specter/CyTube
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Revisit some banning issues

Browse source
This commit is contained in:
calzoneman 2013-08-18 17:58:16 -05:00
parent 08a46f5e00
commit b3526b5ee2
3 changed files with 115 additions and 46 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

62
channel.js
View file

@ -20,6 +20,7 @@ var ChatCommand = require("./chatcommand.js");
var Filter = require("./filter.js").Filter; var Filter = require("./filter.js").Filter;
var Playlist = require("./playlist"); var Playlist = require("./playlist");
var sanitize = require("validator").sanitize; var sanitize = require("validator").sanitize;
var $util = require("./utilities");
var Channel = function(name, Server) { var Channel = function(name, Server) {
var self = this; var self = this;
@ -307,8 +308,11 @@ Channel.prototype.readLog = function (filterIp, callback) {
rs.on("end", function () { rs.on("end", function () {
if(filterIp) { if(filterIp) {
buffer = buffer.replace( buffer = buffer.replace(
/(\d{1,3}\.){2}(\d{1,3})\.(\d{1,3})/g, /\d+\.\d+\.(\d+\.\d+)/,
"x.x.$2.$3" "x.x.$1"
).replace(
/\d+\.\d+\.(\d+)/,
"x.x.$1.*"
); );
} }
@ -456,10 +460,9 @@ Channel.prototype.saveRank = function (user, callback) {
Channel.prototype.getIPRank = function (ip, callback) { Channel.prototype.getIPRank = function (ip, callback) {
var self = this; var self = this;
var names = []; self.server.db.listAliases(ip, function (err, names) {
var next = function (names) { self.server.db.listChannelUserRanks(self.name, names,
self.server.db.getChannelRank(self.name, names, function (err, res) {
function (err, res) {
if(err) { if(err) {
callback(err, null); callback(err, null);
return; return;
@ -467,30 +470,23 @@ Channel.prototype.getIPRank = function (ip, callback) {
var rank = 0; var rank = 0;
for(var i in res) { for(var i in res) {
rank = (res[i].rank > rank) ? res[i].rank : rank; rank = (res[i] > rank) ? res[i] : rank;
} }
callback(null, rank);
});
};
if(ip in self.ip_alias) { self.server.db.listGlobalRanks(names, function (err, res) {
names = self.ip_alias[ip]; if(err) {
next(names); callback(err, null);
} else if(ip.match(/^(\d+)\.(\d+)\.(\d+)$/)) { return;
// Range }
for(var ip2 in self.ip_alias) {
if(ip2.indexOf(ip) == 0) { for(var i in res) {
for(var i in self.ip_aliases[ip2]) rank = (res[i] > rank) ? res[i] : rank;
names.push(self.ip_aliases[ip2][i]); }
}
} callback(null, rank);
next(names); });
} else {
self.server.db.listAliases(ip, function (err, names) {
self.ip_alias[ip] = names;
next(names);
}); });
} });
} }
Channel.prototype.cacheMedia = function(media) { Channel.prototype.cacheMedia = function(media) {
@ -516,7 +512,7 @@ Channel.prototype.tryNameBan = function(actor, name) {
self.getRank(name, function (err, rank) { self.getRank(name, function (err, rank) {
if(err) { if(err) {
actor.socket.emit("errorMsg", { actor.socket.emit("errorMsg", {
msg: "Internal error" msg: "Internal error " + err
}); });
return; return;
} }
@ -577,7 +573,7 @@ Channel.prototype.tryIPBan = function(actor, name, range) {
self.server.db.listIPsForName(name, function (err, ips) { self.server.db.listIPsForName(name, function (err, ips) {
if(err) { if(err) {
actor.socket.emit("errorMsg", { actor.socket.emit("errorMsg", {
msg: "Internal error" msg: "Internal error: " + err
}); });
return; return;
} }
@ -594,8 +590,8 @@ Channel.prototype.tryIPBan = function(actor, name, range) {
if(rank >= actor.rank) { if(rank >= actor.rank) {
actor.socket.emit("errorMsg", { actor.socket.emit("errorMsg", {
msg: "You don't have permission to ban IP: x.x." + msg: "You don't have permission to ban IP: " +
ip.replace(/\d+\.\d+\.(\d+\.\d+)/, "$1") $util.maskIP(ip)
}); });
return; return;
} }
@ -807,7 +803,7 @@ Channel.prototype.sendBanlist = function(user) {
var ip_hidden = this.hideIP(ip); var ip_hidden = this.hideIP(ip);
var disp = ip; var disp = ip;
if(user.rank < Rank.Siteadmin) { if(user.rank < Rank.Siteadmin) {
disp = "x.x." + ip.replace(/\d+\.\d+\.(\d+\.\d+)/, "$1"); disp = $util.maskIP(ip);
} }
ents.push({ ents.push({
ip_displayed: disp, ip_displayed: disp,
@ -1032,7 +1028,7 @@ Channel.prototype.broadcastBanlist = function() {
var name = this.ipbans[ip][0]; var name = this.ipbans[ip][0];
var ip_hidden = this.hideIP(ip); var ip_hidden = this.hideIP(ip);
ents.push({ ents.push({
ip_displayed: "x.x." + ip.replace(/\d+\.\d+\.(\d+\.\d+)/, "$1"), ip_displayed: $util.maskIP(ip),
ip_hidden: ip_hidden, ip_hidden: ip_hidden,
name: name, name: name,
aliases: this.ip_alias[ip] || [], aliases: this.ip_alias[ip] || [],

