chore: add tom

app/panel/audit/page.tsx

@@ -1,93 +1,7 @@
-import { AuditLogEntryCard } from "@/components/cards/AuditLogEntryCard";
+export default function AuditLog() {
-import { CollapsibleSection } from "@/components/common/CollapsibleSection";
-import { Permission } from "@/lib/accessPermissions";
-import { fetchAuditLogEvents } from "@/lib/actions";
-import { AuditLogEntry } from "@/lib/db";
-
-const collapseGroups: { perms: Permission[], name: string }[] = [
-  {
-    name: "user",
-    perms: [
-      "users/fetch/by-id",
-      "users/fetch/memberships",
-      "users/fetch/notices",
-      "users/fetch/relations",
-      "users/fetch/strikes",
-      "reports/fetch/related/by-user",
-      "reports/fetch/related/against-user",
-    ],
-  },
-  {
-     name: "account",
-     perms: [
-      "accounts/fetch/by-id",
-      "accounts/fetch/by-email",
-      "sessions/fetch/by-account-id",
-    ],
-  },
-  {
-    name: "server",
-    perms: [
-      "servers/fetch/by-id",
-    ],
-  },
-  {
-    name: "channel",
-    perms: [
-      "channels/fetch/by-id",
-      "channels/fetch/by-server",
-    ]
-  },
-  {
-    name: "report",
-    perms: [
-      "reports/fetch/by-id",
-      "reports/fetch/snapshots/by-report",
-    ],
-  }
-];
-
-const getGroup = (permission: string) => collapseGroups.findIndex((list) => list.perms.find((p) => p.startsWith(permission)));
-
-export default async function AuditLog() {
-  const entries = await fetchAuditLogEvents();
-  const items: (AuditLogEntry | AuditLogEntry[])[] = [];
-  let tmp: AuditLogEntry[] = [];
-
-  for (const entry of entries) {
-    const group = getGroup(entry.permission);
-
-    if (tmp.length && group == getGroup(tmp[0].permission)) {
-      tmp.push(entry);
-    } else {
-      if (tmp.length) {
-        items.push(tmp);
-        tmp = [];
-      }
-
-      if (group != -1) tmp.push(entry);
-      else items.push(entry);
-    }
-  }
-  items.push(...tmp);
-
   return (
     <div className="flex flex-col gap-2">
-      {items.map((entry) => Array.isArray(entry)
+      chronological event log for all actions
-        ? (
-          <CollapsibleSection
-            text={`${entry.length} ${collapseGroups[getGroup(entry[0].permission)].name} fetch event${entry.length == 1 ? "" : "s"}`}
-            key={entries.indexOf(entry as any)}
-          >
-            <div className="flex flex-col gap-2">
-              {entry.map((item) => <AuditLogEntryCard key={item._id} log={item} />)}
-            </div>
-          </CollapsibleSection>
-        )
-        : (
-          <AuditLogEntryCard key={entry._id} log={entry} />
-        )
-      )}
     </div>
   );
 }

app/panel/cases/[id]/page.tsx

@@ -0,0 +1,41 @@
+import { ReportCard } from "@/components/cards/ReportCard";
+import { CardLink } from "@/components/common/CardLink";
+import { NavigationToolbar } from "@/components/common/NavigationToolbar";
+import { CaseActions } from "@/components/pages/inspector/CaseActions";
+import { fetchCaseById, fetchReportsByCase } from "@/lib/db";
+import { PizzaIcon } from "lucide-react";
+import { notFound } from "next/navigation";
+
+export default async function Reports({ params }: { params: { id: string } }) {
+  const Case = await fetchCaseById(params.id);
+  if (!Case) return notFound();
+
+  const reports = await fetchReportsByCase(params.id);
+
+  return (
+    <div className="flex flex-col gap-2">
+      <NavigationToolbar>Viewing Case</NavigationToolbar>
+      <CaseActions Case={Case} />
+
+      <div className="flex flex-col gap-2">
+        <h1 className="text-2xl">Reports</h1>
+        {reports.length ? (
+          reports.map((report) => (
+            <CardLink key={report._id} href={`/panel/reports/${report._id}`}>
+              <ReportCard report={report} />
+            </CardLink>
+          ))
+        ) : (
+          <>
+            <h2 className="mt-8 flex justify-center">
+              <PizzaIcon className="text-gray-400" />
+            </h2>
+            <h3 className="text-xs text-center pb-2 text-gray-400">
+              No reports added yet.
+            </h3>
+          </>
+        )}
+      </div>
+    </div>
+  );
+}

app/panel/cases/page.tsx

@@ -0,0 +1,37 @@
+import { CaseCard } from "@/components/cards/CaseCard";
+import { CardLink } from "@/components/common/CardLink";
+import { CreateCase } from "@/components/common/CreateCase";
+import { fetchOpenCases } from "@/lib/db";
+import { PizzaIcon } from "lucide-react";
+
+export default async function Reports() {
+  const cases = (await fetchOpenCases()).reverse();
+
+  return (
+    <div className="flex flex-col gap-8">
+      <div className="flex flex-col gap-2">
+        <div className="flex flex-row gap-2 items-center">
+          <CreateCase />
+          <h1 className="text-2xl">Open Cases</h1>
+        </div>
+
+        {cases.length ? (
+          cases.map((entry) => (
+            <CardLink key={entry._id} href={`/panel/cases/${entry._id}`}>
+              <CaseCard entry={entry} />
+            </CardLink>
+          ))
+        ) : (
+          <>
+            <h2 className="mt-8 flex justify-center">
+              <PizzaIcon className="text-gray-400" />
+            </h2>
+            <h3 className="text-xs text-center pb-2 text-gray-400">
+              No cases currently open.
+            </h3>
+          </>
+        )}
+      </div>
+    </div>
+  );
+}

app/panel/reports/page.tsx

@@ -1,7 +1,7 @@
 import { ReportCard } from "@/components/cards/ReportCard";
 import { CardLink } from "@/components/common/CardLink";
 import { Input } from "@/components/ui/input";
-import { fetchOpenReports } from "@/lib/db";
+import { fetchOpenReports, fetchUsersById } from "@/lib/db";
 import { PizzaIcon } from "lucide-react";
 import { Report } from "revolt-api";
 
@@ -13,12 +13,15 @@ export default async function Reports() {
   const byCategory: Record<string, Report[]> = {
     Urgent: [],
     All: [],
+    AssignedToCase: [],
   };
   const keyOrder = ["Urgent", "All"];
 
   const countsByAuthor: Record<string, number> = {};
   for (const report of reports) {
-    if (report.content.report_reason.includes("Illegal")) {
+    if (report.case_id) {
+      byCategory.AssignedToCase.push(report);
+    } else if (report.content.report_reason.includes("Illegal")) {
       byCategory.Urgent.push(report);
     } else {
       countsByAuthor[report.author_id] =
@@ -27,6 +30,8 @@ export default async function Reports() {
   }
 
   for (const report of reports) {
+    if (report.case_id) continue;
+
     if (!report.content.report_reason.includes("Illegal")) {
       if (countsByAuthor[report.author_id] > 1) {
         if (!keyOrder.includes(report.author_id)) {
@@ -41,14 +46,21 @@ export default async function Reports() {
     }
   }
 
