FuelRats · UncleClapton · Nov 5, 2024 · Dec 29, 2023 · Dec 29, 2023 · Dec 29, 2023
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -11,10 +11,10 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Setup Node
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version-file: '.nvmrc'
           cache: 'yarn'
@@ -47,7 +47,7 @@ jobs:
             yarn.lock
 
       - name: Publish artifact
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: fr-api
           path: fr-api.tar.gz
@@ -62,7 +62,7 @@ jobs:
 
     steps:
       - name: Download artifact
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
           name: fr-api
 
@@ -72,7 +72,7 @@ jobs:
           rm fr-api.tar.gz
 
       - name: Setup Node
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version-file: '.nvmrc'
           cache: 'yarn'

diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml
@@ -11,10 +11,10 @@ jobs:
     name: Lint
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Setup Node
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version-file: '.nvmrc'
           cache: 'yarn'
@@ -23,7 +23,7 @@ jobs:
         run: yarn install --immutable
 
       - name: Lint
-        uses: wearerequired/lint-action@v1.9.0
+        uses: wearerequired/lint-action@v2.3.0
         with:
           github_token: ${{ secrets.github_token }}
           eslint: true
@@ -36,10 +36,10 @@ jobs:
     name: Build Test
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Setup Node
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version-file: '.nvmrc'
           cache: 'yarn'

diff --git a/package.json b/package.json
@@ -30,7 +30,6 @@
     "git-rev-promises": "^1.1.0",
     "gulp-cli": "^2.2.0",
     "i18next": "^19.0.1",
-    "join-js": "xlexi/joinjs",
     "knex": "~2.4.2",
     "koa": "^2.11.0",
     "koa-body": "^4.1.1",
@@ -62,24 +61,24 @@
     "node": "16.4.0"
   },
   "devDependencies": {
-    "@babel/cli": "7.14.8",
-    "@babel/core": "^7.14.8",
-    "@babel/eslint-parser": "^7.14.7",
-    "@babel/eslint-plugin": "^7.14.5",
-    "@babel/plugin-external-helpers": "^7.14.5",
-    "@babel/plugin-proposal-class-properties": "^7.14.5",
-    "@babel/plugin-proposal-decorators": "^7.14.5",
-    "@babel/plugin-proposal-export-default-from": "^7.14.5",
-    "@babel/plugin-proposal-export-namespace-from": "^7.14.5",
-    "@babel/plugin-proposal-function-bind": "^7.14.5",
-    "@babel/plugin-proposal-function-sent": "^7.14.5",
-    "@babel/plugin-proposal-logical-assignment-operators": "^7.14.5",
-    "@babel/plugin-proposal-numeric-separator": "^7.14.5",
-    "@babel/plugin-proposal-optional-catch-binding": "^7.14.5",
-    "@babel/plugin-proposal-throw-expressions": "^7.14.5",
-    "@babel/plugin-transform-modules-commonjs": "^7.14.5",
-    "@babel/plugin-transform-strict-mode": "^7.14.5",
-    "@babel/preset-env": "^7.14.9",
+    "@babel/cli": "7.25.9",
+    "@babel/core": "^7.26.0",
+    "@babel/eslint-parser": "^7.25.9",
+    "@babel/eslint-plugin": "^7.25.9",
+    "@babel/plugin-external-helpers": "^7.25.9",
+    "@babel/plugin-proposal-class-properties": "^7.18.6",
+    "@babel/plugin-proposal-decorators": "^7.25.9",
+    "@babel/plugin-proposal-export-default-from": "^7.25.9",
+    "@babel/plugin-proposal-export-namespace-from": "^7.18.9",
+    "@babel/plugin-proposal-function-bind": "^7.25.9",
+    "@babel/plugin-proposal-function-sent": "^7.25.9",
+    "@babel/plugin-proposal-logical-assignment-operators": "^7.20.7",
+    "@babel/plugin-proposal-numeric-separator": "^7.18.6",
+    "@babel/plugin-proposal-optional-catch-binding": "^7.18.6",
+    "@babel/plugin-proposal-throw-expressions": "^7.25.9",
+    "@babel/plugin-transform-modules-commonjs": "^7.25.9",
+    "@babel/plugin-transform-strict-mode": "^7.25.9",
+    "@babel/preset-env": "^7.26.0",
     "@fuelrats/eslint-config": "^2.3.0",
     "@fuelrats/eslint-plugin": "^2.3.0",
     "@rollup/plugin-babel": "^5.3.0",

diff --git a/src/classes/Anope.mjs b/src/classes/Anope.mjs
@@ -453,7 +453,6 @@ class Anope {
           KILLPROTECT: 1,
           MEMO_RECEIVE: 1,
           MEMO_SIGNON: 1,
-          NS_NO_EXPIRE: 1,
           NS_PRIVATE: 1,
           NS_SECURE: 1,
           display: nick,
@@ -472,6 +471,7 @@ class Anope {
         vhost_creator: 'API',
         vhost_time: createdUnixTime,
         vhost_host: vhost,
+        NS_NO_EXPIRE: 1,
       }).into('anope_db_NickAlias')
 
       await transaction.commit()

diff --git a/src/db/Rat.mjs b/src/db/Rat.mjs
@@ -66,7 +66,7 @@ export default class Rat extends Model {
           model: models.Ship.scope(undefined),
           as: 'ships',
           required: false,
-        }
+        },
         ],
       }],
     }

diff --git a/src/helpers/Validators.mjs b/src/helpers/Validators.mjs
@@ -4,7 +4,7 @@ import { UnprocessableEntityAPIError } from '../classes/APIError'
 import RegexLiteral from './RegexLiteral'
 
