vale
/
panel
forked from administration/panel
1
0
Fork 0
Code Pull Requests Activity

feat: case system

main
Paul Makles 2023-11-26 13:11:44 +00:00
parent e9b623f60d
commit eb0bd7a7c9
No known key found for this signature in database
GPG Key ID: 5059F398521BB0F6
12 changed files with 675 additions and 134 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
app/panel/cases/[id]/page.tsx Normal file
View File

@ -0,0 +1,41 @@
import { ReportCard } from "@/components/cards/ReportCard";
import { CardLink } from "@/components/common/CardLink";
import { NavigationToolbar } from "@/components/common/NavigationToolbar";
import { CaseActions } from "@/components/pages/inspector/CaseActions";
import { fetchCaseById, fetchReportsByCase } from "@/lib/db";
import { PizzaIcon } from "lucide-react";
import { notFound } from "next/navigation";
export default async function Reports({ params }: { params: { id: string } }) {
const Case = await fetchCaseById(params.id);
if (!Case) return notFound();
const reports = await fetchReportsByCase(params.id);
return (
<div className="flex flex-col gap-2">
<NavigationToolbar>Viewing Case</NavigationToolbar>
<CaseActions Case={Case} />
<div className="flex flex-col gap-2">
<h1 className="text-2xl">Reports</h1>
{reports.length ? (
reports.map((report) => (
<CardLink key={report._id} href={`/panel/reports/${report._id}`}>
<ReportCard report={report} />
</CardLink>
))
) : (
<>
<h2 className="mt-8 flex justify-center">
<PizzaIcon className="text-gray-400" />
</h2>
<h3 className="text-xs text-center pb-2 text-gray-400">
No reports added yet.
</h3>
</>
)}
</div>
</div>
);
}

37
app/panel/cases/page.tsx Normal file
View File

@ -0,0 +1,37 @@
import { CaseCard } from "@/components/cards/CaseCard";
import { CardLink } from "@/components/common/CardLink";
import { CreateCase } from "@/components/common/CreateCase";
import { fetchOpenCases } from "@/lib/db";
import { PizzaIcon } from "lucide-react";
export default async function Reports() {
const cases = (await fetchOpenCases()).reverse();
return (
<div className="flex flex-col gap-8">
<div className="flex flex-col gap-2">
<div className="flex flex-row gap-2 items-center">
<CreateCase />
<h1 className="text-2xl">Open Cases</h1>
</div>
{cases.length ? (
cases.map((entry) => (
<CardLink key={entry._id} href={`/panel/cases/${entry._id}`}>
<CaseCard entry={entry} />
</CardLink>
))
) : (
<>
<h2 className="mt-8 flex justify-center">
<PizzaIcon className="text-gray-400" />
</h2>
<h3 className="text-xs text-center pb-2 text-gray-400">
No cases currently open.
</h3>
</>
)}
</div>
</div>
);
}

51
app/panel/reports/page.tsx
View File

@ -13,12 +13,15 @@ export default async function Reports() {
const byCategory: Record<string, Report[]> = { const byCategory: Record<string, Report[]> = {
Urgent: [], Urgent: [],
All: [], All: [],
AssignedToCase: [],
}; };
const keyOrder = ["Urgent", "All"]; const keyOrder = ["Urgent", "All"];
const countsByAuthor: Record<string, number> = {}; const countsByAuthor: Record<string, number> = {};
for (const report of reports) { for (const report of reports) {
if (report.content.report_reason.includes("Illegal")) { if (report.case_id) {
byCategory.AssignedToCase.push(report);
} else if (report.content.report_reason.includes("Illegal")) {
byCategory.Urgent.push(report); byCategory.Urgent.push(report);
} else { } else {
countsByAuthor[report.author_id] = countsByAuthor[report.author_id] =
@ -50,21 +53,23 @@ export default async function Reports() {
<div className="flex flex-col gap-8"> <div className="flex flex-col gap-8">
{/*<Input placeholder="Search for reports..." disabled />*/} {/*<Input placeholder="Search for reports..." disabled />*/}
{reports.length ? ( {reports.length ? (
keyOrder.map((key) => { keyOrder
return ( .filter((key) => byCategory[key].length)
<div key={key} className="flex flex-col gap-2"> .map((key) => {
<h1 className="text-2xl">{authorNames[key] ?? key}</h1> return (
{byCategory[key].map((report) => ( <div key={key} className="flex flex-col gap-2">
<CardLink <h1 className="text-2xl">{authorNames[key] ?? key}</h1>
key={report._id} {byCategory[key].map((report) => (
href={`/panel/reports/${report._id}`} <CardLink
> key={report._id}
<ReportCard report={report} /> href={`/panel/reports/${report._id}`}
</CardLink> >
))}{" "} <ReportCard report={report} />
</div> </CardLink>
); ))}{" "}
}) </div>
);
})
) : ( ) : (
<> <>
<h2 className="mt-8 flex justify-center"> <h2 className="mt-8 flex justify-center">
@ -75,6 +80,20 @@ export default async function Reports() {
</h3> </h3>
</> </>
)} )}
{byCategory["AssignedToCase"].length && (
<details>
<summary>
<h1 className="text-xl inline">Reports assigned to cases</h1>
</summary>
<div className="flex flex-col gap-2">
{byCategory["AssignedToCase"].map((report) => (
<CardLink key={report._id} href={`/panel/reports/${report._id}`}>
<ReportCard report={report} />
</CardLink>
))}
</div>
</details>
)}
</div> </div>
); );
} }

