diff options
21 files changed, 61 insertions, 266 deletions
diff --git a/api/src/routes/auth/register.ts b/api/src/routes/auth/register.ts index e70e01ed..33f089b2 100644 --- a/api/src/routes/auth/register.ts +++ b/api/src/routes/auth/register.ts @@ -6,7 +6,6 @@ import "missing-native-js-functions"; import { generateToken } from "./login"; import { getIpAdress, IPAnalysis, isProxy } from "@fosscord/api"; import { HTTPError } from "lambert-server"; -import { In } from "typeorm"; const router: Router = Router(); diff --git a/api/src/routes/channels/#channel_id/messages/index.ts b/api/src/routes/channels/#channel_id/messages/index.ts index 11334367..be9a41b1 100644 --- a/api/src/routes/channels/#channel_id/messages/index.ts +++ b/api/src/routes/channels/#channel_id/messages/index.ts @@ -1,7 +1,7 @@ import { Router, Response, Request } from "express"; import { Attachment, Channel, ChannelType, Embed, getPermission, Message } from "@fosscord/util"; import { HTTPError } from "lambert-server"; -import { instanceOf, Length, route } from "@fosscord/api"; +import { route } from "@fosscord/api"; import multer from "multer"; import { sendMessage } from "@fosscord/api"; import { uploadFile } from "@fosscord/api"; @@ -61,17 +61,12 @@ router.get("/", async (req: Request, res: Response) => { if (!channel) throw new HTTPError("Channel not found", 404); isTextChannel(channel.type); + const around = `${req.query.around}`; + const before = `${req.query.before}`; + const after = `${req.query.after}`; + const limit = Number(req.query.limit) || 50; + if (limit < 1 || limit > 100) throw new HTTPError("limit must be between 1 and 100"); - try { - instanceOf({ $around: String, $after: String, $before: String, $limit: new Length(Number, 1, 100) }, req.query, { - path: "query", - req - }); - } catch (error) { - return res.status(400).json({ code: 50035, message: "Invalid Query", success: false, errors: error }); - } - var { around, after, before, limit }: { around?: string; after?: string; before?: string; limit?: number } = req.query; - if (!limit) limit = 50; var halfLimit = Math.floor(limit / 2); const permissions = await getPermission(req.user_id, channel.guild_id, channel_id); diff --git a/api/src/routes/channels/#channel_id/permissions.ts b/api/src/routes/channels/#channel_id/permissions.ts index 959ab8e0..bc7ad5b8 100644 --- a/api/src/routes/channels/#channel_id/permissions.ts +++ b/api/src/routes/channels/#channel_id/permissions.ts @@ -2,7 +2,7 @@ import { Channel, ChannelPermissionOverwrite, ChannelUpdateEvent, emitEvent, get import { Router, Response, Request } from "express"; import { HTTPError } from "lambert-server"; -import { check, route } from "@fosscord/api"; +import { route } from "@fosscord/api"; const router: Router = Router(); // TODO: Only permissions your bot has in the guild or channel can be allowed/denied (unless your bot has a MANAGE_ROLES overwrite in the channel) diff --git a/api/src/routes/channels/#channel_id/typing.ts b/api/src/routes/channels/#channel_id/typing.ts index ad973bca..a9dcb315 100644 --- a/api/src/routes/channels/#channel_id/typing.ts +++ b/api/src/routes/channels/#channel_id/typing.ts @@ -9,14 +9,14 @@ router.post("/", route({ permission: "SEND_MESSAGES" }), async (req: Request, re const user_id = req.user_id; const timestamp = Date.now(); const channel = await Channel.findOneOrFail({ id: channel_id }); - const member = await Member.findOneOrFail({ id: user_id }); + const member = await Member.findOneOrFail({ where: { id: user_id }, relations: ["roles"] }); await emitEvent({ event: "TYPING_START", channel_id: