInfo', () => {
+  before(() => {
+    let startOfUserNamesQuery = "INSERT INTO userNames (userID, userName) VALUES";
+    db.exec(startOfUserNamesQuery + "('" + getHash("getuserinfo_user_01") + "', 'Username user 01')");
+    let startOfSponsorTimesQuery = "INSERT INTO sponsorTimes (videoID, startTime, endTime, votes, UUID, userID, timeSubmitted, views, category, shadowHidden) VALUES";
+    db.exec(startOfSponsorTimesQuery + "('xxxyyyzzz', 1, 11, 2, 'uuid000001', '" + getHash("getuserinfo_user_01") + "', 0, 10, 'sponsor', 0)");
+    db.exec(startOfSponsorTimesQuery + "('xxxyyyzzz', 1, 11, 2, 'uuid000002', '" + getHash("getuserinfo_user_01") + "', 0, 10, 'sponsor', 0)");
+    db.exec(startOfSponsorTimesQuery + "('yyyxxxzzz', 1, 11, -1, 'uuid000003', '" + getHash("getuserinfo_user_01") + "', 0, 10, 'sponsor', 0)");
+    db.exec(startOfSponsorTimesQuery + "('yyyxxxzzz', 1, 11, -2, 'uuid000004', '" + getHash("getuserinfo_user_01") + "', 0, 10, 'sponsor', 1)");
+    db.exec(startOfSponsorTimesQuery + "('xzzzxxyyy', 1, 11, -5, 'uuid000005', '" + getHash("getuserinfo_user_01") + "', 0, 10, 'sponsor', 1)");
+    db.exec(startOfSponsorTimesQuery + "('zzzxxxyyy', 1, 11, 2, 'uuid000006', '" + getHash("getuserinfo_user_02") + "', 0, 10, 'sponsor', 0)");
+    db.exec(startOfSponsorTimesQuery + "('xxxyyyzzz', 1, 11, 2, 'uuid000007', '" + getHash("getuserinfo_user_02") + "', 0, 10, 'sponsor', 1)");
+    db.exec(startOfSponsorTimesQuery + "('xxxyyyzzz', 1, 11, 2, 'uuid000008', '" + getHash("getuserinfo_user_02") + "', 0, 10, 'sponsor', 1)");
+
+
+    db.exec("INSERT INTO warnings (userID, issueTime, issuerUserID) VALUES ('" + getHash('getuserinfo_warning_0') + "', 10, 'getuserinfo_vip')");
+    db.exec("INSERT INTO warnings (userID, issueTime, issuerUserID) VALUES ('" + getHash('getuserinfo_warning_1') + "', 10, 'getuserinfo_vip')");
+    db.exec("INSERT INTO warnings (userID, issueTime, issuerUserID) VALUES ('" + getHash('getuserinfo_warning_1') + "', 10, 'getuserinfo_vip')");
+  });
+
+  it('Should be able to get a 200', (done) => {
+    request.get(utils.getbaseURL()
+     + '/api/getUserInfo?userID=getuserinfo_user_01', null,
+      (err, res, body) => {
+        if (err) {
+          done('couldn\'t call endpoint');
+        } else {
+          if (res.statusCode !== 200) {
+            done('non 200 (' + res.statusCode + ')');
+          } else {
+            done(); // pass
+          }
+        }
+      });
+  });
+
+  it('Should be able to get a 400 (No userID parameter)', (done) => {
+    request.get(utils.getbaseURL()
+     + '/api/getUserInfo', null,
+      (err, res, body) => {
+        if (err) {
+          done('couldn\'t call endpoint');
+        } else {
+          if (res.statusCode !== 400) {
+            done('non 400');
+          } else {
+            done(); // pass
+          }
+        }
+      });
+  });
+
+  it('Should return info', (done) => {
+    request.get(utils.getbaseURL()
+     + '/api/getUserInfo?userID=getuserinfo_user_01', null,
+      (err, res, body) => {
+        if (err) {
+          done("couldn't call endpoint");
+        } else {
+          if (res.statusCode !== 200) {
+            done("non 200");
+          } else {