 
-const forbiddenCMDRNameComponents = ['[pc]', '[xb]', '[ps]', 'CMDR']
+const forbiddenCMDRNameComponents = ['[pc]', '[xb]', '[ps]', 'cmdr']
 const requiredQuoteFields = [
   'message',
   'author',

diff --git a/src/routes/APIResource.mjs b/src/routes/APIResource.mjs
@@ -360,7 +360,7 @@ export default class APIResource extends API {
         return undefined
       }
 
-      if (!Reflect.apply(changeRelationship.hasPermission, this, [ctx, entity, relationship.id])) {
+      if (!Reflect.apply(changeRelationship.hasPermission, this, [ctx, entity, data.id])) {
         throw new ForbiddenAPIError({ pointer: '/data' })
       }
       return changeRelationship.patch({ entity, id: data.id, ctx, transaction })

diff --git a/src/routes/Clients.mjs b/src/routes/Clients.mjs
@@ -201,8 +201,8 @@ export default class Clients extends APIResource {
     if (relationship === 'user') {
       return {
         many: false,
-        hasPermission (connection, entity, id) {
-          return (!entity.userId && id === connection.state.user.id) || Permission.granted({
+        hasPermission (connection) {
+          return Permission.granted({
             permissions: ['clients.write'],
             connection,
           })

diff --git a/src/routes/Register.mjs b/src/routes/Register.mjs
@@ -64,7 +64,7 @@ export default class Register extends API {
     })
     if (rescue) {
       await Announcer.sendModeratorMessage({
-        message: `[Registration] Rejected signup attempt by CMDR ${name} as they have an active case`
+        message: `[Registration] Rejected signup attempt by CMDR ${name} as they have an active case`,
       })
       throw new ForbiddenAPIError({
         pointer: '/data/attributes/name',
@@ -101,7 +101,7 @@ export default class Register extends API {
       await Verifications.createVerification(user, transaction)
 
       await Announcer.sendModeratorMessage({
-        message: `[Registration] User with email ${email} registered. Nickname: ${nickname}. 
+        message: `[Registration] User with email ${email} registered. Nickname: ${nickname}.
         CMDR name: ${name} (IP: ${ctx.ip})`,
       })
       return Sessions.createVerifiedSession(ctx, user, transaction)

diff --git a/src/routes/Users.mjs b/src/routes/Users.mjs
@@ -196,7 +196,7 @@ export default class Users extends APIResource {
   @authenticated
   @required()
   async setEmail (ctx) {
-    const { email } = getJSONAPIData({ ctx, type: 'email-changes' }).attributes
+    const { email: newEmail } = getJSONAPIData({ ctx, type: 'email-changes' }).attributes
 
     const user = await User.findOne({
       where: {
@@ -208,12 +208,12 @@ export default class Users extends APIResource {
       throw new NotFoundAPIError({ parameter: 'id' })
     }
 
+    const oldEmail = user.email
+
     this.requireWritePermission({ connection: ctx, entity: user })
 
     await db.transaction(async (transaction) => {
-      const oldEmail = user.email
-
-      user.email = email
+      user.email = newEmail
       await user.save({ transaction })
       const verifiedGroup = user.groups.find((group) => {
         return group.name === 'verified'
@@ -223,15 +223,17 @@ export default class Users extends APIResource {
       }
 
       await Verifications.createVerification(user, transaction, true)
-      await mail.send(emailChangeEmail({ email: oldEmail, name: user.preferredRat().name, newEmail: email }))
+      await mail.send(emailChangeEmail({ email: oldEmail, name: user.preferredRat().name, newEmail }))
 
       await Announcer.sendModeratorMessage({
-        message: `[Account Change] User with email ${oldEmail} has changed their email to ${email}`,
+        message: `[Account Change] User with email ${oldEmail} has changed their email to ${newEmail}`,
       })
 
       return user
     })
 
+    await Anope.setEmail(oldEmail, newEmail)
+
     const result = await Anope.mapNickname(user)
 
     Event.broadcast('fuelrats.userupdate', ctx.state.user, user.id, {})
-Original file line number
+Diff line change
@@ Expand Up / @@ -66,7 +66,7 @@ export default class Rat extends Model { @@
               model: models.Ship.scope(undefined),
               as: 'ships',
               required: false,
-            }
+            },
             ],
           }],
         }
@@ Expand Down @@