diff --git a/index.ts b/index.ts index f7e8ee2..d8196d3 100644 --- a/index.ts +++ b/index.ts @@ -8,6 +8,20 @@ const app = new App({ signingSecret: process.env.SLACK_SIGNING_SECRET, }); +const whitelist: string[] = (() => { + try { + return require('./whitelist.json') + } catch (e) { + return [] + } +})(); + +function checkUserOk(user: UsersInfoResponse['user']) { + if (whitelist.includes(user!.id!)) return true + + return user!.is_admin || user!.is_owner || user!.is_primary_owner +} + const eligibilityCmd = async (ctx: any) => { await ctx.ack(); @@ -16,43 +30,52 @@ const eligibilityCmd = async (ctx: any) => { let userId = ctx.context.userId; let matchedBy = "no input" + const iUser = await ctx.client.users.info({ user: ctx.context.userId! }); + if ((match = text.match(/\<\@(.+)\|(.+)>/))) { - userId = match[1]; - matchedBy = "user mention" + if (!checkUserOk(iUser.user!)) { + matchedBy = "not allowed" + } else { + userId = match[1]; + matchedBy = "user mention" + } } else if (text) matchedBy = "invalid input" - const res = await fetch("https://identity.hackclub.com/api/external/check?slack_id=" + userId, { - headers: { - 'User-Agent': 'HackClubEligibilityBot/1.0 (ran by Loop / dainfloop)' - }, + const res = await fetch("https://verify.hackclub.dev/api/status", { + method: "POST", + headers: { 'content-type': 'application/json' }, + body: JSON.stringify({ + "slack_id": userId + }), redirect: "follow" }).then(res => res.json()) - if (res.result === "not_found") + if (res === `User ${userId} not found!`) return await ctx.respond({ response_type: 'ephemeral', - text: `${matchedBy !== "user mention" ? "You aren't" : `<@${userId}> isn't`} verified. ${matchedBy !== "user mention" ? `\nCheck out the to verify.` : ""}`, + text: `${matchedBy !== "user mention" ? "You aren't" : `<@${userId}> isn't`} verified and therefore aren't eligible for rewards from your program.${matchedBy !== "user mention" ? `\nCheck out the to verify.` : ""}${matchedBy == "not allowed" ? " (Only whitelisted users can check other people's verification statuses.)" : ""}`, unfurl_links: true }) - else if (res.result === "needs_submission") { + else if (res.status === "Insufficient") { return await ctx.respond({ response_type: 'ephemeral', - text: `${matchedBy !== "user mention" ? "You" : `<@${userId}>`} provided insufficient evidence of who ${matchedBy !== "user mention" ? "you" : "they"} are.${matchedBy !== "user mention" ? `\nCheck out the to re-verify.` : ""}`, + text: `${matchedBy !== "user mention" ? "You" : `<@${userId}>`} provided insufficient evidence that ${matchedBy !== "user mention" ? "you" : "they"} are a student.${matchedBy !== "user mention" ? `\nCheck out the to re-verify.` : ""}${matchedBy == "not allowed" ? " (Only whitelisted users can check other people's verification statuses.)" : ""}`, unfurl_links: true - }) + }) } - else if (res.result === "pending") { + else if (res.status === "Unknown") { return await ctx.respond({ response_type: 'ephemeral', - text: `${matchedBy !== "user mention" ? "Your verification" : `<@${userId}>'s verification`} has not been accepted yet.`, - }) + text: `${matchedBy !== "user mention" ? "Your verification" : `<@${userId}>'s verification`} has not been accepted yet.${matchedBy == "not allowed" ? " (Only whitelisted users can check other people's verification statuses.)" : ""}`, + unfurl_links: true + }) } - else if (res.result === "rejected") { + else if (res.status === "Ineligible") { if (matchedBy === "user mention") { return await ctx.respond({ response_type: 'ephemeral', @@ -61,15 +84,11 @@ const eligibilityCmd = async (ctx: any) => { } else { return await ctx.respond({ response_type: 'ephemeral', - text: `Your verification has been denied. If you believe this to be a mistake, please send a message in <#C092833JXKK>.