add word blacklist

InfinityBotList · Jun 13, 2024 · 2405828 · 2405828
1 parent 16b9306
commit 2405828
Show file tree

Hide file tree

Showing 6 changed files with 75 additions and 5 deletions.
diff --git a/cmd/helper_scripts/mkiblseed b/cmd/helper_scripts/mkiblseed
@@ -2,7 +2,7 @@
 CDN_PATH=/silverpelt/cdn/ibl/dev
 GIT_PATH=~/Popplio/staging/data
 
-ibl db new seed ${GIT_PATH}/seed.iblseed --db infinity --backup-tables automated_vote_resets,bot_whitelist,changelogs,partner_types,staff_template_types,staff_templates,shop_items,shop_item_benefits,staff_positions --extensions uuid-ossp\|citext\|semver,https://github.com/theory/pg-semver
+ibl db new seed ${GIT_PATH}/seed.iblseed --db infinity --backup-tables automated_vote_resets,bot_whitelist,changelogs,partner_types,staff_template_types,staff_templates,shop_items,shop_item_benefits,staff_positions,blacklisted_words --extensions uuid-ossp\|citext\|semver,https://github.com/theory/pg-semver
 cp ${GIT_PATH}/seed.iblseed ${CDN_PATH}/seed.iblseed
 
 ibl db gen-ci-schema ${GIT_PATH}/seed-ci.json

diff --git a/data/seed-ci.json b/data/seed-ci.json
diff --git a/data/seed.iblseed b/data/seed.iblseed
diff --git a/routes/packs/endpoints/add_pack/route.go b/routes/packs/endpoints/add_pack/route.go
@@ -4,10 +4,15 @@ import (
 	"net/http"
 	"popplio/state"
 	"popplio/types"
+	"popplio/validators"
+	"slices"
+	"strings"
+	"unicode"
 
 	docs "github.com/infinitybotlist/eureka/doclib"
 	"github.com/infinitybotlist/eureka/dovewing"
 	"github.com/infinitybotlist/eureka/uapi"
+	"go.uber.org/zap"
 
 	"github.com/go-playground/validator/v10"
 )
@@ -57,6 +62,31 @@ func Route(d uapi.RouteData, r *http.Request) uapi.HttpResponse {
 		return uapi.ValidatorErrorResponse(compiledMessages, errors)
 	}
 
+	// Strip out unicode characters and validate pack URL
+	payload.URL = strings.Map(func(r rune) rune {
+		if r > unicode.MaxASCII {
+			return -1
+		}
+		return r
+	}, payload.URL)
+
+	systems, err := validators.GetWordBlacklistSystems(d.Context, payload.URL)
+
+	if err != nil {
+		state.Logger.Error("Error while getting word blacklist systems", zap.Error(err), zap.String("userID", d.Auth.ID))
+		return uapi.HttpResponse{
+			Status: http.StatusBadRequest,
+			Json:   types.ApiError{Message: "Error while getting word blacklist systems: " + err.Error()},
+		}
+	}
+
+	if slices.Contains(systems, "pack.url") {
+		return uapi.HttpResponse{
+			Status: http.StatusBadRequest,
+			Json:   types.ApiError{Message: "The chosen pack url is blacklisted"},
+		}
+	}
+
 	// Check that all bots exist
 	for _, bot := range payload.Bots {
 		botUser, err := dovewing.GetUser(d.Context, bot, state.DovewingPlatformDiscord)

diff --git a/routes/vanity/endpoints/patch_vanity/route.go b/routes/vanity/endpoints/patch_vanity/route.go
@@ -2,12 +2,14 @@ package patch_vanity
 
 import (
 	"net/http"
+	"slices"
 	"strings"
 	"unicode"
 
 	"popplio/state"
 	"popplio/teams"
 	"popplio/types"
+	"popplio/validators"
 
 	docs "github.com/infinitybotlist/eureka/doclib"
 	"github.com/infinitybotlist/eureka/uapi"
@@ -103,18 +105,29 @@ func Route(d uapi.RouteData, r *http.Request) uapi.HttpResponse {
 		}
 	}
 
-	// Strip out unicode characters
+	// Strip out unicode characters and validate vanity
 	vanity = strings.Map(func(r rune) rune {
 		if r > unicode.MaxASCII {
 			return -1
 		}
 		return r
 	}, vanity)
 
-	if vanity == "undefined" || vanity == "null" || vanity == "blog" || vanity == "help" {
+	systems, err := validators.GetWordBlacklistSystems(d.Context, vanity)
+
+	if err != nil {
+		state.Logger.Error("Error while getting word blacklist systems", zap.Error(err), zap.String("userID", d.Auth.ID))
+		return uapi.HttpResponse{
+			Status: http.StatusBadRequest,
+			Json:   types.ApiError{Message: "Error while getting word blacklist systems: " + err.Error()},
+		}
+
+	}
+
+	if slices.Contains(systems, "vanity.code") {
 		return uapi.HttpResponse{
 			Status: http.StatusBadRequest,
-			Json:   types.ApiError{Message: "Vanity cannot be undefined, blog, help or null"},
+			Json:   types.ApiError{Message: "The chosen vanity is blacklisted"},
 		}
 	}
 

diff --git a/validators/check_blacklisted_words.go b/validators/check_blacklisted_words.go
@@ -0,0 +1,27 @@
+package validators
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"popplio/state"
+
+	"github.com/jackc/pgx/v5"
+)
+
+// Returns the system for which this word is blacklisted
+func GetWordBlacklistSystems(ctx context.Context, word string) ([]string, error) {
+	var systems []string
+
+	err := state.Pool.QueryRow(ctx, "SELECT systems FROM blacklisted_words WHERE word = $1", word).Scan(&systems)
+
+	if errors.Is(err, pgx.ErrNoRows) {
+		return nil, nil
+	}
+
+	if err != nil {
+		return nil, fmt.Errorf("failed to get blacklisted word: %w", err)
+	}
+
+	return systems, nil
+}