diff options
Diffstat (limited to 'api/src/routes')
| -rw-r--r-- | api/src/routes/channels/#channel_id/messages/#message_id/reactions.ts | 2 | ||||
| -rw-r--r-- | api/src/routes/channels/#channel_id/permissions.ts | 2 | ||||
| -rw-r--r-- | api/src/routes/channels/#channel_id/typing.ts | 2 | ||||
| -rw-r--r-- | api/src/routes/guilds/#guild_id/index.ts | 4 | ||||
| -rw-r--r-- | api/src/routes/guilds/#guild_id/members/#member_id/index.ts | 10 | ||||
| -rw-r--r-- | api/src/routes/guilds/#guild_id/widget.json.ts | 2 | ||||
| -rw-r--r-- | api/src/routes/guilds/index.ts | 2 | ||||
| -rw-r--r-- | api/src/routes/guilds/templates/index.ts | 2 | ||||
| -rw-r--r-- | api/src/routes/users/#id/profile.ts | 10 | ||||
| -rw-r--r-- | api/src/routes/users/@me/delete.ts | 11 | ||||
| -rw-r--r-- | api/src/routes/users/@me/guilds.ts | 4 | ||||
| -rw-r--r-- | api/src/routes/users/@me/profile.ts | 27 |
12 files changed, 32 insertions, 46 deletions
diff --git a/api/src/routes/channels/#channel_id/messages/#message_id/reactions.ts b/api/src/routes/channels/#channel_id/messages/#message_id/reactions.ts index f60484b5..37168940 100644 --- a/api/src/routes/channels/#channel_id/messages/#message_id/reactions.ts +++ b/api/src/routes/channels/#channel_id/messages/#message_id/reactions.ts @@ -136,7 +136,7 @@ router.put("/:emoji/:user_id", async (req: Request, res: Response) => { await Message.update({ id: message_id, channel_id }, message); - const member = channel.guild_id && (await Member.findOneOrFail({ id: req.user_id })); + const member = channel.guild_id && (await Member.findOneOrFail({ user_id: req.user_id })); await emitEvent({ event: "MESSAGE_REACTION_ADD", diff --git a/api/src/routes/channels/#channel_id/permissions.ts b/api/src/routes/channels/#channel_id/permissions.ts index 9c49542b..97f21659 100644 --- a/api/src/routes/channels/#channel_id/permissions.ts +++ b/api/src/routes/channels/#channel_id/permissions.ts @@ -20,7 +20,7 @@ router.put("/:overwrite_id", check({ allow: String, deny: String, type: Number, if (body.type === 0) { if (!(await Role.count({ id: overwrite_id }))) throw new HTTPError("role not found", 404); } else if (body.type === 1) { - if (!(await Member.count({ id: overwrite_id }))) throw new HTTPError("user not found", 404); + if (!(await Member.count({ user_id: overwrite_id }))) throw new HTTPError("user not found", 404); } else throw new HTTPError("type not supported", 501); // @ts-ignore diff --git a/api/src/routes/channels/#channel_id/typing.ts b/api/src/routes/channels/#channel_id/typing.ts index f1fb3c86..aef99103 100644 --- a/api/src/routes/channels/#channel_id/typing.ts +++ b/api/src/routes/channels/#channel_id/typing.ts @@ -10,7 +10,7 @@ router.post("/", async (req: Request, res: Response) => { const user_id = req.user_id; const timestamp = Date.now(); const channel = await Channel.findOneOrFail({ id: channel_id }); - const member = await Member.findOneOrFail({ id: user_id }); + const member = await Member.findOneOrFail({ user_id: user_id }); await emitEvent({ event: "TYPING_START", diff --git a/api/src/routes/guilds/#guild_id/index.ts b/api/src/routes/guilds/#guild_id/index.ts index 6f55be3b..80b5c609 100644 --- a/api/src/routes/guilds/#guild_id/index.ts +++ b/api/src/routes/guilds/#guild_id/index.ts @@ -14,8 +14,8 @@ router.get("/", async (req: Request, res: Response) => { const [guild, member_count, member] = await Promise.all([ Guild.findOneOrFail({ id: guild_id }), - Member.count({ guild: { id: guild_id }, id: req.user_id }), - Member.findOneOrFail({ id: req.user_id }) + Member.count({ guild_id: guild_id, user_id: req.user_id }), + Member.findOneOrFail({ user_id: req.user_id }) ]); if (!member_count) throw new HTTPError("You are not a member of the guild you are trying to access", 401); diff --git a/api/src/routes/guilds/#guild_id/members/#member_id/index.ts b/api/src/routes/guilds/#guild_id/members/#member_id/index.ts index d9ce91c0..733a64c4 100644 --- a/api/src/routes/guilds/#guild_id/members/#member_id/index.ts +++ b/api/src/routes/guilds/#guild_id/members/#member_id/index.ts @@ -21,7 +21,7 @@ router.get("/", async (req: Request, res: Response) => { const { guild_id, member_id } = req.params; await Member.IsInGuildOrFail(req.user_id, guild_id); - const member = await Member.findOneOrFail({ id: member_id, guild_id }); + const member = await Member.findOneOrFail({ user_id: member_id, guild_id }); return res.json(member); }); @@ -29,13 +29,17 @@ router.get("/", async (req: Request, res: Response) => { router.patch("/", check(MemberChangeSchema), async (req: Request, res: Response) => { const { guild_id, member_id } = req.params; const body = req.body as MemberChangeSchema; + + const permission = await getPermission(req.user_id, guild_id); + if (body.roles) { const roles = await Role.find({ id: In(body.roles) }); if (body.roles.length !== roles.length) throw new HTTPError("Roles not found", 404); - // TODO: check if user has permission to add role + + permission.hasThrow("MANAGE_ROLES"); } - const member = await Member.findOneOrFail({ id: member_id, guild_id }); + const member = await Member.findOneOrFail({ user_id: member_id, guild_id }); member.assign(req.body); Promise.all([ diff --git a/api/src/routes/guilds/#guild_id/widget.json.ts b/api/src/routes/guilds/#guild_id/widget.json.ts index ae1f0599..193ed095 100644 --- a/api/src/routes/guilds/#guild_id/widget.json.ts +++ b/api/src/routes/guilds/#guild_id/widget.json.ts @@ -63,7 +63,7 @@ router.get("/", async (req: Request, res: Response) => { // Fetch members // TODO: Understand how Discord's max 100 random member sample works, and apply to here (see top of this file) - let members = await Member.find({ where: { guild_id: guild_id } }); + let members = await Member.find({ guild_id: guild_id }); // Construct object to respond with const data = { diff --git a/api/src/routes/guilds/index.ts b/api/src/routes/guilds/index.ts index a54b83ba..92525317 100644 --- a/api/src/routes/guilds/index.ts +++ b/api/src/routes/guilds/index.ts @@ -13,7 +13,7 @@ router.post("/", check(GuildCreateSchema), async (req: Request, res: Response) = const body = req.body as GuildCreateSchema; const { maxGuilds } = Config.get().limits.user; - const guild_count = await Member.count({ id: req.user_id }); + const guild_count = await Member.count({ user_id: req.user_id }); if (guild_count >= maxGuilds) { throw DiscordApiErrors.MAXIMUM_GUILDS.withParams(maxGuilds); } diff --git a/api/src/routes/guilds/templates/index.ts b/api/src/routes/guilds/templates/index.ts index 3a619278..16b65c65 100644 --- a/api/src/routes/guilds/templates/index.ts +++ b/api/src/routes/guilds/templates/index.ts @@ -20,7 +20,7 @@ router.post("/:code", check(GuildTemplateCreateSchema), async (req: Request, res const { maxGuilds } = Config.get().limits.user; - const guild_count = await Member.count({ id: req.user_id }); + const guild_count = await Member.count({ user_id: req.user_id }); if (guild_count >= maxGuilds) { throw DiscordApiErrors.MAXIMUM_GUILDS.withParams(maxGuilds); } diff --git a/api/src/routes/users/#id/profile.ts b/api/src/routes/users/#id/profile.ts index afccfed5..8be03b47 100644 --- a/api/src/routes/users/#id/profile.ts +++ b/api/src/routes/users/#id/profile.ts @@ -1,9 +1,10 @@ import { Router, Request, Response } from "express"; -import { User } from "../../../../../util/dist"; +import { PublicConnectedAccount, PublicUser, User, UserPublic } from "../../../../../util/dist"; const router: Router = Router(); router.get("/", async (req: Request, res: Response) => { + if (req.params.id === "@me") req.params.id = req.user_id; const user = await User.getPublicUser(req.params.id, { relations: ["connected_accounts"] }); res.json({ @@ -24,4 +25,11 @@ router.get("/", async (req: Request, res: Response) => { }); }); +export interface UserProfileResponse { + user: UserPublic; + connected_accounts: PublicConnectedAccount; + premium_guild_since?: Date; + premium_since?: Date; +} + export default router; diff --git a/api/src/routes/users/@me/delete.ts b/api/src/routes/users/@me/delete.ts index 6bfe0b93..e3b54607 100644 --- a/api/src/routes/users/@me/delete.ts +++ b/api/src/routes/users/@me/delete.ts @@ -1,6 +1,7 @@ import { Router, Request, Response } from "express"; import { Guild, Member, User } from "@fosscord/util"; import bcrypt from "bcrypt"; +import { HTTPError } from "lambert-server"; const router = Router(); router.post("/", async (req: Request, res: Response) => { @@ -9,16 +10,16 @@ router.post("/", async (req: Request, res: Response) => { if (user.data.hash) { // guest accounts can delete accounts without password - correctpass = await bcrypt.compare(req.body.password, user.data.hash); //Not sure if user typed right password :/ + correctpass = await bcrypt.compare(req.body.password, user.data.hash); + if (!correctpass) { + throw new HTTPError(req.t("auth:login.INVALID_PASSWORD")); + } } // TODO: decrement guild member count if (correctpass) { - await Promise.all([ - User.delete({ id: req.user_id }), //Yeetus user deletus - Member.delete({ id: req.user_id }) - ]); + await Promise.all([User.delete({ id: req.user_id }), Member.delete({ user_id: req.user_id })]); res.sendStatus(204); } else { diff --git a/api/src/routes/users/@me/guilds.ts b/api/src/routes/users/@me/guilds.ts index fb88281b..1edb0eb1 100644 --- a/api/src/routes/users/@me/guilds.ts +++ b/api/src/routes/users/@me/guilds.ts @@ -6,7 +6,7 @@ import { In } from "typeorm"; const router: Router = Router(); router.get("/", async (req: Request, res: Response) => { - const members = await Member.find({ relations: ["guild"], where: { id: req.user_id } }); + const members = await Member.find({ relations: ["guild"], where: { user_id: req.user_id } }); res.json(members.map((x) => x.guild)); }); @@ -20,7 +20,7 @@ router.delete("/:id", async (req: Request, res: Response) => { if (guild.owner_id === req.user_id) throw new HTTPError("You can't leave your own guild", 400); await Promise.all([ - Member.delete({ id: req.user_id, guild_id: guild_id }), + Member.delete({ user_id: req.user_id, guild_id: guild_id }), emitEvent({ event: "GUILD_DELETE", data: { diff --git a/api/src/routes/users/@me/profile.ts b/api/src/routes/users/@me/profile.ts deleted file mode 100644 index 5ba03c68..00000000 --- a/api/src/routes/users/@me/profile.ts +++ /dev/null @@ -1,27 +0,0 @@ -import { Router, Request, Response } from "express"; -import { User } from "../../../../../util/dist"; - -const router: Router = Router(); - -router.get("/", async (req: Request, res: Response) => { - const user = await User.getPublicUser(req.user_id, { relations: ["connected_accounts"] }); - - res.json({ - connected_accounts: user.connected_accounts, - premium_guild_since: null, // TODO - premium_since: null, // TODO - user: { - username: user.username, - discriminator: user.discriminator, - id: user.id, - public_flags: user.public_flags, - avatar: user.avatar, - accent_color: user.accent_color, - banner: user.banner, - bio: user.bio, - bot: user.bot - } - }); -}); - -export default router; |