diff options
author | Nobody <git@n0bodysec.com> | 2022-03-08 09:18:19 -0300 |
---|---|---|
committer | Erkin Alp Güney <erkinalp9035@gmail.com> | 2022-03-08 18:07:28 +0300 |
commit | 8b5a9171862e9bc14b9a6cb4a612d87966ea327a (patch) | |
tree | dbdd489a169d6243a017511e1c1f09321b855e26 /api/src/routes/guilds | |
parent | refactor(gateway): delete hardcoded guild boosts (diff) | |
download | server-8b5a9171862e9bc14b9a6cb4a612d87966ea327a.tar.xz |
fix(api): always add @everyone in user's roles
When you add or delete an user's role, you MUST always add "@everyone" role to the roles map
Diffstat (limited to 'api/src/routes/guilds')
-rw-r--r-- | api/src/routes/guilds/#guild_id/members/#member_id/index.ts | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/api/src/routes/guilds/#guild_id/members/#member_id/index.ts b/api/src/routes/guilds/#guild_id/members/#member_id/index.ts index 24c74af7..c33eb2fe 100644 --- a/api/src/routes/guilds/#guild_id/members/#member_id/index.ts +++ b/api/src/routes/guilds/#guild_id/members/#member_id/index.ts @@ -28,6 +28,9 @@ router.patch("/", route({ body: "MemberChangeSchema" }), async (req: Request, re if (body.roles) { permission.hasThrow("MANAGE_ROLES"); + + const everyone = await Role.findOneOrFail({ guild_id: guild_id, name: "@everyone", position: 0 }); + body.roles.push(everyone?.id); member.roles = body.roles.map((x) => new Role({ id: x })); // foreign key constraint will fail if role doesn't exist } |