summary refs log tree commit diff
path: root/api
diff options
context:
space:
mode:
authorFlam3rboy <34555296+Flam3rboy@users.noreply.github.com>2021-09-02 19:50:05 +0200
committerFlam3rboy <34555296+Flam3rboy@users.noreply.github.com>2021-09-02 19:50:05 +0200
commitd29ccaf623910eea90852fa28cd8ec191bd7afff (patch)
tree040af2cced2548560403efb72be4d026f41908f9 /api
parent:art: update openapi title (diff)
downloadserver-d29ccaf623910eea90852fa28cd8ec191bd7afff.tar.xz
:sparkles: add user_id field to Member
Diffstat (limited to 'api')
-rw-r--r--api/src/routes/channels/#channel_id/messages/#message_id/reactions.ts2
-rw-r--r--api/src/routes/channels/#channel_id/permissions.ts2
-rw-r--r--api/src/routes/channels/#channel_id/typing.ts2
-rw-r--r--api/src/routes/guilds/#guild_id/index.ts4
-rw-r--r--api/src/routes/guilds/#guild_id/members/#member_id/index.ts10
-rw-r--r--api/src/routes/guilds/#guild_id/widget.json.ts2
-rw-r--r--api/src/routes/guilds/index.ts2
-rw-r--r--api/src/routes/guilds/templates/index.ts2
-rw-r--r--api/src/routes/users/#id/profile.ts10
-rw-r--r--api/src/routes/users/@me/delete.ts11
-rw-r--r--api/src/routes/users/@me/guilds.ts4
-rw-r--r--api/src/routes/users/@me/profile.ts27
12 files changed, 32 insertions, 46 deletions
diff --git a/api/src/routes/channels/#channel_id/messages/#message_id/reactions.ts b/api/src/routes/channels/#channel_id/messages/#message_id/reactions.ts
index f60484b5..37168940 100644
--- a/api/src/routes/channels/#channel_id/messages/#message_id/reactions.ts
+++ b/api/src/routes/channels/#channel_id/messages/#message_id/reactions.ts
@@ -136,7 +136,7 @@ router.put("/:emoji/:user_id", async (req: Request, res: Response) => {
 
 	await Message.update({ id: message_id, channel_id }, message);
 
-	const member = channel.guild_id && (await Member.findOneOrFail({ id: req.user_id }));
+	const member = channel.guild_id && (await Member.findOneOrFail({ user_id: req.user_id }));
 
 	await emitEvent({
 		event: "MESSAGE_REACTION_ADD",
diff --git a/api/src/routes/channels/#channel_id/permissions.ts b/api/src/routes/channels/#channel_id/permissions.ts
index 9c49542b..97f21659 100644
--- a/api/src/routes/channels/#channel_id/permissions.ts
+++ b/api/src/routes/channels/#channel_id/permissions.ts
@@ -20,7 +20,7 @@ router.put("/:overwrite_id", check({ allow: String, deny: String, type: Number,
 	if (body.type === 0) {
 		if (!(await Role.count({ id: overwrite_id }))) throw new HTTPError("role not found", 404);
 	} else if (body.type === 1) {
-		if (!(await Member.count({ id: overwrite_id }))) throw new HTTPError("user not found", 404);
+		if (!(await Member.count({ user_id: overwrite_id }))) throw new HTTPError("user not found", 404);
 	} else throw new HTTPError("type not supported", 501);
 
 	// @ts-ignore
diff --git a/api/src/routes/channels/#channel_id/typing.ts b/api/src/routes/channels/#channel_id/typing.ts
index f1fb3c86..aef99103 100644
--- a/api/src/routes/channels/#channel_id/typing.ts
+++ b/api/src/routes/channels/#channel_id/typing.ts
@@ -10,7 +10,7 @@ router.post("/", async (req: Request, res: Response) => {
 	const user_id = req.user_id;
 	const timestamp = Date.now();
 	const channel = await Channel.findOneOrFail({ id: channel_id });
-	const member = await Member.findOneOrFail({ id: user_id });
+	const member = await Member.findOneOrFail({ user_id: user_id });
 
 	await emitEvent({
 		event: "TYPING_START",
diff --git a/api/src/routes/guilds/#guild_id/index.ts b/api/src/routes/guilds/#guild_id/index.ts
index 6f55be3b..80b5c609 100644
--- a/api/src/routes/guilds/#guild_id/index.ts
+++ b/api/src/routes/guilds/#guild_id/index.ts
@@ -14,8 +14,8 @@ router.get("/", async (req: Request, res: Response) => {
 
