summary refs log tree commit diff
path: root/src/api/routes/guilds/#guild_id/roles/#role_id/index.ts
diff options
context:
space:
mode:
Diffstat (limited to 'src/api/routes/guilds/#guild_id/roles/#role_id/index.ts')
-rw-r--r--src/api/routes/guilds/#guild_id/roles/#role_id/index.ts8
1 files changed, 7 insertions, 1 deletions
diff --git a/src/api/routes/guilds/#guild_id/roles/#role_id/index.ts b/src/api/routes/guilds/#guild_id/roles/#role_id/index.ts
index ea1a782a..d854c1f1 100644
--- a/src/api/routes/guilds/#guild_id/roles/#role_id/index.ts
+++ b/src/api/routes/guilds/#guild_id/roles/#role_id/index.ts
@@ -19,6 +19,7 @@
 import { route } from "@spacebar/api";
 import {
 	emitEvent,
+	getRights,
 	GuildRoleDeleteEvent,
 	GuildRoleUpdateEvent,
 	handleFile,
@@ -48,7 +49,10 @@ router.get(
 	}),
 	async (req: Request, res: Response) => {
 		const { guild_id, role_id } = req.params;
-		await Member.IsInGuildOrFail(req.user_id, guild_id);
+		const rights = await getRights(req.user_id);
+		// admins dont need to be in the guild
+		if (!rights.has("OPERATOR"))
+			await Member.IsInGuildOrFail(req.user_id, guild_id);
 		const role = await Role.findOneOrFail({
 			where: { guild_id, id: role_id },
 		});
@@ -59,6 +63,7 @@ router.get(
 router.delete(
 	"/",
 	route({
+		right: "OPERATOR",
 		permission: "MANAGE_ROLES",
 		responses: {
 			204: {},
@@ -103,6 +108,7 @@ router.patch(
 	"/",
 	route({
 		requestBody: "RoleModifySchema",
+		right: "OPERATOR",
 		permission: "MANAGE_ROLES",
 		responses: {
 			200: {
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-19 16:08:13 +0000