summary refs log tree commit diff
diff options
context:
space:
mode:
authorThesourtimes <cckhmck@gmail.com>2021-12-05 21:53:23 +0300
committerThesourtimes <cckhmck@gmail.com>2021-12-05 21:53:23 +0300
commit9b9e6cfa9d9911d09cde0026a62087d9976f1a2c (patch)
treebb15841d7621cc0cae9766f7ca872a1e33a1a19b
parentMerge pull request #530 from erkinalp/patch-3 (diff)
downloadserver-9b9e6cfa9d9911d09cde0026a62087d9976f1a2c.tar.xz
Make INTERNAL_EMPLOYEE_ONLY functional
-rw-r--r--api/src/routes/invites/index.ts7
1 files changed, 6 insertions, 1 deletions
diff --git a/api/src/routes/invites/index.ts b/api/src/routes/invites/index.ts
index 185311bc..c327a63e 100644
--- a/api/src/routes/invites/index.ts
+++ b/api/src/routes/invites/index.ts
@@ -1,5 +1,5 @@
 import { Router, Request, Response } from "express";
-import { emitEvent, getPermission, Guild, Invite, InviteDeleteEvent, Member, PublicInviteRelation } from "@fosscord/util";
+import { emitEvent, getPermission, Guild, Invite, InviteDeleteEvent, User, PublicInviteRelation } from "@fosscord/util";
 import { route } from "@fosscord/api";
 import { HTTPError } from "lambert-server";
 
@@ -15,6 +15,11 @@ router.get("/:code", route({}), async (req: Request, res: Response) => {
 
 router.post("/:code", route({}), async (req: Request, res: Response) => {
 	const { code } = req.params;
+	const { features } = await Guild.findOneOrFail({where: { code }});
+	const { public_flags } = await User.findOneOrFail({ id: req.user_id });
+	
+	if(features.includes("INTERNAL_EMPLOYEE_ONLY") && (public_flags & 1) !== 1) throw new HTTPError("You are not allowed to join this guild.", 401)
+	
 	const invite = await Invite.joinGuild(req.user_id, code);
 
 	res.json(invite);