32
components/cards/CaseCard.tsx Normal file
View File

@ -0,0 +1,32 @@
import { Report } from "revolt-api";
import { Card, CardDescription, CardHeader, CardTitle } from "../ui/card";
import { Badge } from "../ui/badge";
import dayjs from "dayjs";
import { decodeTime } from "ulid";
import relativeTime from "dayjs/plugin/relativeTime";
import { CaseDocument } from "@/lib/db";
dayjs.extend(relativeTime);
export function CaseCard({ entry: entry }: { entry: CaseDocument }) {
return (
<Card>
<CardHeader>
<CardTitle
className={`overflow-ellipsis whitespace-nowrap overflow-x-clip ${
entry.status !== "Open" ? "text-gray-500" : ""
}`}
>
{entry.title || "No reason specified"}
</CardTitle>
<CardDescription>
{entry._id.toString().substring(20, 26)} &middot;{" "}
{dayjs(decodeTime(entry._id)).fromNow()} &middot; {entry.author}{" "}
{entry.status !== "Open" && entry.closed_at && (
<>&middot; Closed {dayjs(entry.closed_at).fromNow()}</>
)}
</CardDescription>
</CardHeader>
</Card>
);
}

54
components/common/CreateCase.tsx Normal file
View File

@ -0,0 +1,54 @@
"use client";
import { Plus } from "lucide-react";
import { Button } from "../ui/button";
import { Popover, PopoverContent, PopoverTrigger } from "../ui/popover";
import { Label } from "../ui/label";
import { Input } from "../ui/input";
import { useState } from "react";
import { createCase } from "@/lib/db";
import { useRouter } from "next/navigation";
export function CreateCase() {
const [title, setTitle] = useState("");
const router = useRouter();
return (
<Popover>
<PopoverTrigger asChild>
<Button variant="outline" size="icon">
<Plus className="h-4 w-4" />
</Button>
</PopoverTrigger>
<PopoverContent className="w-80">
<div className="grid gap-4">
<div className="space-y-2">
<h4 className="font-medium leading-none">Create Case</h4>
</div>
<div className="grid gap-2">
<div className="grid grid-cols-3 items-center gap-4">
<Label htmlFor="description">Title</Label>
<Input
id="description"
className="col-span-2 h-8"
value={title}
onChange={(e) => setTitle(e.currentTarget.value)}
/>
</div>
<Button
variant="secondary"
onClick={() => {
if (!title) return;
createCase(title).then((id) =>
router.push(`/panel/cases/${id}`)
);
}}
>
Create
</Button>
</div>
</div>
</PopoverContent>
</Popover>
);
}

7
components/common/NavigationLinks.tsx
View File

@ -11,6 +11,7 @@ import {
Siren, Siren,
Sparkles, Sparkles,
TrendingUp, TrendingUp,
BookCopy,
} from "lucide-react"; } from "lucide-react";
export function NavigationLinks() { export function NavigationLinks() {
@ -34,6 +35,12 @@ export function NavigationLinks() {
> >
<Siren className="h-4 w-4" /> <Siren className="h-4 w-4" />
</Link> </Link>
<Link
className={buttonVariants({ variant: "outline", size: "icon" })}
href="/panel/cases"
>
<BookCopy className="h-4 w-4" />
</Link>
<Link <Link
className={buttonVariants({ variant: "outline", size: "icon" })} className={buttonVariants({ variant: "outline", size: "icon" })}
href="/panel/inspect" href="/panel/inspect"

4
components/common/NavigationToolbar.tsx
View File

@ -16,7 +16,7 @@ export function NavigationToolbar({ children }: { children: string }) {
<Button variant="outline" size="icon" onClick={() => router.back()}> <Button variant="outline" size="icon" onClick={() => router.back()}>
<ArrowLeft className="h-4 w-4" /> <ArrowLeft className="h-4 w-4" />
</Button> </Button>
<Popover> {/* <Popover>
<PopoverTrigger asChild> <PopoverTrigger asChild>
<Button variant="outline" size="icon"> <Button variant="outline" size="icon">
<Star <Star
@ -49,7 +49,7 @@ export function NavigationToolbar({ children }: { children: string }) {
</div> </div>
</div> </div>
</PopoverContent> </PopoverContent>
</Popover> </Popover> */}
<h2 className="text-2xl">{children}</h2> <h2 className="text-2xl">{children}</h2>
</div> </div>
); );