+            const data = JSON.parse(body);
+            if (data.userName !== 'Username user 01') {
+              done('Returned incorrect userName "' + data.userName + '"');
+            } else if (data.minutesSaved !== 5) {
+              done('Returned incorrect minutesSaved "' + data.minutesSaved + '"');
+            } else if (data.viewCount !== 30) {
+              done('Returned incorrect viewCount "' + data.viewCount + '"');
+            } else if (data.segmentCount !== 3) {
+              done('Returned incorrect segmentCount "' + data.segmentCount + '"');
+            }  else {
+              done(); // pass
+            }
+          }
+        }
+      });
+  });
+
+  it('Should get warning data', (done) => {
+    request.get(utils.getbaseURL()
+     + '/api/getUserInfo?userID=getuserinfo_warning_0', null,
+      (err, res, body) => {
+        if (err) {
+          done("couldn't call endpoint");
+        } else {
+          if (res.statusCode !== 200) {
+            done("non 200");
+          } else {
+            const data = JSON.parse(body);
+            if (data.warnings !== 1) {
+              done('wrong number of warnings: ' + data.warnings + ', not ' + 1);
+            } else {
+              done(); // pass
+            }
+          }
+        }
+      });
+  });
+
+  it('Should get multiple warnings', (done) => {
+    request.get(utils.getbaseURL()
+     + '/api/getUserInfo?userID=getuserinfo_warning_1', null,
+      (err, res, body) => {
+        if (err) {
+          done("couldn't call endpoint");
+        } else {
+          if (res.statusCode !== 200) {
+            done("non 200");
+          } else {
+            const data = JSON.parse(body);
+            if (data.warnings !== 2) {
+              done('wrong number of warnings: ' + data.warnings + ', not ' + 2);
+            } else {
+              done(); // pass
+            }
+          }
+        }
+      });
+  });
+
+  it('Should not get warnings if noe', (done) => {
+    request.get(utils.getbaseURL()
+     + '/api/getUserInfo?userID=getuserinfo_warning_2', null,
+      (err, res, body) => {
+        if (err) {
+          done("couldn't call endpoint");
+        } else {
+          if (res.statusCode !== 200) {
+            done("non 200");
+          } else {
+            const data = JSON.parse(body);
+            if (data.warnings !== 0) {
+              done('wrong number of warnings: ' + data.warnings + ', not ' + 0);
+            } else {
+              done(); // pass
+            }
+          }
+        }
+      });
+  });
+
+  it('Should return userID for userName (No userName set)', (done) => {
+    request.get(utils.getbaseURL()
+     + '/api/getUserInfo?userID=getuserinfo_user_02', null,
+      (err, res, body) => {
+        if (err) {
+          done('couldn\'t call endpoint');
+        } else {
+          if (res.statusCode !== 200) {
+            done('non 200');
+          } else {
+            const data = JSON.parse(body);
+            if (data.userName !== 'c2a28fd225e88f74945794ae85aef96001d4a1aaa1022c656f0dd48ac0a3ea0f') {
+              return done('Did not return userID for userName');
+            }
+            done(); // pass
+          }
+        }
+      });
+  });
+});

