diff --git a/api/src/middlewares/Authentication.ts b/api/src/middlewares/Authentication.ts
index a300c786..32307f42 100644
--- a/api/src/middlewares/Authentication.ts
+++ b/api/src/middlewares/Authentication.ts
@@ -5,11 +5,11 @@ import { checkToken, Config } from "@fosscord/util";
export const NO_AUTHORIZATION_ROUTES = [
"/auth/login",
"/auth/register",
- "/webhooks/",
"/ping",
"/gateway",
"/experiments",
- /\/guilds\/\d+\/widget\.(json|png)/
+ /\/guilds\/\d+\/widget\.(json|png)/,
+ /\/webhooks\/\d+\/\w+/ // only exclude webhook calls with webhook token
];
export const API_PREFIX = /^\/api(\/v\d+)?/;
diff --git a/api/src/middlewares/ErrorHandler.ts b/api/src/middlewares/ErrorHandler.ts
index d288f3fb..338da8d5 100644
--- a/api/src/middlewares/ErrorHandler.ts
+++ b/api/src/middlewares/ErrorHandler.ts
@@ -1,9 +1,10 @@
import { NextFunction, Request, Response } from "express";
import { HTTPError } from "lambert-server";
-import { EntityNotFoundError } from "typeorm";
import { FieldError } from "@fosscord/api";
import { ApiError } from "@fosscord/util";
+const EntityNotFoundErrorRegex = /"(\w+)"/;
+
export function ErrorHandler(error: Error, req: Request, res: Response, next: NextFunction) {
if (!error) return next();
@@ -18,8 +19,8 @@ export function ErrorHandler(error: Error, req: Request, res: Response, next: Ne
code = error.code;
message = error.message;
httpcode = error.httpStatus;
- } else if (error instanceof EntityNotFoundError) {
- message = `${(error as any).stringifyTarget || "Item"} could not be found`;
+ } else if (error.name === "EntityNotFoundError") {
+ message = `${error.message.match(EntityNotFoundErrorRegex)?.[1] || "Item"} could not be found`;
code = 404;
} else if (error instanceof FieldError) {
code = Number(error.code);
diff --git a/api/src/routes/channels/#channel_id/webhooks.ts b/api/src/routes/channels/#channel_id/webhooks.ts
index 7b894455..9c8df3fb 100644
--- a/api/src/routes/channels/#channel_id/webhooks.ts
+++ b/api/src/routes/channels/#channel_id/webhooks.ts
@@ -1,9 +1,21 @@
import { Router, Response, Request } from "express";
-import { route } from "@fosscord/api";
-import { Channel, Config, getPermission, trimSpecial, Webhook } from "@fosscord/util";
+import { handleFile, route } from "@fosscord/api";
+import {
+ Channel,
+ Config,
+ emitEvent,
+ getPermission,
+ Snowflake,
+ trimSpecial,
+ User,
+ Webhook,
+ WebhooksUpdateEvent,
+ WebhookType
+} from "@fosscord/util";
import { HTTPError } from "lambert-server";
import { isTextChannel } from "./messages/index";
import { DiscordApiErrors } from "@fosscord/util";
+import { generateToken } from "../../auth/login";
const router: Router = Router();
// TODO: webhooks
@@ -11,13 +23,26 @@ export interface WebhookCreateSchema {
/**
* @maxLength 80
*/
- name: string;
- avatar: string;
+ name?: string;
+ avatar?: string;
}
+router.get("/", route({ permission: "MANAGE_WEBHOOKS" }), async (req, res) => {
+ const webhooks = await Webhook.find({
+ where: { channel_id: req.params.channel_id },
+ select: ["application", "avatar", "channel_id", "guild_id", "id", "token", "type", "user", "source_guild", "name"],
+ relations: ["user", "application", "source_guild"]
+ });
+
+ res.json(webhooks);
+});
+
// TODO: use Image Data Type for avatar instead of String
router.post("/", route({ body: "WebhookCreateSchema", permission: "MANAGE_WEBHOOKS" }), async (req: Request, res: Response) => {
- const channel_id = req.params.channel_id;
+ var { avatar, name } = req.body as WebhookCreateSchema;
+ name = trimSpecial(name) || "Webhook";
+ if (name === "clyde") throw new HTTPError("Invalid name", 400);
+ const { channel_id } = req.params;
const channel = await Channel.findOneOrFail({ id: channel_id });
isTextChannel(channel.type);
@@ -27,11 +52,29 @@ router.post("/", route({ body: "WebhookCreateSchema", permission: "MANAGE_WEBHOO
