summary refs log tree commit diff
path: root/api
diff options
context:
space:
mode:
authorErkin Alp Güney <erkinalp9035@gmail.com>2022-02-02 22:07:27 +0300
committerGitHub <noreply@github.com>2022-02-02 22:07:27 +0300
commitaf677c234228614f480dba09de8b0b4ea93ffca8 (patch)
treeffd72f3dded05eed9edb410fdb00d6789b31edc4 /api
parentMerge pull request #612 from ImAaronFR/patch-3 (diff)
downloadserver-af677c234228614f480dba09de8b0b4ea93ffca8.tar.xz
Allow self-ban of non-owners
Diffstat (limited to 'api')
-rw-r--r--api/src/routes/guilds/#guild_id/bans.ts35
1 files changed, 34 insertions, 1 deletions
diff --git a/api/src/routes/guilds/#guild_id/bans.ts b/api/src/routes/guilds/#guild_id/bans.ts
index 1e09a38d..298acd5c 100644
--- a/api/src/routes/guilds/#guild_id/bans.ts
+++ b/api/src/routes/guilds/#guild_id/bans.ts
@@ -54,7 +54,8 @@ router.put("/:user_id", route({ body: "BanCreateSchema", permission: "BAN_MEMBER
 
 	const banned_user = await User.getPublicUser(banned_user_id);
 
-	if (req.user_id === banned_user_id) throw new HTTPError("You can't ban yourself", 400);
+	if ( (req.user_id === banned_user_id) && (banned_user_id === req.permission!.cache.guild?.owner_id))
+		throw new HTTPError("You are the guild owner, hence can't ban yourself", 403);
 	if (req.permission!.cache.guild?.owner_id === banned_user_id) throw new HTTPError("You can't ban the owner", 400);
 
 	const ban = new Ban({
@@ -81,6 +82,38 @@ router.put("/:user_id", route({ body: "BanCreateSchema", permission: "BAN_MEMBER
 	return res.json(ban);
 });
 
+router.put("/@me", route({ body: "BanCreateSchema"}), async (req: Request, res: Response) => {
+	// TODO: make self-bans irreversible
+	const { guild_id } = req.params;
+
+	const banned_user = await User.getPublicUser(req.params.user_id);
+
+	if (req.permission!.cache.guild?.owner_id === req.params.user_id) 
+		throw new HTTPError("You are the guild owner, hence can't ban yourself", 403);
+	const ban = new Ban({
+		user_id: req.params.user_id,
+		guild_id: guild_id,
+		ip: getIpAdress(req),
+		executor_id: req.params.user_id,
+		reason: req.body.reason // || otherwise empty
+	});
+
+	await Promise.all([
+		Member.removeFromGuild(req.user_id, guild_id),
+		ban.save(),
+		emitEvent({
+			event: "GUILD_BAN_ADD",
+			data: {
+				guild_id: guild_id,
+				user: banned_user
+			},
+			guild_id: guild_id
+		} as GuildBanAddEvent)
+	]);
+
+	return res.json(ban);
+});
+
 router.delete("/:user_id", route({ permission: "BAN_MEMBERS" }), async (req: Request, res: Response) => {
 	const { guild_id, user_id } = req.params;