95
components/pages/inspector/CaseActions.tsx Normal file
View File

@ -0,0 +1,95 @@
"use client";
import { Textarea } from "../../ui/textarea";
import { Button } from "../../ui/button";
import { useState } from "react";
import { useToast } from "../../ui/use-toast";
import { CaseDocument } from "@/lib/db";
import { CaseCard } from "@/components/cards/CaseCard";
import { closeCase, reopenCase, updateCaseNotes } from "@/lib/actions";
export function CaseActions({ Case }: { Case: CaseDocument }) {
const { toast } = useToast();
const [caseDraft, setDraft] = useState(Case);
return (
<>
<CaseCard entry={Case} />
<Textarea
cols={8}
placeholder="Enter notes here... (save on unfocus)"
className="!min-h-0 !h-[76px]"
defaultValue={Case.notes}
onBlur={async (e) => {
const notes = e.currentTarget.value;
if (notes === caseDraft.notes ?? "") return;
try {
await updateCaseNotes(Case._id, notes);
setDraft((c) => ({ ...c, notes }));
toast({
title: "Updated report notes",
});
} catch (err) {
toast({
title: "Failed to update report notes",
description: String(err),
variant: "destructive",
});
}
}}
/>
<div className="flex gap-2">
{caseDraft.status === "Open" ? (
<>
<Button
className="flex-1 bg-green-400 hover:bg-green-300"
onClick={async () => {
try {
const $set = await closeCase(Case._id);
setDraft((c) => ({ ...c, ...$set }));
toast({
title: "Closed case",
});
} catch (err) {
toast({
title: "Failed to close case",
description: String(err),
variant: "destructive",
});
}
}}
>
Close Case
</Button>
</>
) : (
<>
<Button
className="flex-1"
onClick={async () => {
try {
const $set = await reopenCase(Case._id);
setDraft((c) => ({ ...c, ...$set }));
toast({
title: "Opened case again",
});
} catch (err) {
toast({
title: "Failed to re-open case",
description: String(err),
variant: "destructive",
});
}
}}
>
Re-open Case
</Button>
</>
)}
</div>
</>
);
}

77
components/pages/inspector/ReportActions.tsx
View File

@ -14,6 +14,7 @@ import {
import { useState } from "react"; import { useState } from "react";
import { useToast } from "../../ui/use-toast"; import { useToast } from "../../ui/use-toast";
import { import {
assignReportToCase,
rejectReport, rejectReport,
reopenReport, reopenReport,
resolveReport, resolveReport,
@ -32,6 +33,10 @@ import {
AlertDialogTrigger, AlertDialogTrigger,
} from "../../ui/alert-dialog"; } from "../../ui/alert-dialog";
import { ReportCard } from "../../cards/ReportCard"; import { ReportCard } from "../../cards/ReportCard";
import { Popover } from "@radix-ui/react-popover";
import { PopoverContent, PopoverTrigger } from "@/components/ui/popover";
import { CaseDocument, ReportDocument, fetchOpenCases } from "@/lib/db";
import { CaseCard } from "@/components/cards/CaseCard";
const template: Record<string, (ref: string) => string> = { const template: Record<string, (ref: string) => string> = {
resolved: (ref) => resolved: (ref) =>
@ -54,11 +59,12 @@ export function ReportActions({
report, report,
reference, reference,
}: { }: {
report: Report; report: ReportDocument;
reference: string; reference: string;
}) { }) {
const { toast } = useToast(); const { toast } = useToast();
const [reportDraft, setDraft] = useState(report); const [reportDraft, setDraft] = useState(report);
const [availableCases, setAvailableCases] = useState<CaseDocument[]>([]);
function rejectHandler(reason: string) { function rejectHandler(reason: string) {
return async () => { return async () => {
@ -83,6 +89,7 @@ export function ReportActions({
<ReportCard report={reportDraft} /> <ReportCard report={reportDraft} />
<Textarea <Textarea
cols={8}
placeholder="Enter notes here... (save on unfocus)" placeholder="Enter notes here... (save on unfocus)"
className="!min-h-0 !h-[76px]" className="!min-h-0 !h-[76px]"
defaultValue={report.notes} defaultValue={report.notes}
@ -106,6 +113,74 @@ export function ReportActions({
}} }}
/> />
{reportDraft.case_id ? (
<Button
variant="destructive"
onClick={async () => {
try {
const $set = await assignReportToCase(report._id);
setDraft((report) => ({ ...report, ...$set }));
toast({
title: "Removed report from case",
});
} catch (err) {
toast({
title: "Failed to resolve report",
description: String(err),
variant: "destructive",
});
}
}}
>
Remove from case
</Button>
) : (
<Popover>
<PopoverTrigger asChild>
<Button
variant="outline"
onClick={() => {
fetchOpenCases().then(setAvailableCases);
}}
>
Add to case
</Button>
</PopoverTrigger>
<PopoverContent className="w-80">
<div className="grid gap-4">
<div className="space-y-2">
<h4 className="font-medium leading-none">Open Cases</h4>
{availableCases.map((entry) => (
<a
key={entry._id}
onClick={async () => {
try {
const $set = await assignReportToCase(
report._id,
entry._id
);
setDraft((report) => ({ ...report, ...$set }));
toast({
title: "Assigned report to case",
});
} catch (err) {
toast({
title: "Failed to resolve report",
description: String(err),
variant: "destructive",
});
}
}}
>
<CaseCard entry={entry} />
</a>
))}
</div>
</div>
</PopoverContent>
</Popover>
)}
<div className="flex gap-2"> <div className="flex gap-2">
{reportDraft.status === "Created" ? ( {reportDraft.status === "Created" ? (
<> <>