+  const authorNames: Record<string, string> = {};
+  for (const user of await fetchUsersById(Object.keys(countsByAuthor))) {
+    authorNames[user._id] = user.username + "#" + user.discriminator;
+  }
+
   return (
     <div className="flex flex-col gap-8">
       {/*<Input placeholder="Search for reports..." disabled />*/}
       {reports.length ? (
-        keyOrder.map((key) => {
+        keyOrder
+          .filter((key) => byCategory[key].length)
+          .map((key) => {
             return (
               <div key={key} className="flex flex-col gap-2">
-              <h1 className="text-2xl">{key}</h1>
+                <h1 className="text-2xl">{authorNames[key] ?? key}</h1>
                 {byCategory[key].map((report) => (
                   <CardLink
                     key={report._id}
@@ -70,6 +82,20 @@ export default async function Reports() {
           </h3>
         </>
       )}
+      {byCategory["AssignedToCase"].length && (
+        <details>
+          <summary>
+            <h1 className="text-xl inline">Reports assigned to cases</h1>
+          </summary>
+          <div className="flex flex-col gap-2">
+            {byCategory["AssignedToCase"].map((report) => (
+              <CardLink key={report._id} href={`/panel/reports/${report._id}`}>
+                <ReportCard report={report} />
+              </CardLink>
+            ))}
+          </div>
+        </details>
+      )}
     </div>
   );
 }

components/cards/AuditLogEntryCard.tsx

@@ -1,149 +0,0 @@
-import { AuditLogEntry, fetchChannelById, fetchReportById, fetchServerById, fetchUserById, fetchUsersById } from "@/lib/db";
-import { Card, CardContent, CardDescription, CardHeader } from "../ui/card";
-import { UserCard } from "./UserCard";
-import { User } from "revolt-api";
-import Link from "next/link";
-import { Permission } from "@/lib/accessPermissions";
-import { ServerCard } from "./ServerCard";
-import { ChannelCard } from "./ChannelCard";
-import { ReportCard } from "./ReportCard";
-import { decodeTime } from "ulid";
-import dayjs from "dayjs";
-import relativeTime from "dayjs/plugin/relativeTime";
-
-dayjs.extend(relativeTime);
-
-export async function AuditLogEntryCard({ log }: { log: AuditLogEntry }) {
-  const perm = log.permission as Permission;
-
-  const ContextCard = async () => {
-    const fallback = log.context ? (
-    <Card>
-        <CardHeader className="p-3">
-          <pre>
-            <code>{JSON.stringify(log.context, null, 4)}</code>
-          </pre>
-        </CardHeader>
-      </Card>
-    ) : null;
-
-    try {
-      // Users
-      if (perm.startsWith("users/action")
-       || perm.startsWith("users/create")
-       || perm == "users/fetch/by-id"
-       || perm == "users/fetch/notices"
-       || perm == "users/fetch/memberships"
-       || perm == "users/fetch/relations"
-       || perm == "users/fetch/strikes"
-       || perm == "reports/fetch/related/by-user"
-       || perm == "reports/fetch/related/against-user"
-       || perm == "reports/update/bulk-close/by-user"
-      ) {
-        let users: User[] = await fetchUsersById(Array.isArray(log.context) ? log.context : [log.context]);
-        if (!users.length) return fallback;
-
-        return (
-          <>
-            {users.map((user: User) => (
-              <Link href={`/panel/inspect/user/${log.context}`} key={user._id}>
-                <UserCard subtitle={user._id} user={user as User} />
-              </Link>
-            ))}
-          </>
-        );
-      }
-
-      // Accounts
-      if (perm == "accounts/fetch/by-id"
-       || perm.startsWith("accounts/deletion")
-       || perm == "accounts/disable"
-       || perm == "accounts/restore"
-       || perm == "accounts/update"
-       || perm == "sessions/fetch/by-account-id"
-      ) {
-        const user = await fetchUserById(log.context);
-
-        if (!user) return fallback;
-        return (
-          <Link href={`/panel/inspect/account/${log.context}`}>
-            <UserCard subtitle={user._id} user={user as User} />
-          </Link>
-        );
-      }
-
-      // Servers
-      if (perm == "servers/fetch/by-id"
-       || perm.startsWith("servers/update")
-       || perm == "channels/fetch/by-server"
-      ) {
-        const server = await fetchServerById(log.context);
-
-        if (!server) return fallback;
-        return (
-          <Link href={`/panel/inspect/server/${server._id}`}>
-            <ServerCard server={server} subtitle={server._id} />
-          </Link>
-        )
-      }
-
-      // Channels
-      if (perm == "channels/fetch/by-id"
-       || perm.startsWith("channels/update")
-      ) {
-        const channel = await fetchChannelById(log.context);
-
-        if (!channel) return fallback;
-        return (
-          <Link href={`/panel/inspect/channel/${channel._id}`}>
-            <ChannelCard channel={channel} subtitle={channel._id} />
-          </Link>
-        );
-      }
-
-      // Reports
-      if (perm == "reports/fetch/by-id"
-       || perm == "reports/fetch/snapshots/by-report"
-       || perm == "reports/update/notes"
-       || perm == "reports/update/reject"
-       || perm == "reports/update/reopen"
-       || perm == "reports/update/resolve") {
-        const report = await fetchReportById(log.context);
-
-        if (!report) return fallback;
-        return (
-          <Link href={`/panel/reports/${report._id}`}>
-            <ReportCard report={report} />
-          </Link>
-        )
-      }
-
-      return fallback;
-    } catch(e) {
-      return fallback;
-    }
-  }
-
-  return (
-    <Card>
-      <CardHeader>
-        <CardDescription>
-          {log.moderator} &middot; {log._id} &middot; {dayjs(decodeTime(log._id)).fromNow()}
-        </CardDescription>
-        <code className="p-1">{log.permission}</code>
-
-        <ContextCard />
-
-        {log.args != null && (
-          <Card>
-            <CardHeader className="p-3">
-              <pre>
-                <code>{JSON.stringify(log.args, null, 2)}</code>
-              </pre>
-            </CardHeader>
-          </Card>
-        )}
-      </CardHeader>
-    </Card>
-  );
-}

components/cards/CaseCard.tsx

@@ -0,0 +1,32 @@
+import { Report } from "revolt-api";
+import { Card, CardDescription, CardHeader, CardTitle } from "../ui/card";
+import { Badge } from "../ui/badge";
+import dayjs from "dayjs";
+import { decodeTime } from "ulid";
+
+import relativeTime from "dayjs/plugin/relativeTime";
+import { CaseDocument } from "@/lib/db";
+dayjs.extend(relativeTime);
+
+export function CaseCard({ entry: entry }: { entry: CaseDocument }) {
+  return (
+    <Card>
+      <CardHeader>
+        <CardTitle
+          className={`overflow-ellipsis whitespace-nowrap overflow-x-clip ${
+            entry.status !== "Open" ? "text-gray-500" : ""
+          }`}
+        >
+          {entry.title || "No reason specified"}
+        </CardTitle>
+        <CardDescription>
+          {entry._id.toString().substring(20, 26)} &middot;{" "}
+          {dayjs(decodeTime(entry._id)).fromNow()} &middot; {entry.author}{" "}
+          {entry.status !== "Open" && entry.closed_at && (
+            <>&middot; Closed {dayjs(entry.closed_at).fromNow()}</>
+          )}
+        </CardDescription>
+      </CardHeader>
+    </Card>
+  );
+}

components/cards/ReportCard.tsx

@@ -1,10 +1,10 @@
-import { Report } from "revolt-api";
 import { Card, CardDescription, CardHeader, CardTitle } from "../ui/card";
 import { Badge } from "../ui/badge";
 import dayjs from "dayjs";
 import { decodeTime } from "ulid";
 
 import relativeTime from "dayjs/plugin/relativeTime";
+import { ReportDocument } from "@/lib/db";
 dayjs.extend(relativeTime);
 
 const lastWeek = new Date();
@@ -13,7 +13,7 @@ lastWeek.setDate(lastWeek.getDate() - 7);
 const yesterday = new Date();
 yesterday.setDate(yesterday.getDate() - 1);
 
-export function ReportCard({ report }: { report: Report }) {
+export function ReportCard({ report }: { report: ReportDocument }) {
   const dueDate = +(report.content.report_reason.includes("Illegal")
     ? yesterday
     : lastWeek);
@@ -48,6 +48,14 @@ export function ReportCard({ report }: { report: Report }) {
           {report.status !== "Created" && report.closed_at && (
             <>&middot; Closed {dayjs(report.closed_at).fromNow()}</>
           )}{" "}
+          {report.case_id && (
+            <>
+              &middot;{" "}
+              <Badge className="align-middle" variant="secondary">
+                Assigned
+              </Badge>
+            </>
+          )}{" "}
           {report.status === "Created" && decodeTime(report._id) < dueDate && (
             <>
               &middot;{" "}

components/cards/SafetyNotesCard.tsx

@@ -1,22 +1,33 @@
-"use client"
+"use client";
 
 import { useEffect, useState } from "react";
 import { Textarea } from "../ui/textarea";
 import { toast } from "../ui/use-toast";
 import { SafetyNotes, fetchSafetyNote, updateSafetyNote } from "@/lib/db";
-import { Card, CardContent, CardDescription, CardFooter, CardHeader, CardTitle } from "../ui/card";
+import {
+  Card,
+  CardContent,
+  CardDescription,
+  CardFooter,
+  CardHeader,
+  CardTitle,
+} from "../ui/card";
 import { useSession } from "next-auth/react";
 import dayjs from "dayjs";
 import relativeTime from "dayjs/plugin/relativeTime";
-import ReactMarkdown from 'react-markdown';
+import ReactMarkdown from "react-markdown";
-import remarkGfm from 'remark-gfm';
+import remarkGfm from "remark-gfm";
 
 dayjs.extend(relativeTime);
 
