summary refs log tree commit diff
diff options
context:
space:
mode:
authorErkin Alp Güney <erkinalp9035@gmail.com>2022-04-08 11:29:04 +0300
committerGitHub <noreply@github.com>2022-04-08 11:29:04 +0300
commita4e4d40bb967a73130363b134cf9072e08ea4d3f (patch)
treee32c59e7c715268ec9817f5e55b6aecbed38cb9c
parentMANAGE_GUILDS (diff)
downloadserver-a4e4d40bb967a73130363b134cf9072e08ea4d3f.tar.xz
rights enforcement in guild create
Diffstat
-rw-r--r--api/src/routes/guilds/index.ts7


1 files changed, 4 insertions, 3 deletions
diff --git a/api/src/routes/guilds/index.ts b/api/src/routes/guilds/index.ts
index 7b676211..10721413 100644
--- a/api/src/routes/guilds/index.ts
+++ b/api/src/routes/guilds/index.ts
@@ -1,5 +1,5 @@
 import { Router, Request, Response } from "express";
-import { Role, Guild, Snowflake, Config, Member, Channel, DiscordApiErrors, handleFile } from "@fosscord/util";
+import { Role, Guild, Snowflake, Config, getRights, Member, Channel, DiscordApiErrors, handleFile } from "@fosscord/util";
 import { route } from "@fosscord/api";
 import { ChannelModifySchema } from "../channels/#channel_id";
 
@@ -20,12 +20,13 @@ export interface GuildCreateSchema {
 
 //TODO: create default channel
 
-router.post("/", route({ body: "GuildCreateSchema" }), async (req: Request, res: Response) => {
+router.post("/", route({ body: "GuildCreateSchema", right: "CREATE_GUILDS" }), async (req: Request, res: Response) => {
 	const body = req.body as GuildCreateSchema;
 
 	const { maxGuilds } = Config.get().limits.user;
 	const guild_count = await Member.count({ id: req.user_id });
-	if (guild_count >= maxGuilds) {
+	const rights = await getRights(req.user_id);
+	if ((guild_count >= maxGuilds)&&!rights.has("MANAGE_GUILDS")) {
 		throw DiscordApiErrors.MAXIMUM_GUILDS.withParams(maxGuilds);
 	}
 

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-09 16:25:21 +0000