Update plugins/antiban.js
Browse files- plugins/antiban.js +13 -1
plugins/antiban.js
CHANGED
|
@@ -72,7 +72,6 @@ AntibanRoutes.post("/api/v1/user/ban-user", authenticateApiKey, apiLimiter, asyn
|
|
| 72 |
const dbClient = new Database("AkenoXJs");
|
| 73 |
const collection = dbClient.collection("ban_users");
|
| 74 |
const collectionKey = dbClient.collection("api_keys");
|
| 75 |
-
|
| 76 |
try {
|
| 77 |
const apiKey = req.headers["x-api-key"];
|
| 78 |
const userIdString = req.query.user_id;
|
|
@@ -97,6 +96,19 @@ AntibanRoutes.post("/api/v1/user/ban-user", authenticateApiKey, apiLimiter, asyn
|
|
| 97 |
is_ban: false
|
| 98 |
});
|
| 99 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 100 |
if (protectedUsers.includes(userIdNumber)) {
|
| 101 |
return res.status(403).json({
|
| 102 |
message: `User ${userIdNumber} is a protected admin and cannot be banned`,
|
|
|
|
| 72 |
const dbClient = new Database("AkenoXJs");
|
| 73 |
const collection = dbClient.collection("ban_users");
|
| 74 |
const collectionKey = dbClient.collection("api_keys");
|
|
|
|
| 75 |
try {
|
| 76 |
const apiKey = req.headers["x-api-key"];
|
| 77 |
const userIdString = req.query.user_id;
|
|
|
|
| 96 |
is_ban: false
|
| 97 |
});
|
| 98 |
}
|
| 99 |
+
const result = await collectionKey.find({}).toArray();
|
| 100 |
+
let userIds = [];
|
| 101 |
+
for (const data of result) {
|
| 102 |
+
if (data.owner !== undefined) {
|
| 103 |
+
userIds.push(data.owner);
|
| 104 |
+
}
|
| 105 |
+
}
|
| 106 |
+
if (userIds.includes(userIdNumber)) {
|
| 107 |
+
return res.status(403).json({
|
| 108 |
+
message: `User ${userIdNumber} cannot be banned because they created the API key`,
|
| 109 |
+
is_ban: false
|
| 110 |
+
});
|
| 111 |
+
}
|
| 112 |
if (protectedUsers.includes(userIdNumber)) {
|
| 113 |
return res.status(403).json({
|
| 114 |
message: `User ${userIdNumber} is a protected admin and cannot be banned`,
|