diff --git a/migrations/028-suspicious.sql b/migrations/028-suspicious.sql new file mode 100644 index 00000000..31bc44c5 --- /dev/null +++ b/migrations/028-suspicious.sql @@ -0,0 +1,5 @@ +-- Up + +ALTER TABLE users ADD COLUMN suspiciousChecked TINYINT NOT NULL DEFAULT 0; + +-- Down diff --git a/routes/admin.vue b/routes/admin.vue index a4700a02..c1b7e00f 100644 --- a/routes/admin.vue +++ b/routes/admin.vue @@ -84,6 +84,36 @@ +
+

+ + Suspicious accounts +

+ + + + +
+
+
@@ -150,13 +180,18 @@ }, async asyncData({ app, store }) { let stats = { users: {}}; - try { stats = await app.$axios.$get(`/admin/stats`); } catch {} + let suspiciousUsers = []; + try { + suspiciousUsers = await app.$axios.$get(`/admin/suspicious`); + } catch {} + return { stats, + suspiciousUsers, }; }, methods: { @@ -165,6 +200,11 @@ this.users = await this.$axios.$get(`/admin/users`); } }, + async checkedSuspicious(id) { + await this.$confirm('Are you sure you want to mark this profile as not suspicious?', 'success'); + await this.$post(`/admin/suspicious/checked/${id}`); + this.suspiciousUsers = this.suspiciousUsers.filter(u => u.id !== id); + }, }, computed: { visibleUsers() { diff --git a/server/routes/admin.js b/server/routes/admin.js index 16206be1..efe9157c 100644 --- a/server/routes/admin.js +++ b/server/routes/admin.js @@ -133,4 +133,38 @@ router.post('/admin/ban/:username', handleErrorAsync(async (req, res) => { return res.json(true); })); +router.get('/admin/suspicious', handleErrorAsync(async (req, res) => { + if (!req.isGranted('users')) { + return res.status(401).json({error: 'Unauthorised'}); + } + + return res.json(await req.db.all(SQL` + SELECT users.id, users.username, profiles.locale FROM profiles + LEFT JOIN users ON profiles.userId = users.id + WHERE users.suspiciousChecked != 1 + AND users.bannedReason IS NULL + AND ( + lower(customFlags) LIKE '%super%' + OR lower(description) LIKE '%super%' + OR lower(customFlags) LIKE '%phobe%' + OR lower(description) LIKE '%phobe%' + ) + ORDER BY users.id DESC + `)); +})); + +router.post('/admin/suspicious/checked/:id', handleErrorAsync(async (req, res) => { + if (!req.isGranted('users')) { + return res.status(401).json({error: 'Unauthorised'}); + } + + await req.db.get(SQL` + UPDATE users + SET suspiciousChecked = 1 + WHERE id=${req.params.id} + `); + + return res.json(true); +})); + export default router;