fix: exports route

csuvajit · csuvajit · commit 0a36e7bff74a · 2026-01-29T22:28:36.000+05:30
diff --git a/libs/decorators/crontab.decorators.ts b/libs/decorators/crontab.decorators.ts
@@ -7,7 +7,7 @@ export function CronTab(cronTime: string, options: { monitor: string }): MethodD
   return applyDecorators(
     Cron(cronTime, {
       timeZone: 'Etc/UTC',
-      disabled: !Config.CRON_ENABLED,
+      disabled: !Config.CRON_ENABLED && Config.IS_PROD,
     }),
     SentryCron(options.monitor, {
       schedule: {
diff --git a/libs/discord-oauth/src/discord-oauth.service.ts b/libs/discord-oauth/src/discord-oauth.service.ts
@@ -41,7 +41,7 @@ export class DiscordOauthService {
     return payload as APIGuildMember[];
   }
 
-  public buildAvatarUrl(userId: string, avatar: string | null) {
+  public toAvatarUrl(userId: string, avatar: string | null) {
     if (!avatar) {
       return `https://cdn.discordapp.com/embed/avatars/${BigInt(userId) % BigInt(5)}.png`;
     }
diff --git a/libs/interceptors/http-cache.interceptor.ts b/libs/interceptors/http-cache.interceptor.ts
@@ -27,16 +27,6 @@ export class HttpCacheInterceptor extends CacheInterceptor {
       res.setHeader('x-cache-key', cacheKey);
     }
 
-    if (cacheKey && !Config.IS_PROD) {
-      const timestamp = await this.cacheManager.ttl(cacheKey);
-      if (typeof timestamp === 'number' && timestamp > Date.now()) {
-        res.setHeader(
-          'Cache-Control',
-          `public, max-age=${Math.floor((timestamp - Date.now()) / 1000)}`,
-        );
-      }
-    }
-
     return super.intercept(context, next);
   }
 
diff --git a/src/auth/auth.controller.ts b/src/auth/auth.controller.ts
@@ -1,7 +1,7 @@
 import { ApiExcludeRoute, ApiKeyAuth } from '@app/decorators';
 import { paragraph } from '@app/helpers';
 import { Body, Controller, Get, Param, Post, Req, Res, UseGuards } from '@nestjs/common';
-import { ApiExcludeEndpoint, ApiOperation } from '@nestjs/swagger';
+import { ApiExcludeEndpoint, ApiExtraModels, ApiOperation } from '@nestjs/swagger';
 import { Request, Response } from 'express';
 import { AuthService } from './auth.service';
 import {
@@ -11,12 +11,14 @@ import {
   HandoffTokenDto,
   HandoffTokenInputDto,
   HandoffUserDto,
+  JwtUserInput,
   LoginInputDto,
   LoginOkDto,
   TurnstileLoginDto,
 } from './dto';
 import { ApiKeyGuard } from './guards';
 
+@ApiExtraModels(JwtUserInput)
 @Controller('/auth')
 export class AuthController {
   constructor(private authService: AuthService) {}
diff --git a/src/auth/auth.service.ts b/src/auth/auth.service.ts
@@ -170,6 +170,7 @@ export class AuthService {
       avatar: string | null;
       username: string;
       displayName: string;
+      applicationId: string | null;
     };
 
     return {
@@ -179,7 +180,8 @@ export class AuthService {
       roles: [UserRoles.USER],
       username: user.username,
       displayName: user.displayName,
-      avatarUrl: this.discordOauthService.buildAvatarUrl(user.userId, user.avatar),
+      applicationId: user.applicationId,
+      avatarUrl: this.discordOauthService.toAvatarUrl(user.userId, user.avatar),
     };
   }
 
@@ -195,6 +197,7 @@ export class AuthService {
         guildId: payload.guildId,
         username: user.username,
         avatar: user.avatar || null,
+        applicationId: payload.applicationId || null,
         displayName: user.global_name || user.username,
       }),
       'EX',
diff --git a/src/auth/dto/jwt-user.dto.ts b/src/auth/dto/jwt-user.dto.ts
@@ -1,3 +1,4 @@
+import { ApiProperty } from '@nestjs/swagger';
 import { randomUUID } from 'node:crypto';
 import { UserRoles } from './user-roles.dto';
 
@@ -6,6 +7,7 @@ export class JwtUserInput {
   userId: string;
   username: string;
   version: string;
+  @ApiProperty({ type: 'array', items: { type: 'string' } })
   roles: UserRoles[];
   guildIds: string[];
   applicationId?: string;
diff --git a/src/auth/dto/login.dto.ts b/src/auth/dto/login.dto.ts
@@ -1,5 +1,5 @@
 import { EnumArray } from '@app/decorators';
-import { IsNotEmpty, IsString } from 'class-validator';
+import { IsNotEmpty, IsOptional, IsString } from 'class-validator';
 import { UserRoles } from './user-roles.dto';
 
 export class LoginInputDto {
@@ -68,6 +68,10 @@ export class HandoffTokenInputDto {
   @IsString()
   @IsNotEmpty()
   guildId: string;
+
+  @IsString()
+  @IsOptional()
+  applicationId: string | null;
 }
 
 export class HandoffTokenDto {
@@ -89,5 +93,7 @@ export class HandoffUserDto {
 
   guildId: string;
 
+  applicationId: string | null;
+
   avatarUrl: string | null;
 }
diff --git a/src/db/mongodb.module.ts b/src/db/mongodb.module.ts
@@ -27,6 +27,7 @@ export enum Collections {
 
