diff options
| author | Intevel ツ <59223342+Intevel@users.noreply.github.com> | 2021-05-08 14:15:55 +0200 |
|---|---|---|
| committer | Intevel ツ <59223342+Intevel@users.noreply.github.com> | 2021-05-08 14:15:55 +0200 |
| commit | 2497929ae5eb30c59e60d7ee00c24c60f9a35f78 (patch) | |
| tree | cafb5e4c6eab71bac2ad496cbfd16a89624d32f7 /src/routes | |
| parent | Update members.ts (diff) | |
| parent | :sparkles: add isMember check for get member routes (diff) | |
| download | server-2497929ae5eb30c59e60d7ee00c24c60f9a35f78.tar.xz | |
Merge branch 'master' of https://github.com/fosscord/fosscord-api
Diffstat (limited to 'src/routes')
| -rw-r--r-- | src/routes/guilds/#guild_id/members.ts | 22 |
1 files changed, 15 insertions, 7 deletions
diff --git a/src/routes/guilds/#guild_id/members.ts b/src/routes/guilds/#guild_id/members.ts index 49621469..4dd8f013 100644 --- a/src/routes/guilds/#guild_id/members.ts +++ b/src/routes/guilds/#guild_id/members.ts @@ -1,8 +1,16 @@ import { Request, Response, Router } from "express"; -import { GuildModel, MemberModel, UserModel, toObject, GuildMemberAddEvent, getPermission, PermissionResolvable } from "@fosscord/server-util"; +import { + GuildModel, + MemberModel, + UserModel, + toObject, + GuildMemberAddEvent, + getPermission, + PermissionResolvable, +} from "@fosscord/server-util"; import { HTTPError } from "lambert-server"; import { instanceOf, Length, check } from "../../../util/instanceOf"; -import { PublicMemberProjection, addMember, removeMember, addRole, removeRole, changeNickname } from "../../../util/Member"; +import { PublicMemberProjection, addMember, removeMember, addRole, removeRole, changeNickname, isMember } from "../../../util/Member"; import { emitEvent } from "../../../util/Event"; import { MemberNickChangeSchema } from "../../../schema/Member"; import { getPublicUser } from "../../../util/User"; @@ -15,6 +23,7 @@ router.get("/", async (req: Request, res: Response) => { const { guild_id } = req.params; const guild = await GuildModel.findOne({ id: guild_id }).exec(); if (!guild) throw new HTTPError("Guild not found", 404); + await isMember(req.user_id, guild_id); try { instanceOf({ $limit: new Length(Number, 1, 1000), $after: String }, req.query, { @@ -40,6 +49,7 @@ router.get("/", async (req: Request, res: Response) => { router.get("/:member_id", async (req: Request, res: Response) => { const { guild_id, member_id } = req.params; + await isMember(req.user_id, guild_id); const member = await MemberModel.findOne({ id: member_id, guild_id }).exec(); if (!member) throw new HTTPError("Member not found", 404); @@ -56,7 +66,6 @@ router.put("/:member_id", async (req: Request, res: Response) => { res.sendStatus(204) }); - router.delete("/:member_id", async (req: Request, res: Response) => { const { guild_id, member_id } = req.params; @@ -89,12 +98,12 @@ router.put("/:member_id/roles/:role_id", async (req: Request, res: Response) => router.patch("/:member_id/nick", check(MemberNickChangeSchema), async (req: Request, res: Response) => { var { guild_id, member_id } = req.params; - var permissionString:PermissionResolvable = "MANAGE_NICKNAMES"; - if(member_id === "@me") { + var permissionString: PermissionResolvable = "MANAGE_NICKNAMES"; + if (member_id === "@me") { member_id = req.user_id; permissionString = "CHANGE_NICKNAME"; } - + const perms = await getPermission(req.user_id, guild_id); perms.hasThrow(permissionString); @@ -102,5 +111,4 @@ router.patch("/:member_id/nick", check(MemberNickChangeSchema), async (req: Requ res.status(204); }); - export default router; |