channel_id, data: { // this is the paylod - member: { ...member, roles: member.roles.map((x) => x.id) }, + member: { ...member, roles: member.roles?.map((x) => x.id) }, channel_id, timestamp, user_id, diff --git a/api/src/routes/channels/#channel_id/webhooks.ts b/api/src/routes/channels/#channel_id/webhooks.ts index f84dfcc5..7b894455 100644 --- a/api/src/routes/channels/#channel_id/webhooks.ts +++ b/api/src/routes/channels/#channel_id/webhooks.ts @@ -1,5 +1,5 @@ import { Router, Response, Request } from "express"; -import { check, Length, route } from "@fosscord/api"; +import { route } from "@fosscord/api"; import { Channel, Config, getPermission, trimSpecial, Webhook } from "@fosscord/util"; import { HTTPError } from "lambert-server"; import { isTextChannel } from "./messages/index"; diff --git a/api/src/routes/guilds/#guild_id/bans.ts b/api/src/routes/guilds/#guild_id/bans.ts index c7fda9ad..e7d46898 100644 --- a/api/src/routes/guilds/#guild_id/bans.ts +++ b/api/src/routes/guilds/#guild_id/bans.ts @@ -1,7 +1,7 @@ import { Request, Response, Router } from "express"; import { emitEvent, getPermission, GuildBanAddEvent, GuildBanRemoveEvent, Guild, Ban, User, Member } from "@fosscord/util"; import { HTTPError } from "lambert-server"; -import { getIpAdress, check, route } from "@fosscord/api"; +import { getIpAdress, route } from "@fosscord/api"; export interface BanCreateSchema { delete_message_days?: string; diff --git a/api/src/routes/guilds/#guild_id/channels.ts b/api/src/routes/guilds/#guild_id/channels.ts index e21327d1..13c6b515 100644 --- a/api/src/routes/guilds/#guild_id/channels.ts +++ b/api/src/routes/guilds/#guild_id/channels.ts @@ -1,7 +1,7 @@ import { Router, Response, Request } from "express"; import { Channel, ChannelUpdateEvent, getPermission, emitEvent } from "@fosscord/util"; import { HTTPError } from "lambert-server"; -import { check, route } from "@fosscord/api"; +import { route } from "@fosscord/api"; import { ChannelModifySchema } from "../../channels/#channel_id"; const router = Router(); diff --git a/api/src/routes/guilds/#guild_id/index.ts b/api/src/routes/guilds/#guild_id/index.ts index 690d4103..a75d1138 100644 --- a/api/src/routes/guilds/#guild_id/index.ts +++ b/api/src/routes/guilds/#guild_id/index.ts @@ -1,7 +1,7 @@ import { Request, Response, Router } from "express"; import { emitEvent, getPermission, Guild, GuildUpdateEvent, Member } from "@fosscord/util"; import { HTTPError } from "lambert-server"; -import { check, route } from "@fosscord/api"; +import { route } from "@fosscord/api"; import { handleFile } from "@fosscord/api"; import "missing-native-js-functions"; import { GuildCreateSchema } from "../index"; diff --git a/api/src/routes/guilds/#guild_id/members/#member_id/index.ts b/api/src/routes/guilds/#guild_id/members/#member_id/index.ts index 1708b7eb..ab489743 100644 --- a/api/src/routes/guilds/#guild_id/members/#member_id/index.ts +++ b/api/src/routes/guilds/#guild_id/members/#member_id/index.ts @@ -1,7 +1,7 @@ import { Request, Response, Router } from "express"; import { Member, getPermission, Role, GuildMemberUpdateEvent, emitEvent } from "@fosscord/util"; import { HTTPError } from "lambert-server"; -import { check, route } from "@fosscord/api"; +import { route } from "@fosscord/api"; const router = Router(); diff --git a/api/src/routes/guilds/#guild_id/members/index.ts b/api/src/routes/guilds/#guild_id/members/index.ts index 335f21c7..386276c8 100644 --- a/api/src/routes/guilds/#guild_id/members/index.ts +++ b/api/src/routes/guilds/#guild_id/members/index.ts @@ -1,7 +1,8 @@ import { Request, Response, Router } from "express"; import { Guild, Member, PublicMemberProjection } from "@fosscord/util"; -import { instanceOf, Length, route } from "@fosscord/api"; +import { route } from "@fosscord/api"; import { MoreThan } from "typeorm"; +import { HTTPError } from "lambert-server"; const router = Router(); @@ -11,26 +12,17 @@ const router = Router(); router.get("/", route({}), async (req: Request, res: Response) => { const { guild_id } = req.params; - const guild = await Guild.findOneOrFail({ id: guild_id }); - await Member.IsInGuildOrFail(req.user_id, guild_id); - - try { - instanceOf({ $limit: new Length(Number, 1, 1000), $after: String }, req.query, { - path: "query", - req, - ref: { obj: null, key: "" } - }); - } catch (error) { - return res.status(400).json({ code: 50035, message: "Invalid Query", success: false, errors: error }); - } - - const { limit, after } = (<unknown>req.query) as { limit?: number; after?: string }; + const limit = Number(req.query.limit) || 1; + if (limit > 1000 || limit < 1) throw new HTTPError("Limit must be between 1 and 1000"); + const after = `${req.query.after}`; const query = after ? { id: MoreThan(after) } : {}; + await Member.IsInGuildOrFail(req.user_id, guild_id); + const members = await Member.find({ where: { guild_id, ...query }, select: PublicMemberProjection, - take: limit || 1, + take: limit, order: { id: "ASC" } }); diff --git a/api/src/routes/guilds/#guild_id/roles.ts b/api/src/routes/guilds/#guild_id/roles.ts index 5c549262..bac63bd4 100644 --- a/api/src/routes/guilds/#guild_id/roles.ts +++ b/api/src/routes/guilds/#guild_id/roles.ts @@ -11,8 +11,7 @@ import { DiscordApiErrors } from "@fosscord/util"; import { HTTPError } from "lambert-server"; -import { check, route } from "@fosscord/api"; -import { In } from "typeorm"; +import { route } from "@fosscord/api"; const router: Router = Router(); diff --git a/api/src/routes/guilds/#guild_id/vanity-url.ts b/api/src/routes/guilds/#guild_id/vanity-url.ts index 9c0989cc..801768fb 100644 --- a/api/src/routes/guilds/#guild_id/vanity-url.ts +++ b/api/src/routes/guilds/#guild_id/vanity-url.ts @@ -1,6 +1,6 @@ import { Channel, ChannelType, getPermission, Guild, Invite, trimSpecial } from "@fosscord/util"; import { Router, Request, Response } from "express"; -import { check, Length, route } from "@fosscord/api"; +import { route } from "@fosscord/api"; const router = Router(); diff --git a/api/src/routes/guilds/#guild_id/voice-states/#user_id/index.ts b/api/src/routes/guilds/#guild_id/voice-states/#user_id/index.ts index 3d76938b..f9fbea54 100644 --- a/api/src/routes/guilds/#guild_id/voice-states/#user_id/index.ts +++ b/api/src/routes/guilds/#guild_id/voice-states/#user_id/index.ts @@ -1,5 +1,5 @@ import { Channel, ChannelType, DiscordApiErrors, emitEvent, getPermission, VoiceState, VoiceStateUpdateEvent } from "@fosscord/util"; -import { check, route } from "@fosscord/api"; +import { route } from "@fosscord/api"; import { Request, Response, Router } from "express"; const router = Router(); diff --git a/api/src/routes/guilds/#guild_id/widget.ts b/api/src/routes/guilds/#guild_id/widget.ts index c8caae14..2640618d 100644 --- a/api/src/routes/guilds/#guild_id/widget.ts +++ b/api/src/routes/guilds/#guild_id/widget.ts @@ -1,7 +1,6 @@ import { Request, Response, Router } from "express"; -import { getPermission, Guild } from "@fosscord/util"; -import { HTTPError } from "lambert-server"; -import { check, route } from "@fosscord/api"; +import { Guild } from "@fosscord/util"; +import { route } from "@fosscord/api"; export interface