const { maxWebhooks } = Config.get().limits.channel;
if (webhook_count > maxWebhooks) throw DiscordApiErrors.MAXIMUM_WEBHOOKS.withParams(maxWebhooks);
- var { avatar, name } = req.body as { name: string; avatar?: string };
- name = trimSpecial(name);
- if (name === "clyde") throw new HTTPError("Invalid name", 400);
-
+ const id = Snowflake.generate();
// TODO: save webhook in database and send response
+ const webhook = await new Webhook({
+ id,
+ name,
+ avatar: await handleFile(`/icons/${id}`, avatar),
+ user: await User.getPublicUser(req.user_id),
+ guild_id: channel.guild_id,
+ channel_id,
+ token: await generateToken(id),
+ type: WebhookType.Incoming
+ }).save();
+
+ await emitEvent({
+ event: "WEBHOOKS_UPDATE",
+ channel_id,
+ data: {
+ channel_id,
+ guild_id: channel.guild_id
+ }
+ } as WebhooksUpdateEvent);
+
+ return res.json(webhook);
});
export default router;
diff --git a/api/src/routes/discoverable-guilds.ts b/api/src/routes/discoverable-guilds.ts
index f667eb2a..71789123 100644
--- a/api/src/routes/discoverable-guilds.ts
+++ b/api/src/routes/discoverable-guilds.ts
@@ -10,7 +10,7 @@ router.get("/", route({}), async (req: Request, res: Response) => {
// ! this only works using SQL querys
// TODO: implement this with default typeorm query
// const guilds = await Guild.find({ where: { features: "DISCOVERABLE" } }); //, take: Math.abs(Number(limit)) });
- const guilds = await Guild.find({ where: `"features" LIKE 'COMMUNITY'`, take: Math.abs(Number(limit)) });
+ const guilds = await Guild.find({ where: `"features" LIKE 'COMMUNITY'`, take: Math.abs(Number(limit) || 50) });
res.send({ guilds: guilds });
});
diff --git a/api/src/routes/guilds/#guild_id/integrations.ts b/api/src/routes/guilds/#guild_id/integrations.ts
new file mode 100644
index 00000000..f6b8e99d
--- /dev/null
+++ b/api/src/routes/guilds/#guild_id/integrations.ts
@@ -0,0 +1,10 @@
+import { route } from "@fosscord/api";
+import { Router, Request, Response } from "express";
+const router = Router();
+
+router.get("/", route({ permission: "MANAGE_GUILD" }), async (req: Request, res: Response) => {
+ // TODO: integrations (followed channels, youtube, twitch)
+ res.send([]);
+});
+
+export default router;
diff --git a/api/src/routes/guilds/#guild_id/webhooks.ts b/api/src/routes/guilds/#guild_id/webhooks.ts
new file mode 100644
index 00000000..a9dd164a
--- /dev/null
+++ b/api/src/routes/guilds/#guild_id/webhooks.ts
@@ -0,0 +1,17 @@
+import { Router, Response, Request } from "express";
+import { route } from "@fosscord/api";
+import { Webhook } from "@fosscord/util";
+
+const router: Router = Router();
+
+router.get("/", route({ permission: "MANAGE_WEBHOOKS" }), async (req: Request, res: Response) => {
+ const webhooks = await Webhook.find({
+ where: { guild_id: req.params.guild_id },
+ select: ["application", "avatar", "channel_id", "guild_id", "id", "token", "type", "user", "source_guild", "name"],
+ relations: ["user", "application", "source_guild"]
+ });
+
+ return res.json(webhooks);
+});
+
+export default router;
diff --git a/api/src/routes/template.ts.disabled b/api/src/routes/template.ts.disabled
index ad785f10..524e981b 100644
--- a/api/src/routes/template.ts.disabled
+++ b/api/src/routes/template.ts.disabled
@@ -4,7 +4,7 @@ import { Router, Request, Response } from "express";
const router = Router();
router.get("/", async (req: Request, res: Response) => {
- res.send({});
+ res.json({});
});
export default router;
diff --git a/api/src/routes/webhooks/#webhook_id/index.ts b/api/src/routes/webhooks/#webhook_id/index.ts
new file mode 100644
index 00000000..e9b40ebf
--- /dev/null
+++ b/api/src/routes/webhooks/#webhook_id/index.ts
@@ -0,0 +1,89 @@
+import { Channel, Config, emitEvent, JWTOptions, Webhook, WebhooksUpdateEvent } from "@fosscord/util";