89
database.js
View file

@ -468,7 +468,35 @@ Database.prototype.dropChannel = function (name, callback) {
}); });
}; };
Database.prototype.getChannelRank = function (channame, names, callback) { Database.prototype.getChannelRank = function (channame, name, callback) {
var self = this;
if(typeof callback !== "function")
return;
if(!$util.isValidChannelName(channame)) {
callback("Invalid channel name", null);
return;
}
var query = "SELECT name, rank FROM `chan_" + channame + "_ranks`" +
"WHERE name=?";
self.query(query, [name], function (err, res) {
if(err) {
Logger.errlog.log("! Failed to lookup " + channame + " ranks");
callback(err, null);
return;
}
if(res.length == 0)
callback(null, 0);
else
callback(null, res[0].rank);
});
};
Database.prototype.listChannelUserRanks = function (channame, names,
callback) {
var self = this; var self = this;
if(typeof callback !== "function") if(typeof callback !== "function")
return; return;
@ -493,20 +521,12 @@ Database.prototype.getChannelRank = function (channame, names, callback) {
self.query(query, names, function (err, res) { self.query(query, names, function (err, res) {
if(err) { if(err) {
Logger.errlog.log("! Failed to lookup " + channame + " ranks"); Logger.errlog.log("! Failed to lookup " + channame + " ranks");
if(names.length == 1) callback(err, null);
callback(err, 0);
else
callback(err, []);
return; return;
} }
if(names.length == 1) { for(var i in res)
if(res.length == 0) res[i] = res[i].rank;
callback(null, 0);
else
callback(null, res[0].rank);
return;
}
callback(null, res); callback(null, res);
}); });
@ -898,6 +918,7 @@ Database.prototype.getGlobalRank = function (name, callback) {
return; return;
var query = "SELECT global_rank FROM registrations WHERE uname=?"; var query = "SELECT global_rank FROM registrations WHERE uname=?";
self.query(query, [name], function (err, res) { self.query(query, [name], function (err, res) {
if(err) { if(err) {
callback(err, null); callback(err, null);
@ -913,6 +934,40 @@ Database.prototype.getGlobalRank = function (name, callback) {
}); });
}; };
Database.prototype.listGlobalRanks = function (names, callback) {
var self = this;
if(typeof callback !== "function")
return;
if(typeof names === "string")
names = [names];
// Build the query template (?, ?, ?, ?, ...)
var nlist = [];
for(var i in names)
nlist.push("?");
nlist = "(" + nlist.join(",") + ")";
var query = "SELECT global_rank FROM registrations WHERE uname IN " +
nlist;
self.query(query, names, function (err, res) {
if(err) {
callback(err, null);
return;
}
if(res.length == 0) {
callback("User does not exist", null);
return;
}
for(var i in res)
res[i] = res[i].global_rank;
callback(null, res);
});
};
/* END REGION */ /* END REGION */
/* REGION users */ /* REGION users */
@ -1224,7 +1279,15 @@ Database.prototype.listAliases = function (ip, callback) {
if(typeof callback !== "function") if(typeof callback !== "function")
return; return;
var query = "SELECT name FROM aliases WHERE ip=?"; var query = "SELECT name FROM aliases WHERE ip";
// Range
if(ip.match(/^\d+\.\d+\.\d+$/)) {
query += " LIKE ?";
ip += ".%";
} else {
query += "=?";
}
self.query(query, [ip], function (err, res) { self.query(query, [ip], function (err, res) {
var names = null; var names = null;
if(!err) { if(!err) {

10
utilities.js
View file

@ -15,5 +15,15 @@ module.exports = {
salt.push(chars[parseInt(Math.random()*chars.length)]); salt.push(chars[parseInt(Math.random()*chars.length)]);
} }
return salt.join(''); return salt.join('');
},
maskIP: function (ip) {
if(ip.match(/^\d+\.\d+\.\d+\.\d+$/)) {
// standard 32 bit IP
return ip.replace(/\d+\.\d+\.(\d+\.\d+)/, "x.x.$1");
} else if(ip.match(/^\d+\.\d+\.\d+/)) {
// /24 range
return ip.replace(/\d+\.\d+\.(\d+)/, "x.x.$1.*");
}
} }
}; };