WidgetModifySchema { enabled: boolean; // whether the widget is enabled diff --git a/api/src/routes/guilds/index.ts b/api/src/routes/guilds/index.ts index ba951f96..082f8539 100644 --- a/api/src/routes/guilds/index.ts +++ b/api/src/routes/guilds/index.ts @@ -1,7 +1,6 @@ import { Router, Request, Response } from "express"; import { Role, Guild, Snowflake, Config, User, Member, Channel } from "@fosscord/util"; -import { HTTPError } from "lambert-server"; -import { check, route } from "@fosscord/api"; +import { route } from "@fosscord/api"; import { DiscordApiErrors } from "@fosscord/util"; import { ChannelModifySchema } from "../channels/#channel_id"; diff --git a/api/src/routes/guilds/templates/index.ts b/api/src/routes/guilds/templates/index.ts index d7a42044..eb3867c8 100644 --- a/api/src/routes/guilds/templates/index.ts +++ b/api/src/routes/guilds/templates/index.ts @@ -1,8 +1,7 @@ import { Request, Response, Router } from "express"; const router: Router = Router(); import { Template, Guild, Role, Snowflake, Config, User, Member } from "@fosscord/util"; -import { HTTPError } from "lambert-server"; -import { check, route } from "@fosscord/api"; +import { route } from "@fosscord/api"; import { DiscordApiErrors } from "@fosscord/util"; export interface GuildTemplateCreateSchema { diff --git a/api/src/routes/users/@me/index.ts b/api/src/routes/users/@me/index.ts index 68723374..abab9f5f 100644 --- a/api/src/routes/users/@me/index.ts +++ b/api/src/routes/users/@me/index.ts @@ -1,6 +1,6 @@ import { Router, Request, Response } from "express"; import { User, PrivateUserProjection } from "@fosscord/util"; -import { check, route } from "@fosscord/api"; +import { route } from "@fosscord/api"; import { handleFile } from "@fosscord/api"; const router: Router = Router(); diff --git a/api/src/util/FieldError.ts b/api/src/util/FieldError.ts new file mode 100644 index 00000000..0b3f93d2 --- /dev/null +++ b/api/src/util/FieldError.ts @@ -0,0 +1,25 @@ +import "missing-native-js-functions"; + +export function FieldErrors(fields: Record<string, { code?: string; message: string }>) { + return new FieldError( + 50035, + "Invalid Form Body", + fields.map(({ message, code }) => ({ + _errors: [ + { + message, + code: code || "BASE_TYPE_INVALID" + } + ] + })) + ); +} + +// TODO: implement Image data type: Data URI scheme that supports JPG, GIF, and PNG formats. An example Data URI format is: data:image/jpeg;base64,BASE64_ENCODED_JPEG_IMAGE_DATA +// Ensure you use the proper content type (image/jpeg, image/png, image/gif) that matches the image data being provided. + +export class FieldError extends Error { + constructor(public code: string | number, public message: string, public errors?: any) { + super(message); + } +} diff --git a/api/src/util/String.ts b/api/src/util/String.ts index 49fba237..2fe32d2c 100644 --- a/api/src/util/String.ts +++ b/api/src/util/String.ts @@ -1,14 +1,16 @@ import { Request } from "express"; import { ntob } from "./Base64"; -import { FieldErrors } from "./instanceOf"; +import { FieldErrors } from "./FieldError"; +export const EMAIL_REGEX = + /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/; export function checkLength(str: string, min: number, max: number, key: string, req: Request) { if (str.length < min || str.length > max) { throw FieldErrors({ [key]: { code: "BASE_TYPE_BAD_LENGTH", - message: req.t("common:field.BASE_TYPE_BAD_LENGTH", { length: `${min} - ${max}` }), - }, + message: req.t("common:field.BASE_TYPE_BAD_LENGTH", { length: `${min} - ${max}` }) + } }); } } diff --git a/api/src/util/index.ts b/api/src/util/index.ts