+import { route, Authentication, handleFile } from "@fosscord/api";
+import { Router, Request, Response, NextFunction } from "express";
+import jwt from "jsonwebtoken";
+import { HTTPError } from "lambert-server";
+const router = Router();
+
+export interface WebhookModifySchema {
+ name?: string;
+ avatar?: string;
+ // channel_id?: string; // TODO
+}
+
+function validateWebhookToken(req: Request, res: Response, next: NextFunction) {
+ const { jwtSecret } = Config.get().security;
+
+ jwt.verify(req.params.token, jwtSecret, JWTOptions, async (err, decoded: any) => {
+ if (err) return next(new HTTPError("Invalid Token", 401));
+ next();
+ });
+}
+
+router.get("/", route({}), async (req: Request, res: Response) => {
+ res.json(await Webhook.findOneOrFail({ id: req.params.webhook_id }));
+});
+
+router.get("/:token", route({}), validateWebhookToken, async (req: Request, res: Response) => {
+ res.json(await Webhook.findOneOrFail({ id: req.params.webhook_id }));
+});
+
+router.patch("/", route({ body: "WebhookModifySchema", permission: "MANAGE_WEBHOOKS" }), (req: Request, res: Response) => {
+ return updateWebhook(req, res);
+});
+
+router.patch("/:token", route({ body: "WebhookModifySchema" }), validateWebhookToken, (req: Request, res: Response) => {
+ return updateWebhook(req, res);
+});
+
+async function updateWebhook(req: Request, res: Response) {
+ const webhook = await Webhook.findOneOrFail({ id: req.params.webhook_id });
+ if (req.body.channel_id) await Channel.findOneOrFail({ id: req.body.channel_id, guild_id: webhook.guild_id });
+
+ webhook.assign({
+ ...req.body,
+ avatar: await handleFile(`/icons/${req.params.webhook_id}`, req.body.avatar)
+ });
+
+ await Promise.all([
+ emitEvent({
+ event: "WEBHOOKS_UPDATE",
+ channel_id: webhook.channel_id,
+ data: {
+ channel_id: webhook.channel_id,
+ guild_id: webhook.guild_id
+ }
+ } as WebhooksUpdateEvent),
+ webhook.save()
+ ]);
+
+ res.json(webhook);
+}
+
+router.delete("/", route({ permission: "MANAGE_WEBHOOKS" }), async (req: Request, res: Response) => {
+ return deleteWebhook(req, res);
+});
+
+router.delete("/:token", route({}), validateWebhookToken, (req: Request, res: Response) => {
+ return deleteWebhook(req, res);
+});
+
+async function deleteWebhook(req: Request, res: Response) {
+ const webhook = await Webhook.findOneOrFail({ id: req.params.webhook_id });
+
+ await Promise.all([
+ emitEvent({
+ event: "WEBHOOKS_UPDATE",
+ channel_id: webhook.channel_id,
+ data: {
+ channel_id: webhook.channel_id,
+ guild_id: webhook.guild_id
+ }
+ } as WebhooksUpdateEvent),
+ webhook.remove()
+ ]);
+
+ res.sendStatus(204);
+}
+
+export default router;
diff --git a/api/src/util/route.ts b/api/src/util/route.ts
index 6cd8f622..1e2beb5d 100644
--- a/api/src/util/route.ts
+++ b/api/src/util/route.ts
@@ -1,4 +1,4 @@
-import { DiscordApiErrors, Event, EventData, getPermission, PermissionResolvable, Permissions } from "@fosscord/util";
+import { DiscordApiErrors, Event, EventData, getPermission, PermissionResolvable, Permissions, Webhook } from "@fosscord/util";
import { NextFunction, Request, Response } from "express";
import fs from "fs";
import path from "path";
@@ -54,9 +54,13 @@ export function route(opts: RouteOptions) {
return async (req: Request, res: Response, next: NextFunction) => {
if (opts.permission) {
const required = new Permissions(opts.permission);
+ if (req.params.webhook_id) {
+ const webhook = await Webhook.findOneOrFail({ id: req.params.webhook_id });
+ req.params.channel_id = webhook.channel_id;
+ req.params.guild_id = webhook.guild_id;
+ }
const permission = await getPermission(req.user_id, req.params.guild_id, req.params.channel_id);
- // bitfield comparison: check if user lacks certain permission
if (!permission.has(required)) {
throw DiscordApiErrors.MISSING_PERMISSIONS.withParams(opts.permission as string);
}
|