35
lib/accessPermissions.ts
View File

@ -3,15 +3,8 @@ import { SafetyNotes, insertAuditLog } from "./db";
type Permission = type Permission =
| `authifier${ | `authifier${
| ""
| `/classification${
| "" | ""
| "/fetch" | `/classification${"" | "/fetch" | "/create" | "/update" | "/delete"}`}`
| "/create"
| "/update"
| "/delete"
}`
}`
| "publish_message" | "publish_message"
| "chat_message" | "chat_message"
| `accounts${ | `accounts${
@ -31,19 +24,30 @@ type Permission =
| `/create${"" | "/dm" | "/invites"}` | `/create${"" | "/dm" | "/invites"}`
| `/update${"" | "/invites"}`}` | `/update${"" | "/invites"}`}`
| `messages${"" | `/fetch${"" | "/by-id" | "/by-user"}`}` | `messages${"" | `/fetch${"" | "/by-id" | "/by-user"}`}`
| `cases${
| ""
| "/create"
| `/fetch${"" | "/by-id" | "/open"}`
| `/update${"" | "/close" | "/reopen" | "/notes"}`}`
| `reports${ | `reports${
| "" | ""
| `/fetch${ | `/fetch${
| "" | ""
| "/by-id" | "/by-id"
| "/open" | "/open"
| `/related${"" | "/by-content" | "/by-user" | "/against-user"}` | `/related${
| ""
| "/by-content"
| "/by-user"
| "/by-case"
| "/against-user"}`
| `/snapshots${"" | "/by-report" | "/by-user"}`}` | `/snapshots${"" | "/by-report" | "/by-user"}`}`
| `/update${ | `/update${
| "" | ""
| "/notes" | "/notes"
| "/resolve" | "/resolve"
| "/reject" | "/reject"
| "/case"
| "/reopen" | "/reopen"
| `/bulk-close${"" | "/by-user"}`}`}` | `/bulk-close${"" | "/by-user"}`}`}`
| `sessions${"" | `/fetch${"" | "/by-account-id"}`}` | `sessions${"" | `/fetch${"" | "/by-account-id"}`}`
@ -103,6 +107,8 @@ const PermissionSets = {
// View open reports // View open reports
"view-open-reports": [ "view-open-reports": [
"users/fetch/by-id", "users/fetch/by-id",
"cases/fetch/open",
"cases/fetch/by-id",
"reports/fetch/open", "reports/fetch/open",
"reports/fetch/by-id", "reports/fetch/by-id",
"reports/fetch/related", "reports/fetch/related",
@ -114,7 +120,12 @@ const PermissionSets = {
"reports/update/notes", "reports/update/notes",
"reports/update/resolve", "reports/update/resolve",
"reports/update/reject", "reports/update/reject",
"reports/update/case",
"reports/update/reopen", "reports/update/reopen",
"cases/create",
"cases/update/notes",
"cases/update/close",
"cases/update/reopen",
] as Permission[], ] as Permission[],
// Revolt Discover // Revolt Discover
@ -212,9 +223,7 @@ const PermissionSets = {
"safety_notes/update", "safety_notes/update",
] as Permission[], ] as Permission[],
"authifier": [ authifier: ["authifier/classification"] as Permission[],
"authifier/classification",
] as Permission[],
}; };
const Roles = { const Roles = {
@ -287,5 +296,5 @@ export async function checkPermission(
if (!(await hasPermissionFromSession(permission))) if (!(await hasPermissionFromSession(permission)))
throw `Missing permission ${permission}`; throw `Missing permission ${permission}`;
await insertAuditLog(permission, context, args); return await insertAuditLog(permission, context, args);
} }