-export default function SafetyNotesCard({ objectId, type, title }: {
+export default function SafetyNotesCard({
-  objectId: string,
+  objectId,
-  type: SafetyNotes["_id"]["type"],
+  type,
-  title?: string
+  title,
+}: {
+  objectId: string;
+  type: SafetyNotes["_id"]["type"];
+  title?: string;
 }) {
   const session = useSession();
   const [draft, setDraft] = useState("");
@@ -40,12 +51,14 @@ export default function SafetyNotesCard({ objectId, type, title }: {
   return (
     <Card>
       <CardHeader>
-        <CardTitle>{title ?? type.charAt(0).toUpperCase() + type.slice(1) + " notes"}</CardTitle>
+        <CardTitle>
+          {title ?? type.charAt(0).toUpperCase() + type.slice(1) + " notes"}
+        </CardTitle>
       </CardHeader>
       <CardContent>
-        {
+        {editing ? (
-        editing
+          <Textarea
-         ? <Textarea
+            rows={8}
             placeholder={
               error
                 ? error
@@ -83,33 +96,37 @@ export default function SafetyNotesCard({ objectId, type, title }: {
               }
             }}
           />
-         : <div onClick={() => setEditing(true)}>
+        ) : (
-          {
+          <div onClick={() => setEditing(true)}>
-            error
+            {error ? (
-              ? <>{error}</>
+              <>{error}</>
-              : value?.text
+            ) : value?.text ? (
-                ? <ReactMarkdown
+              <ReactMarkdown
                 className="prose prose-a:text-[#fd6671] prose-img:max-h-96 max-w-none"
                 remarkPlugins={[remarkGfm]}
               >
                 {value.text}
               </ReactMarkdown>
-                : ready
+            ) : ready ? (
-                  ? <i>Click to add a note</i>
+              <i>Click to add a note</i>
-                  : <i>Fetching notes...</i>
+            ) : (
-          }
+              <i>Fetching notes...</i>
+            )}
           </div>
-        }
+        )}
       </CardContent>
       <CardFooter className="-my-2">
         <CardDescription>
-      {
+          {value ? (
-        value
+            <>
-          ? <>Last edited {dayjs(value.edited_at).fromNow()} by {value.edited_by}</>
+              Last edited {dayjs(value.edited_at).fromNow()} by{" "}
-          : <>No object note set</>
+              {value.edited_by}
-      }
+            </>
+          ) : (
+            <>No object note set</>
+          )}
         </CardDescription>
       </CardFooter>
     </Card>
-  )
+  );
 }

components/cards/UserCard.tsx

@@ -7,13 +7,20 @@ import Link from "next/link";
 import { ExternalLinkIcon } from "lucide-react";
 
 export function UserCard({ user, subtitle, withLink }: { user: User; subtitle: string, withLink?: boolean }) {
+  const gradientColour = user.flags == 1
+    ? 'rgba(251, 146, 60, 0.6)'
+    : user.flags == 4
+    ? 'rgba(239, 68, 68, 0.6)'
+    : 'transparent';
+  const gradient =  `linear-gradient(to right, white, rgba(255,0,0,0)), repeating-linear-gradient(225deg, transparent, transparent 32px, ${gradientColour} 32px, ${gradientColour} 64px)`;
+
   return (
     <Card
       className="bg-no-repeat bg-right text-left"
       style={{
         backgroundImage: user.profile?.background
-          ? `linear-gradient(to right, white, rgba(255,0,0,0)), url('${AUTUMN_URL}/backgrounds/${user.profile.background._id}')`
+          ? `${gradient}, url('${AUTUMN_URL}/backgrounds/${user.profile.background._id}')`
-          : "",
+          : gradient,
         backgroundSize: "75%",
       }}
     >
@@ -30,6 +37,8 @@ export function UserCard({ user, subtitle, withLink }: { user: User; subtitle: s
             </AvatarFallback>
           </Avatar>
           {user.bot && <Badge className="align-middle">Bot</Badge>}{" "}
+          {user.flags == 1 && <Badge className="align-middle bg-orange-400">Suspended</Badge>}{" "}
+          {user.flags == 4 && <Badge className="align-middle bg-red-700">Banned</Badge>}{" "}
           <div className="flex gap-2">
             {user.username}#{user.discriminator} {user.display_name}
             {

components/common/CollapsibleSection.tsx

@@ -1,23 +0,0 @@
-"use client"
-
-import { useState } from "react"
-import { Button } from "../ui/button";
-
-export function CollapsibleSection({ children, text }: { children: React.ReactNode, text: string }) {
-  const [collapsed, setCollapsed] = useState(true);
-
-  return collapsed ? (
-    <div className="cursor-pointer select-none" onClick={() => setCollapsed(false)}>
-      <div className="flex flex-row items-center">
-        <div className="flex flex-grow h-[1px] bg-slate-200 mx-4" />
-        <span className="flex-shrink text-slate-500">{text}</span>
-        <div className="flex flex-grow h-[1px] bg-slate-200 mx-4" />
-      </div>
-    </div>
-  ) : (
-    <div className="p-4 border-solid border-slate-200 border-[1px] rounded-lg bg-slate-50">
-      <Button variant="outline" className="mb-4" onClick={() => setCollapsed(true)}>Close</Button>
-      {children}
-    </div>
-  );
-}

components/common/CreateCase.tsx

@@ -0,0 +1,54 @@
+"use client";
+
+import { Plus } from "lucide-react";
+import { Button } from "../ui/button";
+import { Popover, PopoverContent, PopoverTrigger } from "../ui/popover";
+import { Label } from "../ui/label";
+import { Input } from "../ui/input";
+import { useState } from "react";
+import { createCase } from "@/lib/db";
+import { useRouter } from "next/navigation";
+
+export function CreateCase() {
+  const [title, setTitle] = useState("");
+  const router = useRouter();
+
+  return (
+    <Popover>
+      <PopoverTrigger asChild>
+        <Button variant="outline" size="icon">
+          <Plus className="h-4 w-4" />
+        </Button>
+      </PopoverTrigger>
+      <PopoverContent className="w-80">
+        <div className="grid gap-4">
+          <div className="space-y-2">
+            <h4 className="font-medium leading-none">Create Case</h4>
+          </div>
+          <div className="grid gap-2">
+            <div className="grid grid-cols-3 items-center gap-4">
+              <Label htmlFor="description">Title</Label>
+              <Input
+                id="description"
+                className="col-span-2 h-8"
+                value={title}
+                onChange={(e) => setTitle(e.currentTarget.value)}
+              />
+            </div>
+            <Button
+              variant="secondary"
+              onClick={() => {
+                if (!title) return;
+                createCase(title).then((id) =>
+                  router.push(`/panel/cases/${id}`)
+                );
+              }}
+            >
+              Create
+            </Button>
+          </div>
+        </div>
+      </PopoverContent>
+    </Popover>
+  );
+}

components/common/NavigationLinks.tsx

@@ -11,6 +11,7 @@ import {
   Siren,
   Sparkles,
   TrendingUp,
+  BookCopy,
 } from "lucide-react";
 
