From 1240bff99c51903080cec3d8a41050648659dd21 Mon Sep 17 00:00:00 2001
From: Ean Milligan <ean.milligan@gmail.com>
Date: Sat, 26 Apr 2025 15:19:16 -0400
Subject: [PATCH] update api to use cleaner method of verifying query params

---
 src/endpoints/deletes/apiKeyDelete.ts        |  5 +++--
 src/endpoints/gets/apiChannel.ts             |  3 ++-
 src/endpoints/gets/apiKey.ts                 |  3 ++-
 src/endpoints/gets/apiKeyAdmin.ts            |  3 ++-
 src/endpoints/gets/apiRoll.ts                | 10 ++--------
 src/endpoints/posts/apiChannelAdd.ts         |  3 ++-
 src/endpoints/puts/apiChannelManageActive.ts |  3 ++-
 src/endpoints/puts/apiChannelManageBan.ts    | 10 ++--------
 src/endpoints/puts/apiKeyManage.ts           |  3 ++-
 src/endpoints/utils.ts                       |  4 ++++
 10 files changed, 23 insertions(+), 24 deletions(-)
 create mode 100644 src/endpoints/utils.ts

diff --git a/src/endpoints/deletes/apiKeyDelete.ts b/src/endpoints/deletes/apiKeyDelete.ts
index a02b717..1ef97bb 100644
--- a/src/endpoints/deletes/apiKeyDelete.ts
+++ b/src/endpoints/deletes/apiKeyDelete.ts
@@ -9,11 +9,12 @@ import {
 import { generateApiDeleteEmail } from '../../commandUtils.ts';
 import utils from '../../utils.ts';
 import stdResp from '../stdResponses.ts';
+import { verifyQueryHasParams } from '../utils.ts';
 
 export const apiKeyDelete = async (query: Map<string, string>, apiUserid: bigint, apiUserEmail: string, apiUserDelCode: string): Promise<Response> => {
-  if (query.has('user') && (query.get('user') || '').length > 0 && query.has('email') && (query.get('email') || '').length > 0) {
+  if (verifyQueryHasParams(query, ['user', 'email'])) {
     if (apiUserid === BigInt(query.get('user') || '0') && apiUserEmail === query.get('email')) {
-      if (query.has('code') && (query.get('code') || '').length > 0) {
+      if (verifyQueryHasParams(query, ['code'])) {
         if ((query.get('code') || '') === apiUserDelCode) {
           // User has recieved their delete code and we need to delete the account now
           let erroredOut = false;
diff --git a/src/endpoints/gets/apiChannel.ts b/src/endpoints/gets/apiChannel.ts
index ff9d362..86fc360 100644
--- a/src/endpoints/gets/apiChannel.ts
+++ b/src/endpoints/gets/apiChannel.ts
@@ -1,9 +1,10 @@
 import dbClient from '../../db/client.ts';
 import stdResp from '../stdResponses.ts';
 import utils from '../../utils.ts';
+import { verifyQueryHasParams } from '../utils.ts';
 
 export const apiChannel = async (query: Map<string, string>, apiUserid: bigint): Promise<Response> => {
-  if (query.has('user') && (query.get('user') || '').length > 0) {
+  if (verifyQueryHasParams(query, ['user'])) {
     if (apiUserid === BigInt(query.get('user') || '0')) {
       // Flag to see if there is an error inside the catch
       let erroredOut = false;
diff --git a/src/endpoints/gets/apiKey.ts b/src/endpoints/gets/apiKey.ts
index ae8159d..540b5e6 100644
--- a/src/endpoints/gets/apiKey.ts
+++ b/src/endpoints/gets/apiKey.ts
@@ -9,9 +9,10 @@ import {
 import { generateApiKeyEmail } from '../../commandUtils.ts';
 import utils from '../../utils.ts';
 import stdResp from '../stdResponses.ts';
+import { verifyQueryHasParams } from '../utils.ts';
 
 export const apiKey = async (query: Map<string, string>): Promise<Response> => {
-  if (query.has('user') && (query.get('user') || '').length > 0 && query.has('email') && (query.get('email') || '').length > 0) {
+  if (verifyQueryHasParams(query, ['user', 'email'])) {
     // Generate new secure key
     const newKey = await nanoid(25);
 
diff --git a/src/endpoints/gets/apiKeyAdmin.ts b/src/endpoints/gets/apiKeyAdmin.ts
index dd6fc1e..b4be949 100644
--- a/src/endpoints/gets/apiKeyAdmin.ts
+++ b/src/endpoints/gets/apiKeyAdmin.ts
@@ -6,9 +6,10 @@ import {
 } from '../../../deps.ts';
 import stdResp from '../stdResponses.ts';
 import utils from '../../utils.ts';
+import { verifyQueryHasParams } from '../utils.ts';
 
 export const apiKeyAdmin = async (query: Map<string, string>, apiUserid: bigint): Promise<Response> => {
-  if (query.has('user') && (query.get('user') || '').length > 0 && query.has('a') && (query.get('a') || '').length > 0) {
+  if (verifyQueryHasParams(query, ['user', 'a'])) {
     if (apiUserid === config.api.admin && apiUserid === BigInt(query.get('a') || '0')) {
       // Generate new secure key
       const newKey = await nanoid(25);
diff --git a/src/endpoints/gets/apiRoll.ts b/src/endpoints/gets/apiRoll.ts
index b72a818..2e791b9 100644
--- a/src/endpoints/gets/apiRoll.ts
+++ b/src/endpoints/gets/apiRoll.ts
@@ -12,19 +12,13 @@ import { RollModifiers } from '../../mod.d.ts';
 import utils from '../../utils.ts';
 import { queueRoll } from '../../solver/rollQueue.ts';
 import stdResp from '../stdResponses.ts';
+import { verifyQueryHasParams } from '../utils.ts';
 
