misc improvements

2022-11-24 00:06:53 +02:00 · 2022-11-24 00:06:53 +02:00 · f4a04bc67b
commit f4a04bc67b
parent a7dac9f5f7
1 changed files with 12 additions and 7 deletions
--- a/src/server/structures/User.js
+++ b/src/server/structures/User.js
@ -3,6 +3,9 @@ const { ObjectId } = require('mongodb');
 const { Util } = require('../../util');
 const UserApplicataion = require('./UserApplication');

+// Fields omitted in safeJson
+const ProtectedFields = [ '_id', '_otpSecret', '_passwordHash' ];
+
 class User {

    static defaultPermissions = {
@ -29,6 +32,7 @@ class User {
        this._db = db;

        this.temporary = data.temporary || false;
+        this.disabled = data.disabled || false;

        this._id = data._id || null;
        if (this.temporary) this._tempId = `temp-${Date.now()}`;
@ -69,6 +73,7 @@ class User {
        this._2fa = data.twoFactor || false;

        this.cachedTimestamp = Date.now();
+        this.createdTimestamp = data.createdTimestamp || Date.now();

    }

@ -171,21 +176,21 @@ class User {
            otpSecret: this._otpSecret,
            twoFactor: this._2fa,
            applications: this._applications,
+            createdTimestamp: this.createdTimestamp,
+            disabled: this.disabled,
        };
    }

    get safeJson () {
+        const { json } = this;
+        for (const key of ProtectedFields) delete json[key];
+        
        return {
+            ...json,
            id: this.id,
-            username: this.username,
-            displayName: this.displayName,
-            type: this.type,
-            permissions: this.permissions,
            externalProfiles: Object.values(this.externalProfiles).map(prof => {
-                return { id: prof.id, provider: prof.provider, username: prof.username }; 
+                return { id: prof.id, provider: prof.provider, username: prof.username };
            }),
-            twoFactor: this._2fa,
-            applications: this._applications,
        };
    }