sam/Foxnouns.NET
sam/Foxnouns.NET
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 2 Wiki Activity Actions

feat(backend): only one sensitive data request per 24 hours

Browse source
This commit is contained in:
sam 2024-12-29 16:34:11 -05:00
parent db22e35f0d
commit 8edbc8bf1d
Signed by: sam
GPG key ID: B4EF20DDE721CAA1
2 changed files with 7 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
Foxnouns.Backend/Controllers/Moderation/LookupController.cs
View file

@ -64,6 +64,7 @@ public class LookupController(
LastSidReroll: user.LastSidReroll, LastSidReroll: user.LastSidReroll,
Suspended: user is { Deleted: true, DeletedBy: not null }, Suspended: user is { Deleted: true, DeletedBy: not null },
Deleted: user.Deleted, Deleted: user.Deleted,
ShowSensitiveData: showSensitiveData,
AuthMethods: showSensitiveData AuthMethods: showSensitiveData
? authMethods.Select(UserRendererService.RenderAuthMethod) ? authMethods.Select(UserRendererService.RenderAuthMethod)
: null : null
@ -79,6 +80,11 @@ public class LookupController(
{ {
User user = await db.ResolveUserAsync(id); User user = await db.ResolveUserAsync(id);
// Don't let mods accidentally spam the audit log
bool alreadyAuthorized = await moderationService.ShowSensitiveDataAsync(CurrentUser!, user);
if (alreadyAuthorized)
return NoContent();
AuditLogEntry entry = await moderationService.QuerySensitiveDataAsync( AuditLogEntry entry = await moderationService.QuerySensitiveDataAsync(
CurrentUser!, CurrentUser!,
user, user,

1
Foxnouns.Backend/Dto/Moderation.cs
View file

@ -105,6 +105,7 @@ public record QueryUserResponse(
Instant LastSidReroll, Instant LastSidReroll,
bool Suspended, bool Suspended,
bool Deleted, bool Deleted,
bool ShowSensitiveData,
[property: JsonProperty(NullValueHandling = NullValueHandling.Ignore)] [property: JsonProperty(NullValueHandling = NullValueHandling.Ignore)]
IEnumerable<AuthMethodResponse>? AuthMethods IEnumerable<AuthMethodResponse>? AuthMethods
); );