 	const [guild, member_count, member] = await Promise.all([
 		Guild.findOneOrFail({ id: guild_id }),
-		Member.count({ guild: { id: guild_id }, id: req.user_id }),
-		Member.findOneOrFail({ id: req.user_id })
+		Member.count({ guild_id: guild_id, user_id: req.user_id }),
+		Member.findOneOrFail({ user_id: req.user_id })
 	]);
 	if (!member_count) throw new HTTPError("You are not a member of the guild you are trying to access", 401);
 
diff --git a/api/src/routes/guilds/#guild_id/members/#member_id/index.ts b/api/src/routes/guilds/#guild_id/members/#member_id/index.ts
index d9ce91c0..733a64c4 100644
--- a/api/src/routes/guilds/#guild_id/members/#member_id/index.ts
+++ b/api/src/routes/guilds/#guild_id/members/#member_id/index.ts
@@ -21,7 +21,7 @@ router.get("/", async (req: Request, res: Response) => {
 	const { guild_id, member_id } = req.params;
 	await Member.IsInGuildOrFail(req.user_id, guild_id);
 
-	const member = await Member.findOneOrFail({ id: member_id, guild_id });
+	const member = await Member.findOneOrFail({ user_id: member_id, guild_id });
 
 	return res.json(member);
 });
@@ -29,13 +29,17 @@ router.get("/", async (req: Request, res: Response) => {
 router.patch("/", check(MemberChangeSchema), async (req: Request, res: Response) => {
 	const { guild_id, member_id } = req.params;
 	const body = req.body as MemberChangeSchema;
+
+	const permission = await getPermission(req.user_id, guild_id);
+
 	if (body.roles) {
 		const roles = await Role.find({ id: In(body.roles) });
 		if (body.roles.length !== roles.length) throw new HTTPError("Roles not found", 404);
-		// TODO: check if user has permission to add role
+
+		permission.hasThrow("MANAGE_ROLES");
 	}
 
-	const member = await Member.findOneOrFail({ id: member_id, guild_id });
+	const member = await Member.findOneOrFail({ user_id: member_id, guild_id });
 	member.assign(req.body);
 
 	Promise.all([
diff --git a/api/src/routes/guilds/#guild_id/widget.json.ts b/api/src/routes/guilds/#guild_id/widget.json.ts
index ae1f0599..193ed095 100644
--- a/api/src/routes/guilds/#guild_id/widget.json.ts
+++ b/api/src/routes/guilds/#guild_id/widget.json.ts
@@ -63,7 +63,7 @@ router.get("/", async (req: Request, res: Response) => {
 
 	// Fetch members
 	// TODO: Understand how Discord's max 100 random member sample works, and apply to here (see top of this file)
-	let members = await Member.find({ where: { guild_id: guild_id } });
+	let members = await Member.find({ guild_id: guild_id });
 
 	// Construct object to respond with
 	const data = {
diff --git a/api/src/routes/guilds/index.ts b/api/src/routes/guilds/index.ts
index a54b83ba..92525317 100644
--- a/api/src/routes/guilds/index.ts
+++ b/api/src/routes/guilds/index.ts
@@ -13,7 +13,7 @@ router.post("/", check(GuildCreateSchema), async (req: Request, res: Response) =
 	const body = req.body as GuildCreateSchema;
 
 	const { maxGuilds } = Config.get().limits.user;
-	const guild_count = await Member.count({ id: req.user_id });
+	const guild_count = await Member.count({ user_id: req.user_id });
 	if (guild_count >= maxGuilds) {
 		throw DiscordApiErrors.MAXIMUM_GUILDS.withParams(maxGuilds);
 	}
diff --git a/api/src/routes/guilds/templates/index.ts b/api/src/routes/guilds/templates/index.ts
index 3a619278..16b65c65 100644
--- a/api/src/routes/guilds/templates/index.ts
+++ b/api/src/routes/guilds/templates/index.ts
@@ -20,7 +20,7 @@ router.post("/:code", check(GuildTemplateCreateSchema), async (req: Request, res
 
 	const { maxGuilds } = Config.get().limits.user;
 