test/cases/postSkipSegments.js

@@ -1,5 +1,7 @@
 var assert = require('assert');
 var request = require('request');
+var config = require('../../src/config.js');
+var getHash = require('../../src/utils/getHash.js');
 
 var utils = require('../utils.js');
 
@@ -7,6 +9,24 @@ var databases = require('../../src/databases/databases.js');
 var db = databases.db;
 
 describe('postSkipSegments', () => {
+  before(() => {
+    const now = Date.now();
+    const warnVip01Hash = getHash("warn-vip01");
+    const warnUser01Hash = getHash("warn-user01");
+    const warnUser02Hash = getHash("warn-user02");
+    const MILLISECONDS_IN_HOUR = 3600000;
+    const warningExpireTime = MILLISECONDS_IN_HOUR * config.hoursAfterWarningExpires;
+    const startOfWarningQuery = 'INSERT INTO warnings (userID, issueTime, issuerUserID) VALUES';
+    db.exec(startOfWarningQuery + "('" + warnUser01Hash + "', '" + now + "', '" + warnVip01Hash + "')");
+    db.exec(startOfWarningQuery + "('" + warnUser01Hash + "', '" + (now-1000) + "', '" + warnVip01Hash + "')");
+    db.exec(startOfWarningQuery + "('" + warnUser01Hash + "', '" + (now-2000) + "', '" + warnVip01Hash + "')");
+    db.exec(startOfWarningQuery + "('" + warnUser01Hash + "', '" + (now-3601000) + "', '" + warnVip01Hash + "')");
+    db.exec(startOfWarningQuery + "('" + warnUser02Hash + "', '" + now + "', '" + warnVip01Hash + "')");
+    db.exec(startOfWarningQuery + "('" + warnUser02Hash + "', '" + now + "', '" + warnVip01Hash + "')");
+    db.exec(startOfWarningQuery + "('" + warnUser02Hash + "', '" + (now-(warningExpireTime + 1000)) + "', '" + warnVip01Hash + "')");
+    db.exec(startOfWarningQuery + "('" + warnUser02Hash + "', '" + (now-(warningExpireTime + 2000)) + "', '" + warnVip01Hash + "')");
+  });
+  
   it('Should be able to submit a single time (Params method)', (done) => {
     request.post(utils.getbaseURL()
      + "/api/postVideoSponsorTimes?videoID=dQw4w9WgXcR&startTime=2&endTime=10&userID=test&category=sponsor", null,
@@ -130,6 +150,50 @@ describe('postSkipSegments', () => {
       });
   });
 
+  it('Should be rejected if user has to many active warnings', (done) => {
+    request.post(utils.getbaseURL()
+     + "/api/postVideoSponsorTimes", {
+       json: {
+          userID: "warn-user01",
+          videoID: "dQw4w9WgXcF",
+          segments: [{
+            segment: [0, 10],
+            category: "sponsor"
+          }]
+       }
+     },
+      (err, res, body) => {
+        if (err) done(err);
+        else if (res.statusCode === 403) {
+          done(); // success
+        } else {
+          done("Status code was " + res.statusCode);
+        }
+      });
+  });
+
+  it('Should be accepted if user has some active warnings', (done) => {
+    request.post(utils.getbaseURL()
+     + "/api/postVideoSponsorTimes", {
+       json: {
+          userID: "warn-user02",
+          videoID: "dQw4w9WgXcF",
+          segments: [{
+            segment: [50, 60],
+            category: "sponsor"
+          }]
+       }
+     },
+      (err, res, body) => {
+        if (err) done(err);
+        else if (res.statusCode === 200) {
+          done(); // success
+        } else {
+          done("Status code was " + res.statusCode + " " + body);
+        }
+      });
+  });
+
   it('Should be allowed if youtube thinks duration is 0', (done) => {
     request.get(utils.getbaseURL()
      + "/api/postVideoSponsorTimes?videoID=noDuration&startTime=30&endTime=10000&userID=testing", null,

test/cases/postWarning.js

@@ -0,0 +1,47 @@
+var request = require('request');
+var utils = require('../utils.js');
+var db = require('../../src/databases/databases.js').db;
+var getHash = require('../../src/utils/getHash.js');
+
+describe('postWarning', () => {
+    before(() => {
+      db.exec("INSERT INTO vipUsers (userID) VALUES ('" + getHash("warning-vip") + "')");
+    });
+  
+    it('Should be able to create warning if vip (exp 200)', (done) => {
+        let json = {
+            issuerUserID: 'warning-vip',
+            userID: 'warning-0'
+        };
+
+        request.post(utils.getbaseURL() 
+          + "/api/warnUser", {json}, 
+          (err, res, body) => {
+            if (err) done(err);
+            else if (res.statusCode === 200) {
+                done();
+            } else {
+                console.log(body);
+                done("Status code was " + res.statusCode);
+            }
+        });
+    });
+    it('Should not be able to create warning if vip (exp 403)', (done) => {
+        let json = {
+            issuerUserID: 'warning-not-vip',
+            userID: 'warning-1'
+        };
+
+        request.post(utils.getbaseURL() 
+          + "/api/warnUser", {json}, 
+          (err, res, body) => {
+            if (err) done(err);
+            else if (res.statusCode === 403) {
+                done();
+            } else {
+                console.log(body);
+                done("Status code was " + res.statusCode);
+            }
+        });
+    });
+});

test/cases/voteOnSponsorTime.js

@@ -1,11 +1,19 @@
 const request = require('request');
+const config = require('../../src/config.js');
 const { db, privateDB } = require('../../src/databases/databases.js');
 const utils = require('../utils.js');
 const getHash = require('../../src/utils/getHash.js');
 