index c98784a4..4b1e8e77 100644 --- a/api/src/util/index.ts +++ b/api/src/util/index.ts @@ -1,6 +1,6 @@ export * from "./Base64"; export * from "./cdn"; -export * from "./instanceOf"; +export * from "./FieldError"; export * from "./ipAddress"; export * from "./Message"; export * from "./passwordStrength"; diff --git a/api/src/util/instanceOf.ts b/api/src/util/instanceOf.ts deleted file mode 100644 index 4d9034e5..00000000 --- a/api/src/util/instanceOf.ts +++ /dev/null @@ -1,214 +0,0 @@ -// different version of lambert-server instanceOf with discord error format - -import { NextFunction, Request, Response } from "express"; -import { Tuple } from "lambert-server"; -import "missing-native-js-functions"; - -export const OPTIONAL_PREFIX = "$"; -export const EMAIL_REGEX = - /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/; - -export function check(schema: any) { - return (req: Request, res: Response, next: NextFunction) => { - try { - const result = instanceOf(schema, req.body, { path: "body", req, ref: { obj: null, key: "" } }); - if (result === true) return next(); - throw result; - } catch (error) { - return res.status(400).json({ code: 50035, message: "Invalid Form Body", success: false, errors: error }); - } - }; -} - -export function FieldErrors(fields: Record<string, { code?: string; message: string }>) { - return new FieldError( - 50035, - "Invalid Form Body", - fields.map(({ message, code }) => ({ - _errors: [ - { - message, - code: code || "BASE_TYPE_INVALID" - } - ] - })) - ); -} - -// TODO: implement Image data type: Data URI scheme that supports JPG, GIF, and PNG formats. An example Data URI format is: data:image/jpeg;base64,BASE64_ENCODED_JPEG_IMAGE_DATA -// Ensure you use the proper content type (image/jpeg, image/png, image/gif) that matches the image data being provided. - -export class FieldError extends Error { - constructor(public code: string | number, public message: string, public errors?: any) { - super(message); - } -} - -export class Email { - constructor(public email: string) {} - check() { - return !!this.email.match(EMAIL_REGEX); - } -} - -export class Length { - constructor(public type: any, public min: number, public max: number) {} - - check(value: string) { - if (typeof value === "string" || Array.isArray(value)) return value.length >= this.min && value.length <= this.max; - if (typeof value === "number" || typeof value === "bigint") return value >= this.min && value <= this.max; - return false; - } -} - -export function instanceOf( - type: any, - value: any, - { - path = "", - optional = false, - errors = {}, - req, - ref - }: { path?: string; optional?: boolean; errors?: any; req: Request; ref?: { key: string | number; obj: any } } -): Boolean { - if (!ref) ref = { obj: null, key: "" }; - if (!path) path = "body"; - if (!type) return true; // no type was specified - - try { - if (value == null) { - if (optional) return true; - throw new FieldError("BASE_TYPE_REQUIRED", req.t("common:field.BASE_TYPE_REQUIRED")); - } - - switch (type) { - case String: - value = `${value}`; - ref.obj[ref.key] = value; - if (typeof value === "string") return true; - throw new FieldError("BASE_TYPE_STRING", req.t("common:field.BASE_TYPE_STRING")); - case Number: - value = Number(value); - ref.obj[ref.key] = value; - if (typeof value === "number" && !isNaN(value)) return true; - throw new FieldError("BASE_TYPE_NUMBER", req.t("common:field.BASE_TYPE_NUMBER")); - case BigInt: - try { - value = BigInt(value); - ref.obj[ref.key] = value; - if (typeof value === "bigint") return true; - } catch (error) {} - throw