diff options
author | Erkin Alp Güney <erkinalp9035@gmail.com> | 2022-02-04 23:08:34 +0300 |
---|---|---|
committer | Erkin Alp Güney <erkinalp9035@gmail.com> | 2022-02-04 23:08:34 +0300 |
commit | 2f30f5b100ef82872d1d7c4b59d5fbf8fe202d4a (patch) | |
tree | 49dff13d55704da5e841f088cd5904507b33f6be /api/src/routes/guilds | |
parent | ban moderator schema change (diff) | |
download | server-2f30f5b100ef82872d1d7c4b59d5fbf8fe202d4a.tar.xz |
ban moderator schema actually change
Diffstat (limited to 'api/src/routes/guilds')
-rw-r--r-- | api/src/routes/guilds/#guild_id/bans.ts | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/api/src/routes/guilds/#guild_id/bans.ts b/api/src/routes/guilds/#guild_id/bans.ts index 8c0bdee6..4c5ba48f 100644 --- a/api/src/routes/guilds/#guild_id/bans.ts +++ b/api/src/routes/guilds/#guild_id/bans.ts @@ -17,6 +17,14 @@ export interface BanRegistrySchema { reason?: string | undefined; }; +export interface BanModeratorSchema { + id: string; + user_id: string; + guild_id: string; + executor_id: string; + reason?: string | undefined; +}; + const router: Router = Router(); /* TODO: Deleting the secrets is just a temporary go-around. Views should be implemented for both safety and better handling. */ @@ -39,12 +47,14 @@ router.get("/:user", route({ permission: "BAN_MEMBERS" }), async (req: Request, const { guild_id } = req.params; const user_id = req.params.ban; - let ban = await Ban.findOneOrFail({ guild_id: guild_id, user_id: user_id }); + let ban = await Ban.findOneOrFail({ guild_id: guild_id, user_id: user_id }) as BanRegistrySchema; if (ban.user_id === ban.executor_id) throw DiscordApiErrors.UNKNOWN_BAN; // pretend self-bans don't exist to prevent victim chasing /* Filter secret from registry. */ + + ban = ban as BanModeratorSchema; delete ban.ip @@ -126,7 +136,7 @@ router.delete("/:user_id", route({ permission: "BAN_MEMBERS" }), async (req: Req if (ban.user_id === ban.executor_id) throw DiscordApiErrors.UNKNOWN_BAN; // make self-bans irreversible and hide them from view to avoid victim chasing - const banned_user = await User.getPublicUser(banned_user_id); + const banned_user = await User.getPublicUser(user_id); await Promise.all([ Ban.delete({ |