 const apiWarning = `The following roll was conducted using my built in API.  If someone in this channel did not request this roll, please report API abuse here: <${config.api.supportURL}>`;
 
 export const apiRoll = async (query: Map<string, string>, apiUserid: bigint): Promise<Response> => {
   // Make sure query contains all the needed parts
-  if (
-    query.has('rollstr') &&
-    (query.get('rollstr') || '').length > 0 &&
-    query.has('channel') &&
-    (query.get('channel') || '').length > 0 &&
-    query.has('user') &&
-    (query.get('user') || '').length > 0
-  ) {
+  if (verifyQueryHasParams(query, ['user', 'channel', 'rollstr'])) {
     if (query.has('n') && query.has('m')) {
       // Alert API user that they shouldn't be doing this
       return stdResp.BadRequest("Cannot have both 'n' and 'm'.");
diff --git a/src/endpoints/posts/apiChannelAdd.ts b/src/endpoints/posts/apiChannelAdd.ts
index 3a833c7..67aa6af 100644
--- a/src/endpoints/posts/apiChannelAdd.ts
+++ b/src/endpoints/posts/apiChannelAdd.ts
@@ -1,9 +1,10 @@
 import dbClient from '../../db/client.ts';
 import stdResp from '../stdResponses.ts';
 import utils from '../../utils.ts';
+import { verifyQueryHasParams } from '../utils.ts';
 
 export const apiChannelAdd = async (query: Map<string, string>, apiUserid: bigint): Promise<Response> => {
-  if (query.has('user') && (query.get('user') || '').length > 0 && query.has('channel') && (query.get('channel') || '').length > 0) {
+  if (verifyQueryHasParams(query, ['user', 'channel'])) {
     if (apiUserid === BigInt(query.get('user') || '0')) {
       // Flag to see if there is an error inside the catch
       let erroredOut = false;
diff --git a/src/endpoints/puts/apiChannelManageActive.ts b/src/endpoints/puts/apiChannelManageActive.ts
index fe57c20..cd08572 100644
--- a/src/endpoints/puts/apiChannelManageActive.ts
+++ b/src/endpoints/puts/apiChannelManageActive.ts
@@ -1,9 +1,10 @@
 import dbClient from '../../db/client.ts';
 import stdResp from '../stdResponses.ts';
 import utils from '../../utils.ts';
+import { verifyQueryHasParams } from '../utils.ts';
 
 export const apiChannelManageActive = async (query: Map<string, string>, apiUserid: bigint, path: string): Promise<Response> => {
-  if (query.has('channel') && (query.get('channel') || '').length > 0 && query.has('user') && (query.get('user') || '').length > 0) {
+  if (verifyQueryHasParams(query, ['user', 'channel'])) {
     if (apiUserid === BigInt(query.get('user') || '0')) {
       // Flag to see if there is an error inside the catch
       let value,
diff --git a/src/endpoints/puts/apiChannelManageBan.ts b/src/endpoints/puts/apiChannelManageBan.ts
index d66c147..282a052 100644
--- a/src/endpoints/puts/apiChannelManageBan.ts
+++ b/src/endpoints/puts/apiChannelManageBan.ts
@@ -2,16 +2,10 @@ import config from '../../../config.ts';
 import dbClient from '../../db/client.ts';
 import stdResp from '../stdResponses.ts';
 import utils from '../../utils.ts';
+import { verifyQueryHasParams } from '../utils.ts';
 
 export const apiChannelManageBan = async (query: Map<string, string>, apiUserid: bigint, path: string): Promise<Response> => {
-  if (
-    query.has('a') &&
-    (query.get('a') || '').length > 0 &&
-    query.has('channel') &&
-    (query.get('channel') || '').length > 0 &&
-    query.has('user') &&
-    (query.get('user') || '').length > 0
-  ) {
+  if (verifyQueryHasParams(query, ['user', 'channel', 'a'])) {
     if (apiUserid === config.api.admin && apiUserid === BigInt(query.get('a') || '0')) {
       // Flag to see if there is an error inside the catch
       let value,
diff --git a/src/endpoints/puts/apiKeyManage.ts b/src/endpoints/puts/apiKeyManage.ts
index 45bde9d..9e30244 100644
--- a/src/endpoints/puts/apiKeyManage.ts
+++ b/src/endpoints/puts/apiKeyManage.ts
@@ -2,9 +2,10 @@ import config from '../../../config.ts';
 import dbClient from '../../db/client.ts';
 import stdResp from '../stdResponses.ts';
 import utils from '../../utils.ts';
+import { verifyQueryHasParams } from '../utils.ts';
 
 export const apiKeyManage = async (query: Map<string, string>, apiUserid: bigint, path: string): Promise<Response> => {
-  if (query.has('a') && (query.get('a') || '').length > 0 && query.has('user') && (query.get('user') || '').length > 0) {
+  if (verifyQueryHasParams(query, ['user', 'a'])) {
     if (apiUserid === config.api.admin && apiUserid === BigInt(query.get('a') || '0')) {
       // Flag to see if there is an error inside the catch
       let key: string,
diff --git a/src/endpoints/utils.ts b/src/endpoints/utils.ts
new file mode 100644
index 0000000..47b3cf4
--- /dev/null
+++ b/src/endpoints/utils.ts
@@ -0,0 +1,4 @@
+export const verifyQueryHasParams = (query: Map<string, string>, desiredParams: Array<string>): boolean =>
+  desiredParams.every((param) => {
+    return query.has(param) && (query.get(param) || '').length > 0;
+  });