summary refs log tree commit diff
path: root/src/api/routes/guilds/#guild_id
diff options
context:
space:
mode:
authorMadeline <46743919+MaddyUnderStars@users.noreply.github.com>2023-08-27 16:54:54 +1000
committerMadeline <46743919+MaddyUnderStars@users.noreply.github.com>2023-08-27 16:54:54 +1000
commit3498ffdc013e82efec16aa7b985f1e3d08bdfe99 (patch)
tree7ba507e8454cf44fb2c066a85b1f9a86a19db2e7 /src/api/routes/guilds/#guild_id
parentwhat the fuck is session_id: "all"??? (diff)
downloadserver-3498ffdc013e82efec16aa7b985f1e3d08bdfe99.tar.xz
prevent put /guilds/id/members/id for others until we have oauth2 scopes impled
Diffstat (limited to 'src/api/routes/guilds/#guild_id')
-rw-r--r--src/api/routes/guilds/#guild_id/members/#member_id/index.ts5
1 files changed, 4 insertions, 1 deletions
diff --git a/src/api/routes/guilds/#guild_id/members/#member_id/index.ts b/src/api/routes/guilds/#guild_id/members/#member_id/index.ts
index cafb922e..c168f2dc 100644
--- a/src/api/routes/guilds/#guild_id/members/#member_id/index.ts
+++ b/src/api/routes/guilds/#guild_id/members/#member_id/index.ts
@@ -18,6 +18,7 @@
 
 import { route } from "@spacebar/api";
 import {
+	DiscordApiErrors,
 	emitEvent,
 	Emoji,
 	getPermission,
@@ -198,7 +199,9 @@ router.put(
 			member_id = req.user_id;
 			rights.hasThrow("JOIN_GUILDS");
 		} else {
-			// TODO: join others by controller
+			// TODO: check oauth2 scope
+
+			throw DiscordApiErrors.MISSING_REQUIRED_OAUTH2_SCOPE;
 		}
 
 		const guild = await Guild.findOneOrFail({