221
lib/actions.ts
View File

@ -4,8 +4,10 @@ import { readFile, readdir, writeFile } from "fs/promises";
import { PLATFORM_MOD_ID, RESTRICT_ACCESS_LIST } from "./constants"; import { PLATFORM_MOD_ID, RESTRICT_ACCESS_LIST } from "./constants";
import mongo, { import mongo, {
Account, Account,
CaseDocument,
ChannelInvite, ChannelInvite,
EmailClassification, EmailClassification,
ReportDocument,
createDM, createDM,
fetchAccountById, fetchAccountById,
findDM, findDM,
@ -98,6 +100,48 @@ export async function updateReportNotes(reportId: string, notes: string) {
); );
} }
export async function updateCaseNotes(caseId: string, notes: string) {
await checkPermission("cases/update/notes", caseId, { notes });
return await mongo()
.db("revolt")
.collection<CaseDocument>("safety_cases")
.updateOne(
{ _id: caseId },
{
$set: {
notes,
},
}
);
}
export async function assignReportToCase(reportId: string, caseId?: string) {
await checkPermission("reports/update/case", reportId);
const $set = {
case_id: caseId ?? null,
} as ReportDocument;
await mongo()
.db("revolt")
.collection<ReportDocument>("safety_reports")
.updateOne(
{ _id: reportId },
caseId
? {
$set,
}
: {
$unset: {
case_id: 1,
},
}
);
return $set;
}
export async function resolveReport(reportId: string) { export async function resolveReport(reportId: string) {
await checkPermission("reports/update/resolve", reportId); await checkPermission("reports/update/resolve", reportId);
@ -116,6 +160,24 @@ export async function resolveReport(reportId: string) {
return $set; return $set;
} }
export async function closeCase(caseId: string) {
await checkPermission("cases/update/close", caseId);
const $set = {
status: "Closed",
closed_at: new Date().toISOString(),
} as CaseDocument;
await mongo().db("revolt").collection<CaseDocument>("safety_cases").updateOne(
{ _id: caseId },
{
$set,
}
);
return $set;
}
export async function rejectReport(reportId: string, reason: string) { export async function rejectReport(reportId: string, reason: string) {
await checkPermission("reports/update/reject", reportId, { reason }); await checkPermission("reports/update/reject", reportId, { reason });
@ -158,6 +220,23 @@ export async function reopenReport(reportId: string) {
return $set; return $set;
} }
export async function reopenCase(caseId: string) {
await checkPermission("cases/update/reopen", caseId);
const $set = {
status: "Open",
} as CaseDocument;
await mongo().db("revolt").collection<CaseDocument>("safety_cases").updateOne(
{ _id: caseId },
{
$set,
}
);
return $set;
}
export async function closeReportsByUser(userId: string) { export async function closeReportsByUser(userId: string) {
await checkPermission("reports/update/bulk-close/by-user", userId); await checkPermission("reports/update/bulk-close/by-user", userId);
@ -208,8 +287,8 @@ export async function deleteMFARecoveryCodes(userId: string) {
$unset: { $unset: {
"mfa.recovery_codes": 1, "mfa.recovery_codes": 1,
}, },
}, }
) );
} }
export async function disableMFA(userId: string) { export async function disableMFA(userId: string) {
@ -225,8 +304,8 @@ export async function disableMFA(userId: string) {
$unset: { $unset: {
"mfa.totp_token": 1, "mfa.totp_token": 1,
}, },
}, }
) );
} }
export async function changeAccountEmail(userId: string, email: string) { export async function changeAccountEmail(userId: string, email: string) {
@ -287,9 +366,7 @@ export async function verifyAccountEmail(userId: string) {
export async function lookupEmail(email: string): Promise<string | false> { export async function lookupEmail(email: string): Promise<string | false> {
await checkPermission("accounts/fetch/by-email", email); await checkPermission("accounts/fetch/by-email", email);
const accounts = mongo() const accounts = mongo().db("revolt").collection<Account>("accounts");
.db("revolt")
.collection<Account>("accounts");
let result = await accounts.findOne({ email: email }); let result = await accounts.findOne({ email: email });
if (result) return result._id; if (result) return result._id;
@ -598,10 +675,7 @@ export async function updateServerOwner(serverId: string, userId: string) {
await mongo() await mongo()
.db("revolt") .db("revolt")
.collection<Server>("servers") .collection<Server>("servers")
.updateOne( .updateOne({ _id: serverId }, { $set: { owner: userId } });
{ _id: serverId },
{ $set: { owner: userId } },
);
await publishMessage(serverId, { await publishMessage(serverId, {
type: "ServerUpdate", type: "ServerUpdate",
@ -613,8 +687,16 @@ export async function updateServerOwner(serverId: string, userId: string) {
}); });
} }
export async function addServerMember(serverId: string, userId: string, withEvent: boolean) { export async function addServerMember(
await checkPermission("servers/update/add-member", { serverId, userId, withEvent }); serverId: string,
userId: string,
withEvent: boolean
) {
await checkPermission("servers/update/add-member", {
serverId,
userId,
withEvent,
});
const server = await mongo() const server = await mongo()
.db("revolt") .db("revolt")
@ -643,7 +725,7 @@ export async function addServerMember(serverId: string, userId: string, withEven
joined_at: Long.fromNumber(Date.now()) as unknown as string, joined_at: Long.fromNumber(Date.now()) as unknown as string,
}); });
await publishMessage(userId + '!', { await publishMessage(userId + "!", {
type: "ServerCreate", type: "ServerCreate",
id: serverId, id: serverId,
channels: channels, channels: channels,
@ -686,11 +768,11 @@ export async function quarantineServer(serverId: string, message: string) {
server, server,
members, members,
invites, invites,
} };
await writeFile( await writeFile(
`./exports/${new Date().toISOString()} - ${serverId}.json`, `./exports/${new Date().toISOString()} - ${serverId}.json`,
JSON.stringify(backup), JSON.stringify(backup)
); );
await mongo() await mongo()
@ -703,7 +785,7 @@ export async function quarantineServer(serverId: string, message: string) {
owner: "0".repeat(26), owner: "0".repeat(26),
analytics: false, analytics: false,
