Add API endpoints for global ban management

api.js

@@ -13,12 +13,15 @@ var Auth = require("./auth.js");
 var Server = require("./server.js");
 var Logger = require("./logger.js");
 var apilog = new Logger.Logger("api.log");
+var Database = require("./database.js");
 
 var jsonHandlers = {
     "channeldata": handleChannelData,
     "listloaded" : handleChannelList,
     "login"      : handleLogin,
-    "register"   : handleRegister
+    "register"   : handleRegister,
+    "globalbans" : handleGlobalBans,
+    "admreports" : handleAdmReports
 };
 
 function handle(path, req, res) {
@@ -212,3 +215,61 @@ function handleRegister(params, req, res) {
         }
     }
 }
+
+function handleGlobalBans(params, req, res) {
+    var name = params.name || "";
+    var pw = params.pw || "";
+    var session = params.session || "";
+    var row = Auth.login(name, pw, session);
+    if(!row || row.global_rank < 255) {
+        res.send(403);
+        return;
+    }
+
+    var action = params.action || "list";
+    if(action == "list") {
+        var gbans = Database.refreshGlobalBans();
+        sendJSON(res, gbans);
+    }
+    else if(action == "add") {
+        var ip = params.ip || "";
+        var reason = params.reason || "";
+        if(!ip.match(/\d+\.\d+\.(\d+\.(\d+)?)?/)) {
+            sendJSON(res, {
+                error: "Invalid IP address"
+            });
+            return;
+        }
+        var result = Database.addGlobalBan(ip, reason);
+        sendJSON(res, {
+            success: result,
+            ip: ip,
+            reason: reason
+        });
+    }
+    else if(action == "remove") {
+        var ip = params.ip || "";
+        if(!ip.match(/\d+\.\d+\.(\d+\.(\d+)?)?/)) {
+            sendJSON(res, {
+                error: "Invalid IP address"
+            });
+            return;
+        }
+        var result = Database.liftGlobalBan(ip);
+        sendJSON(res, {
+            success: result,
+            ip: ip,
+        });
+    }
+    else {
+        sendJSON(res,  {
+            error: "Invalid action: " + action
+        });
+    }
+}
+
+function handleAdmReports(params, req, res) {
+    sendJSON(res, {
+        error: "Not implemented"
+    });
+}

database.js

@@ -95,6 +95,15 @@ var gbans = {};
 exports.checkGlobalBan = function(ip) {
     // Check database at most once per 5 minutes
     if(new Date().getTime() > gbanTime + 300000) {
+        exports.refreshGlobalBans();
+    }
+    var parts = ip.split(".");
+    var slash16 = parts[0] + "." + parts[1];
+    var slash24 = slash16 + "." + parts[2];
+    return (ip in gbans || slash16 in gbans || slash24 in gbans);
+}
+
+exports.refreshGlobalBans = function() {
     var db = exports.getConnection();
     if(!db) {
         return false;
@@ -109,15 +118,36 @@ exports.checkGlobalBan = function(ip) {
     var rows = results.fetchAllSync();
     gbans = {};
     for(var i = 0; i < rows.length; i++) {
-            gbans[rows[i].ip] = true;
+        gbans[rows[i].ip] = rows[i].note;
     }
     db.closeSync();
     gbanTime = new Date().getTime();
+    return gbans;
 }
-    var parts = ip.split(".");
+
-    var slash16 = parts[0] + "." + parts[1];
+exports.addGlobalBan = function(ip, reason) {
-    var slash24 = slash16 + "." + parts[2];
+    var db = exports.getConnection();
-    return (ip in gbans || slash16 in gbans || slash24 in gbans);
+    if(!db) {
+        return false;
+    }
+    var query = "INSERT INTO global_bans VALUES ('{1}', '{2}')"
+        .replace("{1}", sqlEscape(ip))
+        .replace("{2}", sqlEscape(reason));
+    var result = db.querySync(query);
+    db.closeSync();
+    return result;
+}
+
+exports.liftGlobalBan = function(ip) {
+    var db = exports.getConnection();
+    if(!db) {
+        return false;
+    }
+    var query = "DELETE FROM global_bans WHERE ip='{}'"
+        .replace("{}", sqlEscape(ip))
+    var result = db.querySync(query);
+    db.closeSync();
+    return result;
 }
 
 exports.loadChannel = function(chan) {