   PORTAL_USERS = 'PortalUsers',
   PLAYER_LINKS = 'PlayerLinks',
+  PLAYER_LINK_AUDIT_LOGS = 'PlayerLinkAuditLogs',
   CLAN_WARS = 'ClanWars',
   CWL_GROUPS = 'CWLGroups',
   LEGEND_ATTACKS = 'LegendAttacks',
diff --git a/src/exports/exports.service.ts b/src/exports/exports.service.ts
@@ -37,7 +37,7 @@ export class ExportsService {
 
   async exportClanMembers(input: ExportMembersInput) {
     const scheduled = await this.reusableSheetService.getSheet({
-      scheduled: true,
+      scheduled: input.scheduled,
       clanTags: input.clanTags,
       guildId: input.guildId,
       sheetType: SheetType.CLAN_MEMBERS,
diff --git a/src/links/links.controller.ts b/src/links/links.controller.ts
@@ -24,7 +24,11 @@ export class LinksController {
     @CurrentUser() user: JwtUser,
     @Param('playerTag') playerTag: string,
   ): Promise<ResultOkDto> {
-    return this.linksService.deleteLink(user.userId, playerTag);
+    return this.linksService.deleteLink({
+      playerTag,
+      userId: user.userId,
+      isAdmin: JwtUser.isAdmin(user),
+    });
   }
 
   @Post('/query')
diff --git a/src/links/links.service.ts b/src/links/links.service.ts
@@ -62,17 +62,29 @@ export class LinksService {
     return { message: 'Ok' };
   }
 
-  public async deleteLink(userId: string, playerTag: string) {
-    const { deletedCount } = await this.links.deleteOne({
+  public async deleteLink(input: { userId: string; playerTag: string; isAdmin: boolean }) {
+    const { userId, playerTag, isAdmin } = input;
+
+    const link = await this.links.findOne({
       tag: playerTag,
-      $or: [{ userId }, { linkedBy: userId }],
+      userId,
     });
-    if (!deletedCount) {
+
+    if (link && link.linkedBy !== userId && !isAdmin) {
       throw new ForbiddenException('You do not have permission to unlink this playerTag.');
     }
 
+    await this.links.deleteOne({ tag: playerTag, userId });
     await this.discordLinkService.unlinkPlayerTag(playerTag);
 
+    await this.auditLogs.insertOne({
+      tag: playerTag,
+      userId,
+      link,
+      action: 'unlink',
+      createdAt: new Date(),
+    });
+
     return { message: 'Ok' };
   }
 
@@ -83,4 +95,8 @@ export class LinksService {
   private get links() {
     return this.db.collection(Collections.PLAYER_LINKS);
   }
+
+  private get auditLogs() {
+    return this.db.collection(Collections.PLAYER_LINK_AUDIT_LOGS);
+  }
 }
diff --git a/src/rosters/rosters.controller.ts b/src/rosters/rosters.controller.ts
@@ -35,8 +35,8 @@ export class RostersController {
   }
 
   @Post('/:guildId/create')
-  createRoster(@Param('rosterId') rosterId: string): unknown {
-    return Promise.resolve({ rosterId });
+  createRoster(@Param('guildId') guildId: string): unknown {
+    return Promise.resolve({ guildId });
   }
 
   @Get('/:guildId/:rosterId')
diff --git a/src/swagger.ts b/src/swagger.ts
@@ -1,6 +1,5 @@
 import { Config } from '@app/constants';
 import { ErrorResponseDto } from '@app/dto';
-import { paragraph } from '@app/helpers';
 import { getTurnstileScript } from '@app/helpers/turnstile-script';
 import { ConfigService } from '@nestjs/config';
 import { NestExpressApplication } from '@nestjs/platform-express';
@@ -43,15 +42,14 @@ export function build(app: NestExpressApplication) {
       [
         `### API Routes for ClashPerk Discord Bot and Services`,
 
-        paragraph(
-          `API endpoints are protected by **Cloudflare** with a global rate limit of **300 requests per 10 seconds**.`,
-          `Response **caching is enabled**, with duration varying across different endpoints for optimal performance.`,
-          `API **access is limited** and reviewed individually. If you'd like to request access, reach out to us on Discord.`,
-        ),
+        // paragraph(
+        //   `API endpoints are protected by **Cloudflare** with a global rate limit of **300 requests per 10 seconds**.`,
+        //   `Response **caching is enabled**, with duration varying across different endpoints for optimal performance.`,
+        //   `API **access is limited** and reviewed individually. If you'd like to request access, reach out to us on Discord.`,
+        // ),
+        // 'By using this API, you agree to fair usage. Access may be revoked for abuse, misuse, or security violations.',
 
-        'By using this API, you agree to fair usage. Access may be revoked for abuse, misuse, or security violations.',
-
-        '[Join our Discord](https://discord.gg/ppuppun) | [Terms of Service](https://clashperk.com/terms) | [Privacy Policy](https://clashperk.com/privacy)',
+        '[Terms of Service](https://clashperk.com/terms) | [Privacy Policy](https://clashperk.com/privacy)',
       ].join('\n\n'),
     )
     .setVersion(`v${version}`)

Original file line number	Diff line number	Diff line change
`@@ -41,7 +41,7 @@ export class DiscordOauthService {`
`41`	`41`	`return payload as APIGuildMember[];`
`42`	`42`	`}`
`43`	`43`
`44`		`- public buildAvatarUrl(userId: string, avatar: string \| null) {`
	`44`	`+ public toAvatarUrl(userId: string, avatar: string \| null) {`
`45`	`45`	`if (!avatar) {`
`46`	`46`	return `https://cdn.discordapp.com/embed/avatars/${BigInt(userId) % BigInt(5)}.png`;
`47`	`47`	`}`