` + text: `Your verification has been denied. If you believe this to be a mistake, please contact an admin of the program you are applying for.${matchedBy == "not allowed" ? " (Only whitelisted users can check other people's verification statuses.)" : ""},` }) } } - /** - * The sanctioned country status seems to have been deprecated in the Identity Vault. - * However, this piece of code is being kept for documentation purposes. - else if (res.status === "Sanctioned country") { if (matchedBy === "user mention") { return await ctx.respond({ @@ -81,21 +100,22 @@ const eligibilityCmd = async (ctx: any) => { response_type: 'ephemeral', text: `You live in a country that cannot have packages delivered to due to sanctions.${matchedBy == "not allowed" ? " (Only whitelisted users can check other people's verification statuses.)" : ""},` }) - } - } - */ - - else if (res.result === "verified_eligible") { - return await ctx.respond({ - response_type: 'ephemeral', - text: `${matchedBy !== "user mention" ? "You have verified your" : `<@${userId}> has verified their`} identity, and ${matchedBy !== "user mention" ? "are" : "is"} eligible for YSWS prizes.`, - }) + } } - else if (res.result === "verified_but_over_18") { + else { return await ctx.respond({ response_type: 'ephemeral', - text: `${matchedBy !== "user mention" ? "You have verified your" : `<@${userId}> has verified their`} identity, but since ${matchedBy !== "user mention" ? "you're" : "they're"} over 18, ${matchedBy !== "user mention" ? "you're" : "they're"} ineligible for YSWS prizes.`, + text: `${matchedBy !== "user mention" ? "You have verified your" : `<@${userId}> has verified their`} student status, and ${matchedBy !== "user mention" ? "are" : "is"} ${res.status}.${matchedBy == "not allowed" ? " (Only whitelisted users can check other people's verification statuses.)" : ""}`, + blocks: [ + { + type: 'section', + text: { + type: 'mrkdwn', + text: `${matchedBy !== "user mention" ? "You have verified your" : `<@${userId}> has verified their`} student status, and ${matchedBy !== "user mention" ? "are" : "is"} *${res.status}*.${matchedBy == "not allowed" ? " (Only whitelisted users can check other people's verification statuses.)" : ""}` + } + } + ] }) } } diff --git a/package-lock.json b/package-lock.json index 49f8e14..69eca6a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16,21 +16,21 @@ } }, "node_modules/@slack/bolt": { - "version": "3.21.4", - "resolved": "https://registry.npmjs.org/@slack/bolt/-/bolt-3.21.4.tgz", - "integrity": "sha512-4PqOuHXcVt8KxjKiLdLIqZp8285zdiYLj7HrrKvVHnUNbkD0l16HZxtMfIEe07REQ+vmM1mrqCiZqe9dPAMucA==", + "version": "3.22.0", + "resolved": "https://registry.npmjs.org/@slack/bolt/-/bolt-3.22.0.tgz", + "integrity": "sha512-iKDqGPEJDnrVwxSVlFW6OKTkijd7s4qLBeSufoBsTM0reTyfdp/5izIQVkxNfzjHi3o6qjdYbRXkYad5HBsBog==", "license": "MIT", "dependencies": { "@slack/logger": "^4.0.0", "@slack/oauth": "^2.6.3", "@slack/socket-mode": "^1.3.6", "@slack/types": "^2.13.0", - "@slack/web-api": "^6.12.1", + "@slack/web-api": "^6.13.0", "@types/express": "^4.16.1", "@types/promise.allsettled": "^1.0.3", "@types/tsscmp": "^1.0.0", "axios": "^1.7.4", - "express": "^4.16.4", + "express": "^4.21.0", "path-to-regexp": "^8.1.0", "promise.allsettled": "^1.0.2", "raw-body": "^2.3.3", @@ -42,9 +42,9 @@ } }, "node_modules/@slack/bolt/node_modules/@slack/web-api": { - "version": "6.12.1", - "resolved": "https://registry.npmjs.org/@slack/web-api/-/web-api-6.12.1.tgz", - "integrity": "sha512-dXHyHkvvziqkDdZlPRnUl/H2uvnUmdJ5B7kxiH1HIgHe18vcbUk1zjU/XCZgJFhxGeq5Zwa95Z+SbNW9mbRhtw==", + "version": "6.13.0", + "resolved": "https://registry.npmjs.org/@slack/web-api/-/web-api-6.13.0.tgz", + "integrity": "sha512-dv65crIgdh9ZYHrevLU6XFHTQwTyDmNqEqzuIrV+Vqe/vgiG6w37oex5ePDU1RGm2IJ90H8iOvHFvzdEO/vB+g==", "license": "MIT", "dependencies": { "@slack/logger": "^3.0.0", @@ -84,14 +84,15 @@ "license": "MIT" }, "node_modules/@slack/bolt/node_modules/form-data": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", - "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", + "version": "2.5.2", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.2.tgz", + "integrity": "sha512-GgwY0PS7DbXqajuGf4OYlsrIu3zgxD6Vvql43IBhm6MahqA5SK/7mwhtNj2AdH2z35YR34ujJ7BN+3fFC3jP5Q==", "license": "MIT", "dependencies": { "asynckit": "^0.4.0", "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" + "mime-types": "^2.1.12", + "safe-buffer": "^5.2.1" }, "engines": { "node": ">= 0.12" @@ -572,9 +573,9 @@ } }, "node_modules/body-parser": { - "version": "1.20.2", - "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.2.tgz", - "integrity": "sha512-ml9pReCu3M61kGlqoTm2umSXTlRTuGTx0bfYj+uIUKKYycG5NtSbeetV3faSU6R7ajOPw0g/J1PvK4qNy7s5bA==", + "version": "1.20.3", + "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.3.tgz", + "integrity": "sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g==", "license": "MIT", "dependencies": { "bytes": "3.1.2", @@ -585,7 +586,7 @@ "http-errors": "2.0.0", "iconv-lite": "0.4.24", "on-finished": "2.4.1", - "qs": "6.11.0", + "qs": "6.13.0", "raw-body": "2.5.2", "type-is": "~1.6.18", "unpipe": "1.0.0" @@ -663,9 +664,9 @@ } }, "node_modules/cookie": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz", - "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==", + "version": "0.7.1", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.1.tgz", + "integrity": "sha512-6DnInpx7SJ2AK3+CTUE/ZM0vWTUboZCegxhC2xiIydHR9jNuTAASBrfEpHhiGOZw/nX51bHt6YQl8jsGo4y/0w==", "license": "MIT", "engines": { "node": ">= 0.6" @@ -827,9 +828,9 @@ "license": "MIT" }, "node_modules/encodeurl": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz", - "integrity": "sha512-TPJXq8JqFaVYm2CWmPvnP2Iyo4ZSM7/QKcSmuMLDObfpH5fi7RUGmd/rTDf+rut/saiDiQEeVTNgAmJEdAOx0w==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-2.0.0.tgz", + "integrity": "sha512-Q0n9HRi4m6JuGIV1eFlmvJB7ZEVxu93IrMyiMsGC0lrMJMWzRgx6WGquyfQgZVb31vhGgXnfmPNNXmxnOkRBrg==", "license": "MIT", "engines": { "node": ">= 0.8" @@ -1007,37 +1008,37 @@ "license": "MIT" }, "node_modules/express": { - "version": "4.19.2", - "resolved": "https://registry.npmjs.org/express/-/express-4.19.2.tgz", - "integrity": "sha512-5T6nhjsT+EOMzuck8JjBHARTHfMht0POzlA60WV2pMD3gyXw2LZnZ+ueGdNxG+0calOJcWKbpFcuzLZ91YWq9Q==", + "version": "4.21.2", + "resolved": "https://registry.npmjs.org/express/-/express-4.21.2.tgz", + "integrity": "sha512-28HqgMZAmih1Czt9ny7qr6ek2qddF4FclbMzwhCREB6OFfH+rXAnuNCwo1/wFvrtbgsQDb4kSbX9de9lFbrXnA==", "license": "MIT", "dependencies": { "accepts": "~1.3.8", "array-flatten": "1.1.1", - "body-parser": "1.20.2", + "body-parser": "1.20.3", "content-disposition": "0.5.4", "content-type": "~1.0.4", - "cookie": "0.6.0", + "cookie": "0.7.1", "cookie-signature": "1.0.6", "debug": "2.6.9", "depd": "2.0.0", - "encodeurl": "~1.0.2", + "encodeurl": "~2.0.0", "escape-html": "~1.0.3", "etag": "~1.8.1", - "finalhandler": "1.2.0", + "finalhandler": "1.3.1", "fresh": "0.5.2", "http-errors": "2.0.0", - "merge-descriptors": "1.0.1", + "merge-descriptors": "1.0.3", "methods": "~1.1.2", "on-finished": "2.4.1", "parseurl": "~1.3.3", - "path-to-regexp": "0.1.7", + "path-to-regexp": "0.1.12", "proxy-addr": "~2.0.7", - "qs": "6.11.0", + "qs": "6.13.0", "range-parser": "~1.2.1", "safe-buffer": "5.2.1", - "send": "0.18.0", - "serve-static": "1.15.0", + "send": "0.19.0", + "serve-static": "1.16.2", "setprototypeof": "1.2.0", "statuses": "2.0.1", "type-is": "~1.6.18", @@ -1046,22 +1047,26 @@ }, "engines": { "node": ">= 