 export function NavigationLinks() {
@@ -34,6 +35,12 @@ export function NavigationLinks() {
       >
         <Siren className="h-4 w-4" />
       </Link>
+      <Link
+        className={buttonVariants({ variant: "outline", size: "icon" })}
+        href="/panel/cases"
+      >
+        <BookCopy className="h-4 w-4" />
+      </Link>
       <Link
         className={buttonVariants({ variant: "outline", size: "icon" })}
         href="/panel/inspect"
@@ -52,17 +59,17 @@ export function NavigationLinks() {
       >
         <Bomb className="h-4 w-4" />
       </Link>
-      <Link
-        className={buttonVariants({ variant: "outline", size: "icon" })}
-        href="/panel/audit"
-      >
-        <ScrollText className="h-4 w-4" />
-      </Link>
       {/*<Link
         className={buttonVariants({ variant: "outline", size: "icon" })}
         href="/panel/discover"
       >
         <Globe2 className="h-4 w-4" />
+    </Link>
+      <Link
+        className={buttonVariants({ variant: "outline", size: "icon" })}
+        href="/panel/audit"
+      >
+        <ScrollText className="h-4 w-4" />
       </Link>
       <Link
         className={buttonVariants({ variant: "outline", size: "icon" })}

components/common/NavigationToolbar.tsx

@@ -16,7 +16,7 @@ export function NavigationToolbar({ children }: { children: string }) {
       <Button variant="outline" size="icon" onClick={() => router.back()}>
         <ArrowLeft className="h-4 w-4" />
       </Button>
-      <Popover>
+      {/* <Popover>
         <PopoverTrigger asChild>
           <Button variant="outline" size="icon">
             <Star
@@ -49,7 +49,7 @@ export function NavigationToolbar({ children }: { children: string }) {
             </div>
           </div>
         </PopoverContent>
-      </Popover>
+              </Popover> */}
       <h2 className="text-2xl">{children}</h2>
     </div>
   );

components/pages/inspector/CaseActions.tsx

@@ -0,0 +1,95 @@
+"use client";
+
+import { Textarea } from "../../ui/textarea";
+import { Button } from "../../ui/button";
+import { useState } from "react";
+import { useToast } from "../../ui/use-toast";
+import { CaseDocument } from "@/lib/db";
+import { CaseCard } from "@/components/cards/CaseCard";
+import { closeCase, reopenCase, updateCaseNotes } from "@/lib/actions";
+
+export function CaseActions({ Case }: { Case: CaseDocument }) {
+  const { toast } = useToast();
+  const [caseDraft, setDraft] = useState(Case);
+
+  return (
+    <>
+      <CaseCard entry={Case} />
+
+      <Textarea
+        rows={8}
+        placeholder="Enter notes here... (save on unfocus)"
+        className="!min-h-0 !h-[76px]"
+        defaultValue={Case.notes}
+        onBlur={async (e) => {
+          const notes = e.currentTarget.value;
+          if (notes === caseDraft.notes ?? "") return;
+
+          try {
+            await updateCaseNotes(Case._id, notes);
+            setDraft((c) => ({ ...c, notes }));
+            toast({
+              title: "Updated report notes",
+            });
+          } catch (err) {
+            toast({
+              title: "Failed to update report notes",
+              description: String(err),
+              variant: "destructive",
+            });
+          }
+        }}
+      />
+
+      <div className="flex gap-2">
+        {caseDraft.status === "Open" ? (
+          <>
+            <Button
+              className="flex-1 bg-green-400 hover:bg-green-300"
+              onClick={async () => {
+                try {
+                  const $set = await closeCase(Case._id);
+                  setDraft((c) => ({ ...c, ...$set }));
+                  toast({
+                    title: "Closed case",
+                  });
+                } catch (err) {
+                  toast({
+                    title: "Failed to close case",
+                    description: String(err),
+                    variant: "destructive",
+                  });
+                }
+              }}
+            >
+              Close Case
+            </Button>
+          </>
+        ) : (
+          <>
+            <Button
+              className="flex-1"
+              onClick={async () => {
+                try {
+                  const $set = await reopenCase(Case._id);
+                  setDraft((c) => ({ ...c, ...$set }));
+                  toast({
+                    title: "Opened case again",
+                  });
+                } catch (err) {
+                  toast({
+                    title: "Failed to re-open case",
+                    description: String(err),
+                    variant: "destructive",
+                  });
+                }
+              }}
+            >
+              Re-open Case
+            </Button>
+          </>
+        )}
+      </div>
+    </>
+  );
+}

components/pages/inspector/ReportActions.tsx

@@ -14,6 +14,7 @@ import {
 import { useState } from "react";
 import { useToast } from "../../ui/use-toast";
 import {
+  assignReportToCase,
   rejectReport,
   reopenReport,
   resolveReport,
@@ -32,6 +33,10 @@ import {
   AlertDialogTrigger,
 } from "../../ui/alert-dialog";
 import { ReportCard } from "../../cards/ReportCard";
+import { Popover } from "@radix-ui/react-popover";
+import { PopoverContent, PopoverTrigger } from "@/components/ui/popover";
+import { CaseDocument, ReportDocument, fetchOpenCases } from "@/lib/db";
+import { CaseCard } from "@/components/cards/CaseCard";
 
 const template: Record<string, (ref: string) => string> = {
   resolved: (ref) =>
@@ -43,7 +48,7 @@ const template: Record<string, (ref: string) => string> = {
   "not enough evidence": (ref) =>
     `Your report (${ref}) has not been actioned at this time due to a lack of supporting evidence, if you have additional information to support your report, please either report individual relevant messages or send an email to contact@revolt.chat.`,
   clarify: (ref) =>
-    `Your report (${ref}) needs clarification, please provide additional information.`,
+    `Your report (${ref}) needs clarification, please provide additional information. You can report the messages again, report additional messages, or send an email to contact@revolt.chat.`,
   acknowledged: (ref) =>
     `Your report (${ref}) has been acknowledged, we will be monitoring the situation.`,
   default: (ref) =>
@@ -54,11 +59,12 @@ export function ReportActions({
   report,
   reference,
 }: {
-  report: Report;
+  report: ReportDocument;
   reference: string;
 }) {
   const { toast } = useToast();
   const [reportDraft, setDraft] = useState(report);
+  const [availableCases, setAvailableCases] = useState<CaseDocument[]>([]);
 
   function rejectHandler(reason: string) {
     return async () => {
@@ -83,6 +89,7 @@ export function ReportActions({
       <ReportCard report={reportDraft} />
 
       <Textarea
+        rows={8}
         placeholder="Enter notes here... (save on unfocus)"
         className="!min-h-0 !h-[76px]"
         defaultValue={report.notes}
@@ -106,6 +113,74 @@ export function ReportActions({
         }}
       />
 
+      {reportDraft.case_id ? (
+        <Button
+          variant="destructive"
+          onClick={async () => {
+            try {
+              const $set = await assignReportToCase(report._id);
+              setDraft((report) => ({ ...report, ...$set }));
+              toast({
+                title: "Removed report from case",
+              });
+            } catch (err) {
+              toast({
+                title: "Failed to resolve report",
+                description: String(err),
+                variant: "destructive",
+              });
+            }
+          }}
+        >
+          Remove from case
+        </Button>
+      ) : (
+        <Popover>
+          <PopoverTrigger asChild>
+            <Button
+              variant="outline"
+              onClick={() => {
+                fetchOpenCases().then(setAvailableCases);
+              }}
+            >
+              Add to case
+            </Button>
+          </PopoverTrigger>
+          <PopoverContent className="w-80">
+            <div className="grid gap-4">
+              <div className="space-y-2">
+                <h4 className="font-medium leading-none">Open Cases</h4>
+                {availableCases.map((entry) => (
+                  <a
+                    key={entry._id}
+                    onClick={async () => {
+                      try {
+                        const $set = await assignReportToCase(
+                          report._id,
+                          entry._id
+                        );
+                        setDraft((report) => ({ ...report, ...$set }));
+                        toast({
+                          title: "Assigned report to case",
+                        });
+                      } catch (err) {
+                        toast({
+                          title: "Failed to resolve report",
+                          description: String(err),
+                          variant: "destructive",
+                        });
+                      }
+                    }}
+                  >
+                    <CaseCard entry={entry} />
+                  </a>
+                ))}
+              </div>
+            </div>
+          </PopoverContent>
+        </Popover>
+      )}
+
       <div className="flex gap-2">
         {reportDraft.status === "Created" ? (
           <>

components/pages/inspector/UserActions.tsx

@@ -30,6 +30,7 @@ import {
   unsuspendUser,
   updateBotDiscoverability,
   updateUserBadges,
+  wipeUser,
   wipeUserProfile,
 } from "@/lib/actions";
 import { useRef, useState } from "react";
@@ -264,6 +265,51 @@ export function UserActions({ user, bot }: { user: User; bot?: Bot }) {
           </AlertDialogContent>
         </AlertDialog>
 