discoverable: false, discoverable: false,
} },
} }
); );
@ -730,7 +812,8 @@ export async function quarantineServer(serverId: string, message: string) {
const messageId = ulid(); const messageId = ulid();
let dm = await findDM(PLATFORM_MOD_ID, member._id.user); let dm = await findDM(PLATFORM_MOD_ID, member._id.user);
if (!dm) dm = await createDM(PLATFORM_MOD_ID, member._id.user, messageId); if (!dm)
dm = await createDM(PLATFORM_MOD_ID, member._id.user, messageId);
await sendChatMessage({ await sendChatMessage({
_id: messageId, _id: messageId,
@ -837,11 +920,15 @@ export async function resetBotToken(botId: string) {
$set: { $set: {
token: nanoid(64), token: nanoid(64),
}, },
}, }
); );
} }
export async function transferBot(botId: string, ownerId: string, resetToken: boolean) { export async function transferBot(
botId: string,
ownerId: string,
resetToken: boolean
) {
await checkPermission("bots/update/owner", { botId, ownerId, resetToken }); await checkPermission("bots/update/owner", { botId, ownerId, resetToken });
if (resetToken) { if (resetToken) {
@ -858,15 +945,13 @@ export async function transferBot(botId: string, ownerId: string, resetToken: bo
{ {
$set: { $set: {
owner: ownerId, owner: ownerId,
...( ...(resetToken
resetToken ? {
? {
token: nanoid(64), token: nanoid(64),
} }
: {} : {}),
),
}, },
}, }
); );
await mongo() await mongo()
@ -880,22 +965,19 @@ export async function transferBot(botId: string, ownerId: string, resetToken: bo
$set: { $set: {
"bot.owner": ownerId, "bot.owner": ownerId,
}, },
}, }
); );
// This doesn't appear to work, maybe Revite can't handle it. I'll leave it in regardless. // This doesn't appear to work, maybe Revite can't handle it. I'll leave it in regardless.
await publishMessage( await publishMessage(botId, {
botId, type: "UserUpdate",
{ id: botId,
type: "UserUpdate", data: {
id: botId, bot: {
data: { owner: ownerId,
bot: {
owner: ownerId,
},
}, },
}, },
); });
} }
export async function restoreAccount(accountId: string) { export async function restoreAccount(accountId: string) {
@ -965,15 +1047,19 @@ export async function fetchBackups() {
await checkPermission("backup/fetch", null); await checkPermission("backup/fetch", null);
return await Promise.all( return await Promise.all(
(await readdir("./exports", { withFileTypes: true })) (
await readdir("./exports", { withFileTypes: true })
)
.filter((file) => file.isFile() && file.name.endsWith(".json")) .filter((file) => file.isFile() && file.name.endsWith(".json"))
.map(async (file) => { .map(async (file) => {
let type: string | null = null; let type: string | null = null;
try { try {
type = JSON.parse((await readFile(`./exports/${file.name}`)).toString("utf-8"))._event; type = JSON.parse(
} catch(e) {} (await readFile(`./exports/${file.name}`)).toString("utf-8")
)._event;
} catch (e) {}
return { name: file.name, type: type } return { name: file.name, type: type };
}) })
); );
} }
@ -984,7 +1070,9 @@ export async function fetchBackup(name: string) {
return JSON.parse((await readFile(`./exports/${name}`)).toString("utf-8")); return JSON.parse((await readFile(`./exports/${name}`)).toString("utf-8"));
} }
export async function fetchEmailClassifications(): Promise<EmailClassification[]> { export async function fetchEmailClassifications(): Promise<
EmailClassification[]
> {
await checkPermission("authifier/classification/fetch", null); await checkPermission("authifier/classification/fetch", null);
return await mongo() return await mongo()
@ -994,27 +1082,34 @@ export async function fetchEmailClassifications(): Promise<EmailClassification[]
.toArray(); .toArray();
} }
export async function createEmailClassification(domain: string, classification: string) { export async function createEmailClassification(
await checkPermission("authifier/classification/create", { domain, classification }); domain: string,
classification: string
) {
await checkPermission("authifier/classification/create", {
domain,
classification,
});
await mongo() await mongo()
.db("authifier") .db("authifier")
.collection<EmailClassification>("email_classification") .collection<EmailClassification>("email_classification")
.insertOne( .insertOne({ _id: domain, classification });
{ _id: domain, classification },
);
} }
export async function updateEmailClassification(domain: string, classification: string) { export async function updateEmailClassification(
await checkPermission("authifier/classification/update", { domain, classification }); domain: string,
classification: string
) {
await checkPermission("authifier/classification/update", {
domain,
classification,
});
await mongo() await mongo()
.db("authifier") .db("authifier")
.collection<EmailClassification>("email_classification") .collection<EmailClassification>("email_classification")
.updateOne( .updateOne({ _id: domain }, { $set: { classification } });
{ _id: domain },
{ $set: { classification } },
);
} }
export async function deleteEmailClassification(domain: string) { export async function deleteEmailClassification(domain: string) {
@ -1023,21 +1118,19 @@ export async function deleteEmailClassification(domain: string) {
await mongo() await mongo()
.db("authifier") .db("authifier")
.collection<EmailClassification>("email_classification") .collection<EmailClassification>("email_classification")
.deleteOne( .deleteOne({ _id: domain });
{ _id: domain },
);
} }
export async function searchUserByTag(username: string, discriminator: string): Promise<string | false> { export async function searchUserByTag(
username: string,
discriminator: string
): Promise<string | false> {
await checkPermission("users/fetch/by-tag", { username, discriminator }); await checkPermission("users/fetch/by-tag", { username, discriminator });
const result = await mongo() const result = await mongo().db("revolt").collection<User>("users").findOne({
.db("revolt") username,
.collection<User>("users") discriminator,
.findOne({ });
username,
discriminator,
});
return result?._id || false; return result?._id || false;
} }