-	const guild_count = await Member.count({ id: req.user_id });
+	const guild_count = await Member.count({ user_id: req.user_id });
 	if (guild_count >= maxGuilds) {
 		throw DiscordApiErrors.MAXIMUM_GUILDS.withParams(maxGuilds);
 	}
diff --git a/api/src/routes/users/#id/profile.ts b/api/src/routes/users/#id/profile.ts
index afccfed5..8be03b47 100644
--- a/api/src/routes/users/#id/profile.ts
+++ b/api/src/routes/users/#id/profile.ts
@@ -1,9 +1,10 @@
 import { Router, Request, Response } from "express";
-import { User } from "../../../../../util/dist";
+import { PublicConnectedAccount, PublicUser, User, UserPublic } from "../../../../../util/dist";
 
 const router: Router = Router();
 
 router.get("/", async (req: Request, res: Response) => {
+	if (req.params.id === "@me") req.params.id = req.user_id;
 	const user = await User.getPublicUser(req.params.id, { relations: ["connected_accounts"] });
 
 	res.json({
@@ -24,4 +25,11 @@ router.get("/", async (req: Request, res: Response) => {
 	});
 });
 
+export interface UserProfileResponse {
+	user: UserPublic;
+	connected_accounts: PublicConnectedAccount;
+	premium_guild_since?: Date;
+	premium_since?: Date;
+}
+
 export default router;
diff --git a/api/src/routes/users/@me/delete.ts b/api/src/routes/users/@me/delete.ts
index 6bfe0b93..e3b54607 100644
--- a/api/src/routes/users/@me/delete.ts
+++ b/api/src/routes/users/@me/delete.ts
@@ -1,6 +1,7 @@
 import { Router, Request, Response } from "express";
 import { Guild, Member, User } from "@fosscord/util";
 import bcrypt from "bcrypt";
+import { HTTPError } from "lambert-server";
 const router = Router();
 
 router.post("/", async (req: Request, res: Response) => {
@@ -9,16 +10,16 @@ router.post("/", async (req: Request, res: Response) => {
 
 	if (user.data.hash) {
 		// guest accounts can delete accounts without password
-		correctpass = await bcrypt.compare(req.body.password, user.data.hash); //Not sure if user typed right password :/
+		correctpass = await bcrypt.compare(req.body.password, user.data.hash);
+		if (!correctpass) {
+			throw new HTTPError(req.t("auth:login.INVALID_PASSWORD"));
+		}
 	}
 
 	// TODO: decrement guild member count
 
 	if (correctpass) {
-		await Promise.all([
-			User.delete({ id: req.user_id }), //Yeetus user deletus
-			Member.delete({ id: req.user_id })
-		]);
+		await Promise.all([User.delete({ id: req.user_id }), Member.delete({ user_id: req.user_id })]);
 
 		res.sendStatus(204);
 	} else {
diff --git a/api/src/routes/users/@me/guilds.ts b/api/src/routes/users/@me/guilds.ts
index fb88281b..1edb0eb1 100644
--- a/api/src/routes/users/@me/guilds.ts
+++ b/api/src/routes/users/@me/guilds.ts
@@ -6,7 +6,7 @@ import { In } from "typeorm";
 const router: Router = Router();
 
 router.get("/", async (req: Request, res: Response) => {
-	const members = await Member.find({ relations: ["guild"], where: { id: req.user_id } });
+	const members = await Member.find({ relations: ["guild"], where: { user_id: req.user_id } });
 
 	res.json(members.map((x) => x.guild));
 });
@@ -20,7 +20,7 @@ router.delete("/:id", async (req: Request, res: Response) => {
 	if (guild.owner_id === req.user_id) throw new HTTPError("You can't leave your own guild", 400);
 
 	await Promise.all([
-		Member.delete({ id: req.user_id, guild_id: guild_id }),
+		Member.delete({ user_id: req.user_id, guild_id: guild_id }),
 		emitEvent({
 			event: "GUILD_DELETE",
 			data: {
diff --git a/api/src/routes/users/@me/profile.ts b/api/src/routes/users/@me/profile.ts
deleted file mode 100644
index 5ba03c68..00000000
--- a/api/src/routes/users/@me/profile.ts
+++ /dev/null
@@ -1,27 +0,0 @@
-import { Router, Request, Response } from "express";
-import { User } from "../../../../../util/dist";
-
-const router: Router = Router();
-
-router.get("/", async (req: Request, res: Response) => {
-	const user = await User.getPublicUser(req.user_id, { relations: ["connected_accounts"] });
-
-	res.json({
-		connected_accounts: user.connected_accounts,
-		premium_guild_since: null, // TODO
-		premium_since: null, // TODO
-		user: {
-			username: user.username,
-			discriminator: user.discriminator,
-			id: user.id,
-			public_flags: user.public_flags,
-			avatar: user.avatar,
-			accent_color: user.accent_color,
-			banner: user.banner,
-			bio: user.bio,
-			bot: user.bot
-		}
-	});
-});
-
-export default router;