+        <AlertDialog>
+          <AlertDialogTrigger asChild>
+            <Button className="flex-1 bg-pink-600" disabled={userInaccessible}>
+              Wipe Messages
+            </Button>
+          </AlertDialogTrigger>
+          <AlertDialogContent>
+            <AlertDialogHeader>
+              <AlertDialogTitle>
+                Are you sure you want to wipe this user&apos;s messages?
+              </AlertDialogTitle>
+              <AlertDialogDescription>
+                All messages sent by this user will be deleted immediately.
+                <br className="text-base/8" />
+                <span className="text-red-700">
+                  This action is irreversible and{" "}
+                  <b className="font-bold">will not publish any events</b>!
+                </span>
+              </AlertDialogDescription>
+            </AlertDialogHeader>
+            <AlertDialogFooter>
+              <AlertDialogCancel>Cancel</AlertDialogCancel>
+              <AlertDialogAction
+                className="hover:bg-red-700 transition-all"
+                onClick={() =>
+                  wipeUser(user._id, 0, true)
+                    .then(() => {
+                      setUserDraft((user) => ({ ...user, flags: 4 }));
+                      toast({ title: "Wiped user's messages" });
+                    })
+                    .catch((err) =>
+                      toast({
+                        title: "Failed to wipe user's messages!",
+                        description: String(err),
+                        variant: "destructive",
+                      })
+                    )
+                }
+              >
+                Ban
+              </AlertDialogAction>
+            </AlertDialogFooter>
+          </AlertDialogContent>
+        </AlertDialog>
+
         <AlertDialog>
           <AlertDialogTrigger asChild>
             <Button className="flex-1 bg-yellow-600">Bees</Button>
@@ -424,29 +470,37 @@ export function UserActions({ user, bot }: { user: User; bot?: Bot }) {
 
             <AlertDialog>
               <AlertDialogTrigger asChild>
-                <Button variant="ghost" disabled={!user.bot?.owner}>Reset bot token</Button>
+                <Button variant="ghost" disabled={!user.bot?.owner}>
+                  Reset bot token
+                </Button>
               </AlertDialogTrigger>
               <AlertDialogContent>
                 <AlertDialogHeader>
                   <AlertDialogTitle>Reset token</AlertDialogTitle>
                   <AlertDialogDescription className="flex flex-col gap-2">
                     <span>
-                      Re-roll this bot&apos;s authentication token. This will not disconnect active connections.
+                      Re-roll this bot&apos;s authentication token. This will
+                      not disconnect active connections.
                     </span>
                   </AlertDialogDescription>
                 </AlertDialogHeader>
                 <AlertDialogFooter>
                   <AlertDialogCancel>Cancel</AlertDialogCancel>
                   <AlertDialogAction
-                    onClick={() => resetBotToken(user._id)
+                    onClick={() =>
-                      .then(() => toast({
+                      resetBotToken(user._id)
+                        .then(() =>
+                          toast({
                             title: "Reset bot token",
-                      }))
+                          })
-                      .catch((e) => toast({
+                        )
+                        .catch((e) =>
+                          toast({
                             title: "Failed to reset token",
                             description: String(e),
                             variant: "destructive",
-                      }))
+                          })
+                        )
                     }
                   >
                     Reset
@@ -457,18 +511,16 @@ export function UserActions({ user, bot }: { user: User; bot?: Bot }) {
 
             <AlertDialog>
               <AlertDialogTrigger asChild>
-                <Button variant="ghost" disabled={!user.bot?.owner}>Transfer bot</Button>
+                <Button variant="ghost" disabled={!user.bot?.owner}>
+                  Transfer bot
+                </Button>
               </AlertDialogTrigger>
               <AlertDialogContent>
                 <AlertDialogHeader>
                   <AlertDialogTitle>Transfer bot</AlertDialogTitle>
                   <AlertDialogDescription className="flex flex-col gap-2">
-                    <span>
+                    <span>Transfer this bot to a new owner.</span>
-                      Transfer this bot to a new owner.
+                    <UserSelector onChange={setTransferTarget} />
-                    </span>
-                    <UserSelector
-                      onChange={setTransferTarget}
-                    />
                     <Checkbox
                       checked={transferResetToken}
                       onChange={(e) => setTransferResetToken(!!e)}
@@ -481,15 +533,24 @@ export function UserActions({ user, bot }: { user: User; bot?: Bot }) {
                   <AlertDialogCancel>Cancel</AlertDialogCancel>
                   <AlertDialogAction
                     disabled={!transferTarget}
-                    onClick={() => transferBot(user._id, transferTarget!._id, transferResetToken)
+                    onClick={() =>
-                      .then(() => toast({
+                      transferBot(
+                        user._id,
+                        transferTarget!._id,
+                        transferResetToken
+                      )
+                        .then(() =>
+                          toast({
                             title: "Reset bot token",
-                      }))
+                          })
-                      .catch((e) => toast({
+                        )
+                        .catch((e) =>
+                          toast({
                             title: "Failed to reset token",
                             description: String(e),
                             variant: "destructive",
-                      }))
+                          })
+                        )
                         .finally(() => {
                           setTransferResetToken(true);
                           setTransferTarget(null);

lib/accessPermissions.ts

@@ -1,17 +1,10 @@
 import { getServerSession } from "next-auth";
 import { SafetyNotes, insertAuditLog } from "./db";
 
-export type Permission =
+type Permission =
   | `authifier${
       | ""
-    | `/classification${
+      | `/classification${"" | "/fetch" | "/create" | "/update" | "/delete"}`}`
-      | ""
-      | "/fetch"
-      | "/create"
-      | "/update"
-      | "/delete"
-    }`
-  }`
   | "publish_message"
   | "chat_message"
   | `accounts${
@@ -31,19 +24,30 @@ export type Permission =
       | `/create${"" | "/dm" | "/invites"}`
       | `/update${"" | "/invites"}`}`
   | `messages${"" | `/fetch${"" | "/by-id" | "/by-user"}`}`
+  | `cases${
+      | ""
+      | "/create"
+      | `/fetch${"" | "/by-id" | "/open"}`
+      | `/update${"" | "/close" | "/reopen" | "/notes"}`}`
   | `reports${
       | ""
       | `/fetch${
           | ""
           | "/by-id"
           | "/open"
-          | `/related${"" | "/by-content" | "/by-user" | "/against-user"}`
+          | `/related${
+              | ""
+              | "/by-content"
+              | "/by-user"
+              | "/by-case"
+              | "/against-user"}`
           | `/snapshots${"" | "/by-report" | "/by-user"}`}`
       | `/update${
           | ""
           | "/notes"
           | "/resolve"
           | "/reject"
+          | "/case"
           | "/reopen"
           | `/bulk-close${"" | "/by-user"}`}`}`
   | `sessions${"" | `/fetch${"" | "/by-account-id"}`}`
@@ -81,8 +85,7 @@ export type Permission =
       | ""
       | `/fetch${"" | `/${SafetyNotes["_id"]["type"]}`}`
       | `/update${"" | `/${SafetyNotes["_id"]["type"]}`}`}`
-  | `backup${"" | `/fetch${"" | "/by-name"}`}`
+  | `backup${"" | `/fetch${"" | "/by-name"}`}`;
-  | `audit${"" | `/fetch`}`;
 
 const PermissionSets = {
   // Admin
@@ -104,6 +107,8 @@ const PermissionSets = {
   // View open reports
   "view-open-reports": [
     "users/fetch/by-id",
+    "cases/fetch/open",
+    "cases/fetch/by-id",
     "reports/fetch/open",
     "reports/fetch/by-id",
     "reports/fetch/related",
@@ -115,7 +120,12 @@ const PermissionSets = {
     "reports/update/notes",
     "reports/update/resolve",
     "reports/update/reject",
+    "reports/update/case",
     "reports/update/reopen",
+    "cases/create",
+    "cases/update/notes",
+    "cases/update/close",
+    "cases/update/reopen",
   ] as Permission[],
 