151
lib/db.ts
View File

@ -21,6 +21,19 @@ import { getServerSession } from "next-auth";
let client: MongoClient; let client: MongoClient;
export type CaseDocument = {
_id: string;
title: string;
notes?: string;
author: string;
status: "Open" | "Closed";
closed_at?: string;
};
export type ReportDocument = Report & {
case_id?: string;
};
function mongo() { function mongo() {
if (!client) { if (!client) {
client = new MongoClient(process.env.MONGODB!); client = new MongoClient(process.env.MONGODB!);
@ -55,6 +68,8 @@ export async function insertAuditLog(
context, context,
args, args,
}); });
return session!.user!.email!;
} }
export async function fetchBotById(id: string) { export async function fetchBotById(id: string) {
@ -116,34 +131,33 @@ export type Account = {
export async function fetchAccountById(id: string) { export async function fetchAccountById(id: string) {
await checkPermission("accounts/fetch/by-id", id); await checkPermission("accounts/fetch/by-id", id);
return await mongo() return (await mongo()
.db("revolt") .db("revolt")
.collection<Account>("accounts") .collection<Account>("accounts")
.aggregate( .aggregate([
[ {
{ $match: { _id: id },
$match: { _id: id }, },
{
$project: {
password: 0,
"mfa.totp_token.secret": 0,
}, },
{ },
$project: { {
password: 0, $set: {
"mfa.totp_token.secret": 0, // Replace recovery code array with amount of codes
} "mfa.recovery_codes": {
$cond: {
if: { $isArray: "$mfa.recovery_codes" },
then: { $size: "$mfa.recovery_codes" },
else: undefined,
},
},
}, },
{ },
$set: { ])
// Replace recovery code array with amount of codes .next()) as WithId<Account>;
"mfa.recovery_codes": {
$cond: {
if: { $isArray: "$mfa.recovery_codes" },
then: { $size: "$mfa.recovery_codes", },
else: undefined,
}
}
}
}
]
).next() as WithId<Account>;
} }
export async function fetchSessionsByAccount(accountId: string) { export async function fetchSessionsByAccount(accountId: string) {
@ -288,7 +302,7 @@ export async function fetchServers(query: Filter<Server>) {
} }
// `vanity` should eventually be added to the backend as well // `vanity` should eventually be added to the backend as well
export type ChannelInvite = Invite & { vanity?: boolean } export type ChannelInvite = Invite & { vanity?: boolean };
export async function fetchInvites(query: Filter<ChannelInvite>) { export async function fetchInvites(query: Filter<ChannelInvite>) {
await checkPermission("channels/fetch/invites", query); await checkPermission("channels/fetch/invites", query);
@ -306,12 +320,12 @@ export async function fetchInvites(query: Filter<ChannelInvite>) {
.toArray(); .toArray();
const users = await mongo() const users = await mongo()
.db("revolt") .db("revolt")
.collection<User>("users") .collection<User>("users")
.find({ _id: { $in: invites.map((invite) => invite.creator) } }) .find({ _id: { $in: invites.map((invite) => invite.creator) } })
.toArray(); .toArray();
return { invites, channels, users } return { invites, channels, users };
} }
export async function fetchMessageById(id: string) { export async function fetchMessageById(id: string) {
@ -358,7 +372,7 @@ export async function fetchOpenReports() {
return await mongo() return await mongo()
.db("revolt") .db("revolt")
.collection<Report>("safety_reports") .collection<ReportDocument>("safety_reports")
.find( .find(
{ status: "Created" }, { status: "Created" },
{ {
@ -370,6 +384,23 @@ export async function fetchOpenReports() {
.toArray(); .toArray();
} }
export async function fetchOpenCases() {
await checkPermission("cases/fetch/open", "all");
return await mongo()