 describe('voteOnSponsorTime', () => {
   before(() => {
+    const now = Date.now();
+    const warnVip01Hash = getHash("warn-vip01");
+    const warnUser01Hash = getHash("warn-voteuser01");
+    const warnUser02Hash = getHash("warn-voteuser02");
+    const MILLISECONDS_IN_HOUR = 3600000;
+    const warningExpireTime = MILLISECONDS_IN_HOUR * config.hoursAfterWarningExpires;
     let startOfQuery = "INSERT INTO sponsorTimes (videoID, startTime, endTime, votes, UUID, userID, timeSubmitted, views, category, shadowHidden, hashedVideoID) VALUES";
+    const startOfWarningQuery = 'INSERT INTO warnings (userID, issueTime, issuerUserID) VALUES';
     
     db.exec(startOfQuery + "('vote-testtesttest', 1, 11, 2, 'vote-uuid-0', 'testman', 0, 50, 'sponsor', 0, '" + getHash('vote-testtesttest', 1) + "')");
     db.exec(startOfQuery + "('vote-testtesttest2', 1, 11, 2, 'vote-uuid-1', 'testman', 0, 50, 'sponsor', 0, '" + getHash('vote-testtesttest2', 1) + "')");
@@ -25,6 +33,17 @@ describe('voteOnSponsorTime', () => {
     db.exec(startOfQuery + "('not-own-submission-video', 1, 11, 500, 'not-own-submission-uuid', '"+ getHash('somebody-else-id') +"', 0, 50, 'sponsor', 0, '" + getHash('not-own-submission-video', 1) + "')");
     db.exec(startOfQuery + "('incorrect-category', 1, 11, 500, 'incorrect-category', '"+ getHash('somebody-else-id') +"', 0, 50, 'sponsor', 0, '" + getHash('incorrect-category', 1) + "')");
     db.exec(startOfQuery + "('incorrect-category-change', 1, 11, 500, 'incorrect-category-change', '"+ getHash('somebody-else-id') +"', 0, 50, 'sponsor', 0, '" + getHash('incorrect-category-change', 1) + "')");
+    db.exec(startOfQuery + "('vote-testtesttest', 1, 11, 2, 'warnvote-uuid-0', 'testman', 0, 50, 'sponsor', 0, '" + getHash('vote-testtesttest', 1) + "')");
+    
+    db.exec(startOfWarningQuery + "('" + warnUser01Hash + "', '" + now + "', '" + warnVip01Hash + "')");
+    db.exec(startOfWarningQuery + "('" + warnUser01Hash + "', '" + (now-1000) + "', '" + warnVip01Hash + "')");
+    db.exec(startOfWarningQuery + "('" + warnUser01Hash + "', '" + (now-2000) + "', '" + warnVip01Hash + "')");
+    db.exec(startOfWarningQuery + "('" + warnUser01Hash + "', '" + (now-3601000) + "', '" + warnVip01Hash + "')");
+    db.exec(startOfWarningQuery + "('" + warnUser02Hash + "', '" + now + "', '" + warnVip01Hash + "')");
+    db.exec(startOfWarningQuery + "('" + warnUser02Hash + "', '" + now + "', '" + warnVip01Hash + "')");
+    db.exec(startOfWarningQuery + "('" + warnUser02Hash + "', '" + (now-(warningExpireTime + 1000)) + "', '" + warnVip01Hash + "')");
+    db.exec(startOfWarningQuery + "('" + warnUser02Hash + "', '" + (now-(warningExpireTime + 2000)) + "', '" + warnVip01Hash + "')");
+
 
     db.exec("INSERT INTO vipUsers (userID) VALUES ('" + getHash("VIPUser") + "')");
     privateDB.exec("INSERT INTO shadowBannedUsers (userID) VALUES ('" + getHash("randomID4") + "')");
@@ -332,4 +351,17 @@ describe('voteOnSponsorTime', () => {
     });
   });
 
+  it('Should not be able to upvote a segment (Too many warning)', (done) => {
+    request.get(utils.getbaseURL() 
+     + "/api/voteOnSponsorTime?userID=warn-voteuser01&UUID=warnvote-uuid-0&type=1", null, 
+      (err, res, body) => {
+        if (err) done(err);
+        else if (res.statusCode === 403) {
+          done(); // success
+        } else {
+          done("Status code was " + res.statusCode);
+        }
+    });
+  });
+
 });