0.10.0" + }, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/express" } }, "node_modules/express/node_modules/path-to-regexp": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz", - "integrity": "sha512-5DFkuoqlv1uYQKxy8omFBeJPQcdoE07Kv2sferDCrAq1ohOU+MSDswDIbnx3YAM60qIOnYa53wBhXW0EbMonrQ==", + "version": "0.1.12", + "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.12.tgz", + "integrity": "sha512-RA1GjUVMnvYFxuqovrEqZoxxW5NUZqbwKtYz/Tt7nXerk0LbLblQmrsgdeOxV5SFHf0UDggjS/bSeOZwt1pmEQ==", "license": "MIT" }, "node_modules/finalhandler": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.2.0.tgz", - "integrity": "sha512-5uXcUVftlQMFnWC9qu/svkWv3GTd2PfUhK/3PLkYNAe7FbqJMt3515HaxE6eRL74GdsriiwujiawdaB1BpEISg==", + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.3.1.tgz", + "integrity": "sha512-6BN9trH7bp3qvnrRyzsBz+g3lZxTNZTbVO2EV1CS0WIcDbawYVdYvGflME/9QP0h0pYlCDBCTjYa9nZzMDpyxQ==", "license": "MIT", "dependencies": { "debug": "2.6.9", - "encodeurl": "~1.0.2", + "encodeurl": "~2.0.0", "escape-html": "~1.0.3", "on-finished": "2.4.1", "parseurl": "~1.3.3", @@ -1756,10 +1761,13 @@ } }, "node_modules/merge-descriptors": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-1.0.1.tgz", - "integrity": "sha512-cCi6g3/Zr1iqQi6ySbseM1Xvooa98N0w31jzUYrXPX2xqObmFGHJ0tQ5u74H3mVh7wLouTseZyYIq39g8cNp1w==", - "license": "MIT" + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-1.0.3.tgz", + "integrity": "sha512-gaNvAS7TZ897/rVaZ0nMtAyxNyi/pdbjbAwUpFQpN70GqnVfOiXpeUUMKRBmzXaSQ8DdTX4/0ms62r2K+hE6mQ==", + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } }, "node_modules/methods": { "version": "1.1.2", @@ -1992,12 +2000,12 @@ "license": "MIT" }, "node_modules/qs": { - "version": "6.11.0", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.11.0.tgz", - "integrity": "sha512-MvjoMCJwEarSbUYk5O+nmoSzSutSsTwF85zcHPQ9OrlFoZOYIjaqBAJIqIXjptyD5vThxGq52Xu/MaJzRkIk4Q==", + "version": "6.13.0", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.13.0.tgz", + "integrity": "sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==", "license": "BSD-3-Clause", "dependencies": { - "side-channel": "^1.0.4" + "side-channel": "^1.0.6" }, "engines": { "node": ">=0.6" @@ -2131,9 +2139,9 @@ } }, "node_modules/send": { - "version": "0.18.0", - "resolved": "https://registry.npmjs.org/send/-/send-0.18.0.tgz", - "integrity": "sha512-qqWzuOjSFOuqPjFe4NOsMLafToQQwBSOEpS+FwEt3A2V3vKubTquT3vmLTQpFgMXp8AlFWFuP1qKaJZOtPpVXg==", + "version": "0.19.0", + "resolved": "https://registry.npmjs.org/send/-/send-0.19.0.tgz", + "integrity": "sha512-dW41u5VfLXu8SJh5bwRmyYUbAoSB3c9uQh6L8h/KtsFREPWpbX1lrljJo186Jc4nmci/sGUZ9a0a0J2zgfq2hw==", "license": "MIT", "dependencies": { "debug": "2.6.9", @@ -2154,6 +2162,15 @@ "node": ">= 0.8.0" } }, + "node_modules/send/node_modules/encodeurl": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz", + "integrity": "sha512-TPJXq8JqFaVYm2CWmPvnP2Iyo4ZSM7/QKcSmuMLDObfpH5fi7RUGmd/rTDf+rut/saiDiQEeVTNgAmJEdAOx0w==", + "license": "MIT", + "engines": { + "node": ">= 0.8" + } + }, "node_modules/send/node_modules/ms": { "version": "2.1.3", "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", @@ -2161,15 +2178,15 @@ "license": "MIT" }, "node_modules/serve-static": { - "version": "1.15.0", - "resolved": "https://registry.npmjs.org/serve-static/-/serve-static-1.15.0.tgz", - "integrity": "sha512-XGuRDNjXUijsUL0vl6nSD7cwURuzEgglbOaFuZM9g3kwDXOWVTck0jLzjPzGD+TazWbboZYu52/9/XPdUgne9g==", + "version": "1.16.2", + "resolved": "https://registry.npmjs.org/serve-static/-/serve-static-1.16.2.tgz", + "integrity": "sha512-VqpjJZKadQB/PEbEwvFdO43Ax5dFBZ2UECszz8bQ7pi7wt//PWe1P6MN7eCnjsatYtBT6EuiClbjSWP2WrIoTw==", "license": "MIT", "dependencies": { - "encodeurl": "~1.0.2", + "encodeurl": "~2.0.0", "escape-html": "~1.0.3", "parseurl": "~1.3.3", - "send": "0.18.0" + "send": "0.19.0" }, "engines": { "node": ">= 0.8.0"