.db("revolt")
.collection<CaseDocument>("safety_cases")
.find(
{ status: "Open" },
{
sort: {
_id: -1,
},
}
)
.toArray();
}
export async function fetchRelatedReportsByContent(contentId: string) { export async function fetchRelatedReportsByContent(contentId: string) {
await checkPermission("reports/fetch/related/by-content", contentId); await checkPermission("reports/fetch/related/by-content", contentId);
@ -404,6 +435,23 @@ export async function fetchReportsByUser(userId: string) {
.toArray(); .toArray();
} }
export async function fetchReportsByCase(caseId: string) {
await checkPermission("reports/fetch/related/by-case", caseId);
return await mongo()
.db("revolt")
.collection<ReportDocument>("safety_reports")
.find(
{ case_id: caseId },
{
sort: {
_id: -1,
},
}
)
.toArray();
}
export async function fetchReportsAgainstUser(userId: string) { export async function fetchReportsAgainstUser(userId: string) {
await checkPermission("reports/fetch/related/against-user", userId); await checkPermission("reports/fetch/related/against-user", userId);
@ -463,6 +511,27 @@ export async function fetchReportById(id: string) {
.findOne({ _id: id }); .findOne({ _id: id });
} }
export async function createCase(title: string) {
const id = ulid();
const author = await checkPermission("cases/create", { title });
await mongo()
.db("revolt")
.collection<CaseDocument>("safety_cases")
.insertOne({ _id: id, author, status: "Open", title });
return id;
}
export async function fetchCaseById(id: string) {
await checkPermission("cases/fetch/by-id", id);
return await mongo()
.db("revolt")
.collection<CaseDocument>("safety_cases")
.findOne({ _id: id });
}
export async function fetchMembershipsByUser(userId: string) { export async function fetchMembershipsByUser(userId: string) {
await checkPermission("users/fetch/memberships", userId); await checkPermission("users/fetch/memberships", userId);
@ -562,13 +631,19 @@ export async function fetchAuthifierEmailClassification(provider: string) {
} }
export type SafetyNotes = { export type SafetyNotes = {
_id: { id: string, type: "message" | "channel" | "server" | "user" | "account" | "global" }; _id: {
id: string;
type: "message" | "channel" | "server" | "user" | "account" | "global";
};
text: string; text: string;
edited_by: string; edited_by: string;
edited_at: Date; edited_at: Date;
} };
export async function fetchSafetyNote(objectId: string, type: SafetyNotes["_id"]["type"]) { export async function fetchSafetyNote(
objectId: string,
type: SafetyNotes["_id"]["type"]
) {
await checkPermission(`safety_notes/fetch/${type}`, objectId); await checkPermission(`safety_notes/fetch/${type}`, objectId);
return mongo() return mongo()
@ -577,7 +652,11 @@ export async function fetchSafetyNote(objectId: string, type: SafetyNotes["_id"]
.findOne({ _id: { id: objectId, type: type } }); .findOne({ _id: { id: objectId, type: type } });
} }
export async function updateSafetyNote(objectId: string, type: SafetyNotes["_id"]["type"], note: string) { export async function updateSafetyNote(
objectId: string,
type: SafetyNotes["_id"]["type"],
note: string
) {
await checkPermission(`safety_notes/update/${type}`, objectId); await checkPermission(`safety_notes/update/${type}`, objectId);
const session = await getServerSession(); const session = await getServerSession();
@ -594,6 +673,6 @@ export async function updateSafetyNote(objectId: string, type: SafetyNotes["_id"
edited_by: session?.user?.email ?? "", edited_by: session?.user?.email ?? "",
}, },
}, },
{ upsert: true }, { upsert: true }
); );
} }