From 9a6ea461a2750299f021b252a09491e315f99aba Mon Sep 17 00:00:00 2001 From: danibonilha Date: Thu, 28 Dec 2023 12:18:03 -0300 Subject: [PATCH 1/2] Validate body req of webhook and make taUser optional --- discord-scripts/discord-webhook.ts | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/discord-scripts/discord-webhook.ts b/discord-scripts/discord-webhook.ts index 94ac622e..8975d004 100644 --- a/discord-scripts/discord-webhook.ts +++ b/discord-scripts/discord-webhook.ts @@ -8,9 +8,9 @@ export default async function webhookDiscord( ) { async function sendToDiscordChannel( channelName: string, - tagUser: string, title: string, message: string, + tagUser: string = "0", // 0 means no user is tagged ) { let channel: TextChannel | undefined const guilds = discordClient.guilds.cache @@ -30,7 +30,6 @@ export default async function webhookDiscord( "Text-based channel with the given name not found in any guild", ) - const memberIds = tagUser.split(",") const existingThread = channel.threads.cache.find( (thread) => thread.name === title, ) @@ -43,6 +42,7 @@ export default async function webhookDiscord( reason: message, }) if (tagUser !== "0") { + const memberIds = tagUser.split(",") await Promise.all( memberIds.map((id) => newThread.members.add(id.trim())), ) @@ -71,12 +71,27 @@ export default async function webhookDiscord( } }, async (req: express.Request, res: express.Response) => { + const isBodyInvalid = ["channelName", "title", "message"].some( + (field) => { + const isFieldEmpty = !req.body?.[field] + + if (isFieldEmpty) { + res.status(400).send(`Missing field: ${field}`) + } + return isFieldEmpty + }, + ) + + if (isBodyInvalid) { + return + } + const { channelName, tagUser, title, message } = req.body robot.logger.info( `Received data: channelName = ${channelName}, title = ${title}, tagged users = ${tagUser} , message = ${message}`, ) - await sendToDiscordChannel(channelName, tagUser, title, message) + await sendToDiscordChannel(channelName, title, message, tagUser) res.status(200).send("Message sent to Discord") }, From b5c3b6def64c06acc71221eddaf27ee811f39861 Mon Sep 17 00:00:00 2001 From: danibonilha Date: Thu, 28 Dec 2023 14:27:35 -0300 Subject: [PATCH 2/2] [chore]: Update admins --- scripts/admin.ts | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) diff --git a/scripts/admin.ts b/scripts/admin.ts index 6d89d9f0..2c1e3034 100644 --- a/scripts/admin.ts +++ b/scripts/admin.ts @@ -44,11 +44,9 @@ const SUPER_ADMIN_USERS = ["@matt:thesis.co", "@shadowfiend:thesis.co"] const ADMIN_USERS = [ ...SUPER_ADMIN_USERS, - "@puppycodes:thesis.co", "@carolyn:thesis.co", "@gluzman:thesis.co", "@jessiefrance:thesis.co", - "@veronica:thesis.co", ] // Additional per-space admins beyond the core Thesis admins. @@ -60,17 +58,10 @@ const SPACE_ADMINS: { [spaceRoomId: string]: string[] } = { // Keep space. "!YDpOcIsEpQabwiHpdV:thesis.co": ["@piotr.dyraga:thesis.co"], // Tally Ho space. - "!wCfAwzfZOUHTYIDjRn:thesis.co": [ - "@michaelh:thesis.co", - "@puppycodes:thesis.co", - ], + "!wCfAwzfZOUHTYIDjRn:thesis.co": ["@michaelh:thesis.co"], // Fold space. - "!SuBAnawNxcIXoCHfPM:thesis.co": [ - "@tom:thesis.co", - "@willreeves:thesis.co", - "@puppycodes:thesis.co", - ], - // Power Period space. + "!SuBAnawNxcIXoCHfPM:thesis.co": ["@tom:thesis.co", "@willreeves:thesis.co"], + // Embody space. "!XEnwlDoWvSBvrloDVH:thesis.co": ["@anna:thesis.co"], }