new FieldError("BASE_TYPE_BIGINT", req.t("common:field.BASE_TYPE_BIGINT")); - case Boolean: - if (value == "true") value = true; - if (value == "false") value = false; - ref.obj[ref.key] = value; - if (typeof value === "boolean") return true; - throw new FieldError("BASE_TYPE_BOOLEAN", req.t("common:field.BASE_TYPE_BOOLEAN")); - - case Email: - if (new Email(value).check()) return true; - throw new FieldError("EMAIL_TYPE_INVALID_EMAIL", req.t("common:field.EMAIL_TYPE_INVALID_EMAIL")); - case Date: - value = new Date(value); - ref.obj[ref.key] = value; - // value.getTime() can be < 0, if it is before 1970 - if (!isNaN(value)) return true; - throw new FieldError("DATE_TYPE_PARSE", req.t("common:field.DATE_TYPE_PARSE")); - } - - if (typeof type === "object") { - if (Array.isArray(type)) { - if (!Array.isArray(value)) throw new FieldError("BASE_TYPE_ARRAY", req.t("common:field.BASE_TYPE_ARRAY")); - if (!type.length) return true; // type array didn't specify any type - - return ( - value.every((val, i) => { - errors[i] = {}; - - if ( - instanceOf(type[0], val, { - path: `${path}[${i}]`, - optional, - errors: errors[i], - req, - ref: { key: i, obj: value } - }) === true - ) { - delete errors[i]; - return true; - } - - return false; - }) || errors - ); - } else if (type?.constructor?.name != "Object") { - if (type instanceof Tuple) { - if ((<Tuple>type).types.some((x) => instanceOf(x, value, { path, optional, errors, req, ref }))) return true; - throw new FieldError("BASE_TYPE_CHOICES", req.t("common:field.BASE_TYPE_CHOICES", { types: type.types })); - } else if (type instanceof Length) { - let length = <Length>type; - if (instanceOf(length.type, value, { path, optional, req, ref, errors }) !== true) return errors; - let val = ref.obj[ref.key]; - if ((<Length>type).check(val)) return true; - throw new FieldError( - "BASE_TYPE_BAD_LENGTH", - req.t("common:field.BASE_TYPE_BAD_LENGTH", { - length: `${type.min} - ${type.max}` - }) - ); - } - try { - if (value instanceof type) return true; - } catch (error) { - throw new FieldError("BASE_TYPE_CLASS", req.t("common:field.BASE_TYPE_CLASS", { type })); - } - } - - if (typeof value !== "object") throw new FieldError("BASE_TYPE_OBJECT", req.t("common:field.BASE_TYPE_OBJECT")); - - const diff = Object.keys(value).missing( - Object.keys(type).map((x) => (x.startsWith(OPTIONAL_PREFIX) ? x.slice(OPTIONAL_PREFIX.length) : x)) - ); - - if (diff.length) throw new FieldError("UNKOWN_FIELD", req.t("common:field.UNKOWN_FIELD", { key: diff })); - - return ( - Object.keys(type).every((key) => { - let newKey = key; - const OPTIONAL = key.startsWith(OPTIONAL_PREFIX); - if (OPTIONAL) newKey = newKey.slice(OPTIONAL_PREFIX.length); - errors[newKey] = {}; - - if ( - instanceOf(type[key], value[newKey], { - path: `${path}.${newKey}`, - optional: OPTIONAL, - errors: errors[newKey], - req, - ref: { key: newKey, obj: value } - }) === true - ) { - delete errors[newKey]; - return true; - } - - return false; - }) || errors - ); - } else if (typeof type === "number" || typeof type === "string" || typeof type === "boolean") { - if (value === type) return true; - throw new FieldError("BASE_TYPE_CONSTANT", req.t("common:field.BASE_TYPE_CONSTANT", { value: type })); - } else if (typeof type === "bigint") { - if (BigInt(value) === type) return true; - throw new FieldError("BASE_TYPE_CONSTANT", req.t("common:field.BASE_TYPE_CONSTANT", { value: type })); - } - - return type == value; - } catch (error) { - let e = error as FieldError; - errors._errors = [{ message: e.message, code: e.code }]; - return errors; - } -} |