   // Revolt Discover
@@ -211,13 +221,9 @@ const PermissionSets = {
 
     "safety_notes/fetch",
     "safety_notes/update",
-
-    "audit/fetch",
   ] as Permission[],
 
-  "authifier": [
+  authifier: ["authifier/classification"] as Permission[],
-    "authifier/classification",
-  ] as Permission[],
 };
 
 const Roles = {
@@ -238,22 +244,32 @@ const ACL: Record<string, Set<Permission>> = {
     ...Roles["revolt-discover"],
     ...Roles["user-support"],
   ] as Permission[]),
-  "lea@janderedev.xyz": new Set([
+  "lea@revolt.chat": new Set([
     ...Roles["moderator"],
     ...Roles["revolt-discover"],
     ...Roles["user-support"],
   ] as Permission[]),
-  "infi@infi.sh": new Set([
+  "tom@revolt.chat": new Set([
     ...Roles["moderator"],
     ...Roles["revolt-discover"],
     ...Roles["user-support"],
   ] as Permission[]),
-  "beartechtalks@gmail.com": new Set([
+  "jen@revolt.chat": new Set([
     ...Roles["moderator"],
     ...Roles["revolt-discover"],
     ...Roles["user-support"],
   ] as Permission[]),
-  "me@zomatree.live": new Set([
+  "rexo@revolt.chat": new Set([
+    ...Roles["moderator"],
+    ...Roles["revolt-discover"],
+    ...Roles["user-support"],
+  ] as Permission[]),
+  "zomatree@revolt.chat": new Set([
+    ...Roles["moderator"],
+    ...Roles["revolt-discover"],
+    ...Roles["user-support"],
+  ] as Permission[]),
+  "vale@revolt.chat": new Set([
     ...Roles["moderator"],
     ...Roles["revolt-discover"],
     ...Roles["user-support"],
@@ -290,5 +306,5 @@ export async function checkPermission(
   if (!(await hasPermissionFromSession(permission)))
     throw `Missing permission ${permission}`;
 
-  await insertAuditLog(permission, context, args);
+  return await insertAuditLog(permission, context, args);
 }

lib/actions.ts

@@ -4,9 +4,10 @@ import { readFile, readdir, writeFile } from "fs/promises";
 import { PLATFORM_MOD_ID, RESTRICT_ACCESS_LIST } from "./constants";
 import mongo, {
   Account,
-  AuditLogEntry,
+  CaseDocument,
   ChannelInvite,
   EmailClassification,
+  ReportDocument,
   createDM,
   fetchAccountById,
   findDM,
@@ -99,6 +100,48 @@ export async function updateReportNotes(reportId: string, notes: string) {
     );
 }
 
+export async function updateCaseNotes(caseId: string, notes: string) {
+  await checkPermission("cases/update/notes", caseId, { notes });
+
+  return await mongo()
+    .db("revolt")
+    .collection<CaseDocument>("safety_cases")
+    .updateOne(
+      { _id: caseId },
+      {
+        $set: {
+          notes,
+        },
+      }
+    );
+}
+
+export async function assignReportToCase(reportId: string, caseId?: string) {
+  await checkPermission("reports/update/case", reportId);
+
+  const $set = {
+    case_id: (caseId ?? null)!,
+  } as ReportDocument;
+
+  await mongo()
+    .db("revolt")
+    .collection<ReportDocument>("safety_reports")
+    .updateOne(
+      { _id: reportId },
+      (caseId
+        ? {
+            $set,
+          }
+        : {
+            $unset: {
+              case_id: 1,
+            },
+          }) as never // fuck you
+    );
+
+  return $set;
+}
+
 export async function resolveReport(reportId: string) {
   await checkPermission("reports/update/resolve", reportId);
 
@@ -117,6 +160,24 @@ export async function resolveReport(reportId: string) {
   return $set;
 }
 
+export async function closeCase(caseId: string) {
+  await checkPermission("cases/update/close", caseId);
+
+  const $set = {
+    status: "Closed",
+    closed_at: new Date().toISOString(),
+  } as CaseDocument;
+
+  await mongo().db("revolt").collection<CaseDocument>("safety_cases").updateOne(
+    { _id: caseId },
+    {
+      $set,
+    }
+  );
+
+  return $set;
+}
+
 export async function rejectReport(reportId: string, reason: string) {
   await checkPermission("reports/update/reject", reportId, { reason });
 
@@ -159,6 +220,23 @@ export async function reopenReport(reportId: string) {
   return $set;
 }
 
+export async function reopenCase(caseId: string) {
+  await checkPermission("cases/update/reopen", caseId);
+
+  const $set = {
+    status: "Open",
+  } as CaseDocument;
+
+  await mongo().db("revolt").collection<CaseDocument>("safety_cases").updateOne(
+    { _id: caseId },
+    {
+      $set,
+    }
+  );
+
+  return $set;
+}
+
 export async function closeReportsByUser(userId: string) {
   await checkPermission("reports/update/bulk-close/by-user", userId);
 
@@ -209,8 +287,8 @@ export async function deleteMFARecoveryCodes(userId: string) {
         $unset: {
           "mfa.recovery_codes": 1,
         },
-      },
+      }
-    )
+    );
 }
 
 export async function disableMFA(userId: string) {
@@ -226,8 +304,8 @@ export async function disableMFA(userId: string) {
         $unset: {
           "mfa.totp_token": 1,
         },
-      },
+      }
-    )
+    );
 }
 
 export async function changeAccountEmail(userId: string, email: string) {
@@ -288,9 +366,7 @@ export async function verifyAccountEmail(userId: string) {
 export async function lookupEmail(email: string): Promise<string | false> {
   await checkPermission("accounts/fetch/by-email", email);
 
-  const accounts = mongo()
+  const accounts = mongo().db("revolt").collection<Account>("accounts");
-    .db("revolt")
-    .collection<Account>("accounts");
 
   let result = await accounts.findOne({ email: email });
   if (result) return result._id;
@@ -370,12 +446,18 @@ export async function updateUserBadges(userId: string, badges: number) {
   }
 }
 
-export async function wipeUser(userId: string, flags = 4) {
+export async function wipeUser(
+  userId: string,
+  flags = 4,
+  onlyMessages = false
+) {
   if (RESTRICT_ACCESS_LIST.includes(userId)) throw "restricted access";
 
   await checkPermission("users/action/wipe", userId, { flags });
 
-  const user = await mongo()
+  const user = onlyMessages
+    ? null
+    : await mongo()
         .db("revolt")
         .collection<User>("users")
         .findOne({ _id: userId });
@@ -386,7 +468,9 @@ export async function wipeUser(userId: string, flags = 4) {
     .find({ author: userId }, { sort: { _id: -1 } })
     .toArray();
 
-  const dms = await mongo()
+  const dms = onlyMessages
+    ? null
+    : await mongo()
         .db("revolt")
         .collection<Channel>("channels")
         .find({
@@ -395,7 +479,9 @@ export async function wipeUser(userId: string, flags = 4) {
         })
         .toArray();
 
-  const memberships = await mongo()
+  const memberships = onlyMessages
+    ? null
+    : await mongo()
         .db("revolt")
         .collection<{ _id: { user: string; server: string } }>("server_members")
         .find({ "_id.user": userId })
@@ -403,7 +489,7 @@ export async function wipeUser(userId: string, flags = 4) {
 
   // retrieve messages, dm channels, relationships, server memberships
   const backup = {
-    _event: "wipe",
+    _event: onlyMessages ? "messages" : "wipe",
     user,
     messages,
     dms,
@@ -423,6 +509,7 @@ export async function wipeUser(userId: string, flags = 4) {
     .filter((attachment) => attachment)
     .map((attachment) => attachment!._id);
 
