feat(backend): only one sensitive data request per 24 hours

2024-12-29 16:34:11 -05:00 · 2024-12-29 16:34:11 -05:00 · 8edbc8bf1d
commit 8edbc8bf1d
parent db22e35f0d
2 changed files with 7 additions and 0 deletions
--- a/Foxnouns.Backend/Controllers/Moderation/LookupController.cs
+++ b/Foxnouns.Backend/Controllers/Moderation/LookupController.cs
@ -64,6 +64,7 @@ public class LookupController(
                LastSidReroll: user.LastSidReroll,
                Suspended: user is { Deleted: true, DeletedBy: not null },
                Deleted: user.Deleted,
+                ShowSensitiveData: showSensitiveData,
                AuthMethods: showSensitiveData
                    ? authMethods.Select(UserRendererService.RenderAuthMethod)
                    : null
@ -79,6 +80,11 @@ public class LookupController(
    {
        User user = await db.ResolveUserAsync(id);

+        // Don't let mods accidentally spam the audit log
+        bool alreadyAuthorized = await moderationService.ShowSensitiveDataAsync(CurrentUser!, user);
+        if (alreadyAuthorized)
+            return NoContent();
+
        AuditLogEntry entry = await moderationService.QuerySensitiveDataAsync(
            CurrentUser!,
            user,
--- a/Foxnouns.Backend/Dto/Moderation.cs
+++ b/Foxnouns.Backend/Dto/Moderation.cs
@ -105,6 +105,7 @@ public record QueryUserResponse(
    Instant LastSidReroll,
    bool Suspended,
    bool Deleted,
+    bool ShowSensitiveData,
    [property: JsonProperty(NullValueHandling = NullValueHandling.Ignore)]
        IEnumerable<AuthMethodResponse>? AuthMethods
 );