diff options
Diffstat (limited to 'src/api/routes/channels/#channel_id/permissions.ts')
| -rw-r--r-- | src/api/routes/channels/#channel_id/permissions.ts | 81 |
1 files changed, 81 insertions, 0 deletions
diff --git a/src/api/routes/channels/#channel_id/permissions.ts b/src/api/routes/channels/#channel_id/permissions.ts new file mode 100644 index 00000000..34052fe5 --- /dev/null +++ b/src/api/routes/channels/#channel_id/permissions.ts @@ -0,0 +1,81 @@ +import { + Channel, + ChannelPermissionOverwrite, + ChannelPermissionOverwriteSchema, + ChannelPermissionOverwriteType, + ChannelUpdateEvent, + emitEvent, + getPermission, + Member, + Role +} from "@fosscord/util"; +import { Router, Response, Request } from "express"; +import { HTTPError } from "@fosscord/util"; +import { route } from "@fosscord/api"; + +const router: Router = Router(); + +router.put( + "/:overwrite_id", + route({ body: "ChannelPermissionOverwriteSchema", permission: "MANAGE_ROLES" }), + async (req: Request, res: Response) => { + const { channel_id, overwrite_id } = req.params; + const body = req.body as ChannelPermissionOverwriteSchema; + + let channel = await Channel.findOneOrFail({ where: {id: channel_id} }); + if (!channel.guild_id) throw new HTTPError("Channel not found", 404); + + if (body.type === 0) { + if (!(await Role.count({ where: { id: overwrite_id } }))) throw new HTTPError("role not found", 404); + } else if (body.type === 1) { + if (!(await Member.count({ where: { id: overwrite_id } }))) throw new HTTPError("user not found", 404); + } else throw new HTTPError("type not supported", 501); + + // @ts-ignore + let overwrite: ChannelPermissionOverwrite = channel.permission_overwrites.find((x) => x.id === overwrite_id); + if (!overwrite) { + // @ts-ignore + overwrite = { + id: overwrite_id, + type: body.type + }; + channel.permission_overwrites!.push(overwrite); + } + overwrite.allow = String(req.permission!.bitfield & (BigInt(body.allow) || BigInt("0"))); + overwrite.deny = String(req.permission!.bitfield & (BigInt(body.deny) || BigInt("0"))); + + await Promise.all([ + channel.save(), + emitEvent({ + event: "CHANNEL_UPDATE", + channel_id, + data: channel + } as ChannelUpdateEvent) + ]); + + return res.sendStatus(204); + } +); + +// TODO: check permission hierarchy +router.delete("/:overwrite_id", route({ permission: "MANAGE_ROLES" }), async (req: Request, res: Response) => { + const { channel_id, overwrite_id } = req.params; + + const channel = await Channel.findOneOrFail({ where: { id: channel_id } }); + if (!channel.guild_id) throw new HTTPError("Channel not found", 404); + + channel.permission_overwrites = channel.permission_overwrites!.filter((x) => x.id === overwrite_id); + + await Promise.all([ + channel.save(), + emitEvent({ + event: "CHANNEL_UPDATE", + channel_id, + data: channel + } as ChannelUpdateEvent) + ]); + + return res.sendStatus(204); +}); + +export default router; |