summary refs log tree commit diff
path: root/api
diff options
context:
space:
mode:
authoruurgothat <cckhmck@gmail.com>2021-10-24 19:49:32 +0300
committeruurgothat <cckhmck@gmail.com>2021-10-24 19:49:32 +0300
commitf45d1d579d7c6e845f296f7db1df983fb3170c8b (patch)
tree424d04cbf22afcac5e2be15cf8ce46165c20004b /api
parentMerge branch 'master' of https://github.com/fosscord/fosscord-server (diff)
downloadserver-f45d1d579d7c6e845f296f7db1df983fb3170c8b.tar.xz
make templates configurable + authorization
Diffstat (limited to 'api')
-rw-r--r--api/src/middlewares/Authentication.ts1
-rw-r--r--api/src/routes/guilds/templates/index.ts48
2 files changed, 14 insertions, 35 deletions
diff --git a/api/src/middlewares/Authentication.ts b/api/src/middlewares/Authentication.ts
index 59a181e6..a69b29a6 100644
--- a/api/src/middlewares/Authentication.ts
+++ b/api/src/middlewares/Authentication.ts
@@ -11,6 +11,7 @@ export const NO_AUTHORIZATION_ROUTES = [
 	"/experiments",
 	"/-/readyz",
 	"/-/healthz",
+	"/guilds/templates",
 	/\/guilds\/\d+\/widget\.(json|png)/
 ];
 
diff --git a/api/src/routes/guilds/templates/index.ts b/api/src/routes/guilds/templates/index.ts
index b82fb102..dd906198 100644
--- a/api/src/routes/guilds/templates/index.ts
+++ b/api/src/routes/guilds/templates/index.ts
@@ -1,68 +1,46 @@
 import { Request, Response, Router } from "express";
 const router: Router = Router();
 import { Template, Guild, Role, Snowflake, Config, User, Member } from "@fosscord/util";
+const { enabled, allowTemplateCreation, allowDiscordTemplates, allowRaws } = Config.get().templates;
 import { route } from "@fosscord/api";
 import { DiscordApiErrors } from "@fosscord/util";
 import fetch from "node-fetch";
 
-const { enabled, allowTemplateCreation, allowDiscordTemplates, allowOtherInstancesTemplates, allowExternalRaws } = Config.get().templates;
+
 export interface GuildTemplateCreateSchema {
 	name: string;
 	avatar?: string | null;
 }
 
 router.get("/:code", route({}), async (req: Request, res: Response) => {
-	if (enabled == false) return res.json({ code: 403, message: "Templates are disabled on this instance." }).sendStatus(403);
+	if (!enabled) res.json({ code: 403, message: "Template creation & usage is disabled on this instance." }).sendStatus(403);
+
 	const { code } = req.params;
 
 	if (code.startsWith("discord:")) {
-		if (allowDiscordTemplates == false)
-			return res.json({ code: 403, message: "Discord templates are disabled on this instance." }).sendStatus(403);
+		if (!allowDiscordTemplates)	return res.json({ code: 403, message: "Discord templates cannot be used on this instance." }).sendStatus(403);
 		const discordTemplateID = code.split("discord:", 2)[1];
 
 		const discordTemplateData = await fetch(`https://discord.com/api/v9/guilds/templates/${discordTemplateID}`, {
 			method: "get",
 			headers: { "Content-Type": "application/json" }
 		});
+		return res.json(await discordTemplateData.json());
+	}
 
-		res.json(await discordTemplateData.json());
-	};
-
-	if (code.startsWith("fosscord:")) {
-		if (allowOtherInstancesTemplates == false)
-			return res.json({ code: 403, message: "Other instance templates are disabled on this instance." }).sendStatus(403);
-		//TODO: TBD when federation came out
-		res.json({}).sendStatus(200);
-	};
-
-	//TODO: Validation
 	if (code.startsWith("external:")) {
-		if (allowExternalRaws == false)
-			return res.json({ code: 403, message: "Importing templates from raws is disabled on this instance." }).sendStatus(403);
-		const url = code.split("external:", 2)[1];
-
-		const rawTemplateData =
-			(await fetch(`${url}`, {
-				method: "get",
-				headers: { "Content-Type": "application/json" }
-			})) || null;
-
-		res.json(
-			rawTemplateData !== null
-				? await rawTemplateData.json()
-				: { code: 500, message: "An error occurred while trying to fetch the raw." }
-		);
-	};
+		if (!allowRaws)	return res.json({ code: 403, message: "Importing raws is disabled on this instance." }).sendStatus(403);
 
-	const template = await Template.findOneOrFail({ code: code });
+		return res.json(code.split("external:", 2)[1]);
+	}
 
+	const template = await Template.findOneOrFail({ code: code });
 	res.json(template);
 });
 
 router.post("/:code", route({ body: "GuildTemplateCreateSchema" }), async (req: Request, res: Response) => {
-	if (enabled == false) return res.json({ code: 403, message: "Templates are disabled on this instance." }).sendStatus(403);
-	if (allowTemplateCreation == false)
-		return res.json({ code: 403, message: "Template creation is disabled on this instance." }).sendStatus(403);
+	if (!enabled) return res.json({ code: 403, message: "Template creation & usage is disabled on this instance." }).sendStatus(403);
+	if (!allowTemplateCreation) return res.json({ code: 403, message: "Template creation is disabled on this instance." }).sendStatus(403);
 
 	const { code } = req.params;
 	const body = req.body as GuildTemplateCreateSchema;