+  if (!onlyMessages) {
     if (backup.user?.avatar) {
       attachmentIds.push(backup.user.avatar._id);
     }
@@ -430,6 +517,7 @@ export async function wipeUser(userId: string, flags = 4) {
     if (backup.user?.profile?.background) {
       attachmentIds.push(backup.user.profile.background._id);
     }
+  }
 
   if (attachmentIds.length) {
     await mongo()
@@ -451,6 +539,7 @@ export async function wipeUser(userId: string, flags = 4) {
     author: userId,
   });
 
+  if (!onlyMessages) {
     // delete server memberships
     await mongo().db("revolt").collection<Member>("server_members").deleteMany({
       "_id.user": userId,
@@ -481,8 +570,8 @@ export async function wipeUser(userId: string, flags = 4) {
 
     // broadcast wipe event
     for (const topic of [
-    ...backup.dms.map((x) => x._id),
+      ...backup.dms!.map((x) => x._id),
-    ...backup.memberships.map((x) => x._id.server),
+      ...backup.memberships!.map((x) => x._id.server),
     ]) {
       await publishMessage(topic, {
         type: "UserPlatformWipe",
@@ -490,6 +579,7 @@ export async function wipeUser(userId: string, flags = 4) {
         flags,
       });
     }
+  }
 }
 
 export async function banUser(userId: string) {
@@ -599,10 +689,7 @@ export async function updateServerOwner(serverId: string, userId: string) {
   await mongo()
     .db("revolt")
     .collection<Server>("servers")
-    .updateOne(
+    .updateOne({ _id: serverId }, { $set: { owner: userId } });
-      { _id: serverId },
-      { $set: { owner: userId } },
-    );
 
   await publishMessage(serverId, {
     type: "ServerUpdate",
@@ -614,8 +701,16 @@ export async function updateServerOwner(serverId: string, userId: string) {
   });
 }
 
-export async function addServerMember(serverId: string, userId: string, withEvent: boolean) {
+export async function addServerMember(
-  await checkPermission("servers/update/add-member", { serverId, userId, withEvent });
+  serverId: string,
+  userId: string,
+  withEvent: boolean
+) {
+  await checkPermission("servers/update/add-member", {
+    serverId,
+    userId,
+    withEvent,
+  });
 
   const server = await mongo()
     .db("revolt")
@@ -644,7 +739,7 @@ export async function addServerMember(serverId: string, userId: string, withEven
       joined_at: Long.fromNumber(Date.now()) as unknown as string,
     });
 
-  await publishMessage(userId + '!', {
+  await publishMessage(userId + "!", {
     type: "ServerCreate",
     id: serverId,
     channels: channels,
@@ -687,11 +782,11 @@ export async function quarantineServer(serverId: string, message: string) {
     server,
     members,
     invites,
-  }
+  };
 
   await writeFile(
     `./exports/${new Date().toISOString()} - ${serverId}.json`,
-    JSON.stringify(backup),
+    JSON.stringify(backup)
   );
 
   await mongo()
@@ -704,7 +799,7 @@ export async function quarantineServer(serverId: string, message: string) {
           owner: "0".repeat(26),
           analytics: false,
           discoverable: false,
-        }
+        },
       }
     );
 
@@ -731,7 +826,8 @@ export async function quarantineServer(serverId: string, message: string) {
         const messageId = ulid();
 
         let dm = await findDM(PLATFORM_MOD_ID, member._id.user);
-        if (!dm) dm = await createDM(PLATFORM_MOD_ID, member._id.user, messageId);
+        if (!dm)
+          dm = await createDM(PLATFORM_MOD_ID, member._id.user, messageId);
 
         await sendChatMessage({
           _id: messageId,
@@ -838,11 +934,15 @@ export async function resetBotToken(botId: string) {
         $set: {
           token: nanoid(64),
         },
-      },
+      }
     );
 }
 
-export async function transferBot(botId: string, ownerId: string, resetToken: boolean) {
+export async function transferBot(
+  botId: string,
+  ownerId: string,
+  resetToken: boolean
+) {
   await checkPermission("bots/update/owner", { botId, ownerId, resetToken });
 
   if (resetToken) {
@@ -859,15 +959,13 @@ export async function transferBot(botId: string, ownerId: string, resetToken: bo
       {
         $set: {
           owner: ownerId,
-          ...(
+          ...(resetToken
-            resetToken
             ? {
                 token: nanoid(64),
               }
-              : {}
+            : {}),
-          ),
-        },
         },
+      }
     );
 
   await mongo()
@@ -881,13 +979,11 @@ export async function transferBot(botId: string, ownerId: string, resetToken: bo
         $set: {
           "bot.owner": ownerId,
         },
-      },
+      }
     );
 
   // This doesn't appear to work, maybe Revite can't handle it. I'll leave it in regardless.
-  await publishMessage(
+  await publishMessage(botId, {
-    botId,
-    {
     type: "UserUpdate",
     id: botId,
     data: {
@@ -895,8 +991,7 @@ export async function transferBot(botId: string, ownerId: string, resetToken: bo
         owner: ownerId,
       },
     },
-    },
+  });
-  );
 }
 
 export async function restoreAccount(accountId: string) {
@@ -966,15 +1061,19 @@ export async function fetchBackups() {
   await checkPermission("backup/fetch", null);
 
   return await Promise.all(
-    (await readdir("./exports", { withFileTypes: true }))
+    (
+      await readdir("./exports", { withFileTypes: true })
+    )
       .filter((file) => file.isFile() && file.name.endsWith(".json"))
       .map(async (file) => {
         let type: string | null = null;
         try {
-          type = JSON.parse((await readFile(`./exports/${file.name}`)).toString("utf-8"))._event;
+          type = JSON.parse(
-        } catch(e) {}
+            (await readFile(`./exports/${file.name}`)).toString("utf-8")
+          )._event;
+        } catch (e) {}
 
-        return { name: file.name, type: type }
+        return { name: file.name, type: type };
       })
   );
 }
@@ -985,7 +1084,9 @@ export async function fetchBackup(name: string) {
   return JSON.parse((await readFile(`./exports/${name}`)).toString("utf-8"));
 }
 
-export async function fetchEmailClassifications(): Promise<EmailClassification[]> {
+export async function fetchEmailClassifications(): Promise<
+  EmailClassification[]
+> {
   await checkPermission("authifier/classification/fetch", null);
 
   return await mongo()
@@ -995,27 +1096,34 @@ export async function fetchEmailClassifications(): Promise<EmailClassification[]
     .toArray();
 }
 
-export async function createEmailClassification(domain: string, classification: string) {
+export async function createEmailClassification(
-  await checkPermission("authifier/classification/create", { domain, classification });
+  domain: string,
+  classification: string
+) {
+  await checkPermission("authifier/classification/create", {
+    domain,
+    classification,
+  });
 
   await mongo()
     .db("authifier")
     .collection<EmailClassification>("email_classification")
-    .insertOne(
+    .insertOne({ _id: domain, classification });
-      { _id: domain, classification },
-    );
 }
 
-export async function updateEmailClassification(domain: string, classification: string) {
+export async function updateEmailClassification(
-  await checkPermission("authifier/classification/update", { domain, classification });
+  domain: string,
+  classification: string
+) {
+  await checkPermission("authifier/classification/update", {
+    domain,
+    classification,
+  });
 
   await mongo()
     .db("authifier")
     .collection<EmailClassification>("email_classification")
-    .updateOne(
+    .updateOne({ _id: domain }, { $set: { classification } });
-      { _id: domain },
-      { $set: { classification } },
-    );
 }
 
 export async function deleteEmailClassification(domain: string) {
@@ -1024,18 +1132,16 @@ export async function deleteEmailClassification(domain: string) {
   await mongo()
     .db("authifier")
     .collection<EmailClassification>("email_classification")
-    .deleteOne(
+    .deleteOne({ _id: domain });
-      { _id: domain },
-    );
 }
 
-export async function searchUserByTag(username: string, discriminator: string): Promise<string | false> {
+export async function searchUserByTag(
+  username: string,
+  discriminator: string
+): Promise<string | false> {
   await checkPermission("users/fetch/by-tag", { username, discriminator });
 
