diff options
| author | Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> | 2022-08-13 02:00:50 +0200 |
|---|---|---|
| committer | TheArcaneBrony <myrainbowdash949@gmail.com> | 2022-08-13 22:00:55 +0200 |
| commit | 5e86d7ab9c5200d794c3adb2b422d20a2aefd2ce (patch) | |
| tree | 0a4b23ee96862077b21dea20cf71205709e15f7c /src/api/routes/invites/index.ts | |
| parent | try to update build script (diff) | |
| download | server-5e86d7ab9c5200d794c3adb2b422d20a2aefd2ce.tar.xz | |
restructure to single project
Diffstat (limited to 'src/api/routes/invites/index.ts')
| -rw-r--r-- | src/api/routes/invites/index.ts | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/src/api/routes/invites/index.ts b/src/api/routes/invites/index.ts new file mode 100644 index 00000000..1b434505 --- /dev/null +++ b/src/api/routes/invites/index.ts @@ -0,0 +1,57 @@ +import { Router, Request, Response } from "express"; +import { emitEvent, getPermission, Guild, Invite, InviteDeleteEvent, User, PublicInviteRelation } from "@fosscord/util"; +import { route } from "@fosscord/api"; +import { HTTPError } from "@fosscord/util"; + +const router: Router = Router(); + +router.get("/:code", route({}), async (req: Request, res: Response) => { + const { code } = req.params; + + const invite = await Invite.findOneOrFail({ where: { code }, relations: PublicInviteRelation }); + + res.status(200).send(invite); +}); + +router.post("/:code", route({right: "USE_MASS_INVITES"}), async (req: Request, res: Response) => { + const { code } = req.params; + const { guild_id } = await Invite.findOneOrFail({ where: { code } }) + const { features } = await Guild.findOneOrFail({ where: { id: guild_id} }); + const { public_flags } = await User.findOneOrFail({ where: { id: req.user_id } }); + + if(features.includes("INTERNAL_EMPLOYEE_ONLY") && (public_flags & 1) !== 1) throw new HTTPError("Only intended for the staff of this server.", 401); + if(features.includes("INVITES_CLOSED")) throw new HTTPError("Sorry, this guild has joins closed.", 403); + + const invite = await Invite.joinGuild(req.user_id, code); + + res.json(invite); +}); + +// * cant use permission of route() function because path doesn't have guild_id/channel_id +router.delete("/:code", route({}), async (req: Request, res: Response) => { + const { code } = req.params; + const invite = await Invite.findOneOrFail({ where: { code } }); + const { guild_id, channel_id } = invite; + + const permission = await getPermission(req.user_id, guild_id, channel_id); + + if (!permission.has("MANAGE_GUILD") && !permission.has("MANAGE_CHANNELS")) + throw new HTTPError("You missing the MANAGE_GUILD or MANAGE_CHANNELS permission", 401); + + await Promise.all([ + Invite.delete({ code }), + emitEvent({ + event: "INVITE_DELETE", + guild_id: guild_id, + data: { + channel_id: channel_id, + guild_id: guild_id, + code: code + } + } as InviteDeleteEvent) + ]); + + res.json({ invite: invite }); +}); + +export default router; |