From c3551d92543fd4ced618e2aac0be38f3ca9ee2df Mon Sep 17 00:00:00 2001 From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> Date: Tue, 5 Oct 2021 19:52:42 +0200 Subject: [PATCH] :bug: fix user projection --- api/src/routes/auth/register.ts | 4 ++-- api/src/routes/users/@me/delete.ts | 2 +- api/src/routes/users/@me/disable.ts | 2 +- api/src/routes/users/@me/relationships.ts | 6 +++++- gateway/src/opcodes/Identify.ts | 2 ++ util/src/entities/Channel.ts | 2 +- util/src/entities/User.ts | 1 + 7 files changed, 13 insertions(+), 6 deletions(-) diff --git a/api/src/routes/auth/register.ts b/api/src/routes/auth/register.ts index c016c949..9f3b46f1 100644 --- a/api/src/routes/auth/register.ts +++ b/api/src/routes/auth/register.ts @@ -79,7 +79,7 @@ router.post("/", route({ body: "RegisterSchema" }), async (req: Request, res: Re if (!register.allowMultipleAccounts) { // TODO: check if fingerprint was eligible generated - const exists = await User.findOne({ where: { fingerprints: body.fingerprint } }); + const exists = await User.findOne({ where: { fingerprints: body.fingerprint }, select: ["id"] }); if (exists) { throw FieldErrors({ @@ -109,7 +109,7 @@ router.post("/", route({ body: "RegisterSchema" }), async (req: Request, res: Re } // check if there is already an account with this email - const exists = await User.findOneOrFail({ email: email }).catch((e) => {}); + const exists = await User.findOne({ email: email }); if (exists) { throw FieldErrors({ diff --git a/api/src/routes/users/@me/delete.ts b/api/src/routes/users/@me/delete.ts index 39ceefd9..c24c3f1e 100644 --- a/api/src/routes/users/@me/delete.ts +++ b/api/src/routes/users/@me/delete.ts @@ -7,7 +7,7 @@ import { HTTPError } from "lambert-server"; const router = Router(); router.post("/", route({}), async (req: Request, res: Response) => { - const user = await User.findOneOrFail({ id: req.user_id }); //User object + const user = await User.findOneOrFail({ where: { id: req.user_id }, select: ["data"] }); //User object let correctpass = true; if (user.data.hash) { diff --git a/api/src/routes/users/@me/disable.ts b/api/src/routes/users/@me/disable.ts index 259ced96..4aff3774 100644 --- a/api/src/routes/users/@me/disable.ts +++ b/api/src/routes/users/@me/disable.ts @@ -6,7 +6,7 @@ import bcrypt from "bcrypt"; const router = Router(); router.post("/", route({}), async (req: Request, res: Response) => { - const user = await User.findOneOrFail({ id: req.user_id }); //User object + const user = await User.findOneOrFail({ where: { id: req.user_id }, select: ["data"] }); //User object let correctpass = true; if (user.data.hash) { diff --git a/api/src/routes/users/@me/relationships.ts b/api/src/routes/users/@me/relationships.ts index 567c734e..0c13cdba 100644 --- a/api/src/routes/users/@me/relationships.ts +++ b/api/src/routes/users/@me/relationships.ts @@ -18,7 +18,11 @@ const router = Router(); const userProjection: (keyof User)[] = ["relationships", ...PublicUserProjection]; router.get("/", route({}), async (req: Request, res: Response) => { - const user = await User.findOneOrFail({ where: { id: req.user_id }, relations: ["relationships", "relationships.to"] }); + const user = await User.findOneOrFail({ + where: { id: req.user_id }, + relations: ["relationships", "relationships.to"], + select: ["relationships"] + }); //TODO DTO const related_users = user.relationships.map((r) => { diff --git a/gateway/src/opcodes/Identify.ts b/gateway/src/opcodes/Identify.ts index a58583ee..8233aade 100644 --- a/gateway/src/opcodes/Identify.ts +++ b/gateway/src/opcodes/Identify.ts @@ -21,6 +21,7 @@ import { PublicMember, ChannelType, PublicUser, + PrivateUserProjection, } from "@fosscord/util"; import { setupListener } from "../listener/listener"; import { IdentifySchema } from "../schema/Identify"; @@ -111,6 +112,7 @@ export async function onIdentify(this: WebSocket, data: Payload) { const user = await User.findOneOrFail({ where: { id: this.user_id }, relations: ["relationships", "relationships.to"], + select: [...PrivateUserProjection, "relationships"], }); if (!user) return this.close(CLOSECODES.Authentication_failed); diff --git a/util/src/entities/Channel.ts b/util/src/entities/Channel.ts index 1644b265..51d8b026 100644 --- a/util/src/entities/Channel.ts +++ b/util/src/entities/Channel.ts @@ -203,7 +203,7 @@ export class Channel extends BaseClass { static async createDMChannel(recipients: string[], creator_user_id: string, name?: string) { recipients = recipients.unique().filter((x) => x !== creator_user_id); - const otherRecipientsUsers = await User.find({ where: recipients.map((x) => ({ id: x })) }); + const otherRecipientsUsers = await User.find({ where: recipients.map((x) => ({ id: x })), select: ["id"] }); // TODO: check config for max number of recipients if (otherRecipientsUsers.length !== recipients.length) { diff --git a/util/src/entities/User.ts b/util/src/entities/User.ts index a139d362..97564af3 100644 --- a/util/src/entities/User.ts +++ b/util/src/entities/User.ts @@ -29,6 +29,7 @@ export enum PrivateUserEnum { premium, premium_type, disabled, + settings, // locale } export type PrivateUserKeys = keyof typeof PrivateUserEnum | PublicUserKeys;