-  const result = await mongo()
+  const result = await mongo().db("revolt").collection<User>("users").findOne({
-    .db("revolt")
-    .collection<User>("users")
-    .findOne({
     username,
     discriminator,
   });
@@ -1054,15 +1160,3 @@ export async function fetchUsersByUsername(username: string) {
     })
     .toArray();
 }
-
-export async function fetchAuditLogEvents() {
-  await checkPermission("audit/fetch", {});
-
-  return await mongo()
-    .db("revolt")
-    .collection<AuditLogEntry>("safety_audit")
-    .find({})
-//    .sort({ _id: -1 })
-    .limit(100)
-    .toArray();
-}

lib/db.ts

@@ -15,12 +15,25 @@ import type {
 } from "revolt-api";
 import { ulid } from "ulid";
 import { publishMessage } from "./redis";
-import { Permission, checkPermission, hasPermissionFromSession } from "./accessPermissions";
+import { checkPermission, hasPermissionFromSession } from "./accessPermissions";
 import { PLATFORM_MOD_ID } from "./constants";
 import { getServerSession } from "next-auth";
 
 let client: MongoClient;
 
+export type CaseDocument = {
+  _id: string;
+  title: string;
+  notes?: string;
+  author: string;
+  status: "Open" | "Closed";
+  closed_at?: string;
+};
+
+export type ReportDocument = Report & {
+  case_id?: string;
+};
+
 function mongo() {
   if (!client) {
     client = new MongoClient(process.env.MONGODB!);
@@ -31,14 +44,6 @@ function mongo() {
 
 export default mongo;
 
-export type AuditLogEntry = {
-  _id: string;
-  moderator: string;
-  permission: Permission | string;
-  context: any;
-  args: any;
-};
-
 export async function insertAuditLog(
   permission: string,
   context: any,
@@ -49,7 +54,13 @@ export async function insertAuditLog(
 
   await mongo()
     .db("revolt")
-    .collection<AuditLogEntry>("safety_audit")
+    .collection<{
+      _id: string;
+      moderator: string;
+      permission: string;
+      context: any;
+      args: any;
+    }>("safety_audit")
     .insertOne({
       _id: ulid(),
       moderator: session!.user!.email!,
@@ -57,6 +68,8 @@ export async function insertAuditLog(
       context,
       args,
     });
+
+  return session!.user!.email!;
 }
 
 export async function fetchBotById(id: string) {
@@ -118,11 +131,10 @@ export type Account = {
 export async function fetchAccountById(id: string) {
   await checkPermission("accounts/fetch/by-id", id);
 
-  return await mongo()
+  return (await mongo()
     .db("revolt")
     .collection<Account>("accounts")
-    .aggregate(
+    .aggregate([
-      [
       {
         $match: { _id: id },
       },
@@ -130,7 +142,7 @@ export async function fetchAccountById(id: string) {
         $project: {
           password: 0,
           "mfa.totp_token.secret": 0,
-          }
+        },
       },
       {
         $set: {
@@ -138,14 +150,14 @@ export async function fetchAccountById(id: string) {
           "mfa.recovery_codes": {
             $cond: {
               if: { $isArray: "$mfa.recovery_codes" },
-                then: { $size: "$mfa.recovery_codes", },
+              then: { $size: "$mfa.recovery_codes" },
               else: undefined,
-              }
+            },
-            }
+          },
-          }
+        },
-        }
+      },
-      ]
+    ])
-    ).next() as WithId<Account>;
+    .next()) as WithId<Account>;
 }
 
 export async function fetchSessionsByAccount(accountId: string) {
@@ -290,7 +302,7 @@ export async function fetchServers(query: Filter<Server>) {
 }
 
 // `vanity` should eventually be added to the backend as well
-export type ChannelInvite = Invite & { vanity?: boolean }
+export type ChannelInvite = Invite & { vanity?: boolean };
 
 export async function fetchInvites(query: Filter<ChannelInvite>) {
   await checkPermission("channels/fetch/invites", query);
@@ -313,7 +325,7 @@ export async function fetchInvites(query: Filter<ChannelInvite>) {
     .find({ _id: { $in: invites.map((invite) => invite.creator) } })
     .toArray();
 
-  return { invites, channels, users }
+  return { invites, channels, users };
 }
 
 export async function fetchMessageById(id: string) {
@@ -360,7 +372,7 @@ export async function fetchOpenReports() {
 
   return await mongo()
     .db("revolt")
-    .collection<Report>("safety_reports")
+    .collection<ReportDocument>("safety_reports")
     .find(
       { status: "Created" },
       {
@@ -372,6 +384,23 @@ export async function fetchOpenReports() {
     .toArray();
 }
 
+export async function fetchOpenCases() {
+  await checkPermission("cases/fetch/open", "all");
+
+  return await mongo()
+    .db("revolt")
+    .collection<CaseDocument>("safety_cases")
+    .find(
+      { status: "Open" },
+      {
+        sort: {
+          _id: -1,
+        },
+      }
+    )
+    .toArray();
+}
+
 export async function fetchRelatedReportsByContent(contentId: string) {
   await checkPermission("reports/fetch/related/by-content", contentId);
 
@@ -406,6 +435,23 @@ export async function fetchReportsByUser(userId: string) {
     .toArray();
 }
 
+export async function fetchReportsByCase(caseId: string) {
+  await checkPermission("reports/fetch/related/by-case", caseId);
+
+  return await mongo()
+    .db("revolt")
+    .collection<ReportDocument>("safety_reports")
+    .find(
+      { case_id: caseId },
+      {
+        sort: {
+          _id: -1,
+        },
+      }
+    )
+    .toArray();
+}
+
 export async function fetchReportsAgainstUser(userId: string) {
   await checkPermission("reports/fetch/related/against-user", userId);
 
@@ -465,6 +511,27 @@ export async function fetchReportById(id: string) {
     .findOne({ _id: id });
 }
 
+export async function createCase(title: string) {
+  const id = ulid();
+  const author = await checkPermission("cases/create", { title });
+
+  await mongo()
+    .db("revolt")
+    .collection<CaseDocument>("safety_cases")
+    .insertOne({ _id: id, author, status: "Open", title });
+
+  return id;
+}
+
+export async function fetchCaseById(id: string) {
+  await checkPermission("cases/fetch/by-id", id);
+
+  return await mongo()
+    .db("revolt")
+    .collection<CaseDocument>("safety_cases")
+    .findOne({ _id: id });
+}
+
 export async function fetchMembershipsByUser(userId: string) {
   await checkPermission("users/fetch/memberships", userId);
 
@@ -564,13 +631,19 @@ export async function fetchAuthifierEmailClassification(provider: string) {
 }
 
 export type SafetyNotes = {
-  _id: { id: string, type: "message" | "channel" | "server" | "user" | "account" | "global" };
+  _id: {
+    id: string;
+    type: "message" | "channel" | "server" | "user" | "account" | "global";
+  };
   text: string;
   edited_by: string;
   edited_at: Date;
-}
+};
 
-export async function fetchSafetyNote(objectId: string, type: SafetyNotes["_id"]["type"]) {
+export async function fetchSafetyNote(
+  objectId: string,
+  type: SafetyNotes["_id"]["type"]
+) {
   await checkPermission(`safety_notes/fetch/${type}`, objectId);
 
   return mongo()
@@ -579,7 +652,11 @@ export async function fetchSafetyNote(objectId: string, type: SafetyNotes["_id"]
     .findOne({ _id: { id: objectId, type: type } });
 }
 
-export async function updateSafetyNote(objectId: string, type: SafetyNotes["_id"]["type"], note: string) {
+export async function updateSafetyNote(
+  objectId: string,
+  type: SafetyNotes["_id"]["type"],
+  note: string
+) {
   await checkPermission(`safety_notes/update/${type}`, objectId);
 
   const session = await getServerSession();
@@ -596,6 +673,6 @@ export async function updateSafetyNote(objectId: string, type: SafetyNotes["_id"
           edited_by: session?.user?.email ?? "",
         },
       },
-      { upsert: true },
+      { upsert: true }
     );
 }