diff options
Diffstat (limited to 'src/api/routes/guilds/index.ts')
-rw-r--r-- | src/api/routes/guilds/index.ts | 77 |
1 files changed, 73 insertions, 4 deletions
diff --git a/src/api/routes/guilds/index.ts b/src/api/routes/guilds/index.ts index 545beb18..242d49a0 100644 --- a/src/api/routes/guilds/index.ts +++ b/src/api/routes/guilds/index.ts @@ -26,16 +26,71 @@ import { getRights, } from "@spacebar/util"; import { Request, Response, Router } from "express"; +import { HTTPError } from "lambert-server"; +import { ILike, MoreThan } from "typeorm"; const router: Router = Router(); +router.get( + "/", + route({ + description: "Get a list of guilds", + right: "OPERATOR", + query: { + limit: { + description: + "max number of guilds to return (1-1000). default 100", + type: "number", + required: false, + }, + after: { + description: "The amount of guilds to skip", + type: "number", + required: false, + }, + query: { + description: "The search query", + type: "string", + required: false, + }, + }, + responses: { + 200: { + body: "AdminGuildsResponse", + }, + 400: { + body: "APIErrorResponse", + }, + }, + }), + async (req: Request, res: Response) => { + const { after, query } = req.query as { + after?: number; + query?: string; + }; + + const limit = Number(req.query.limit) || 100; + if (limit > 1000 || limit < 1) + throw new HTTPError("Limit must be between 1 and 1000"); + + const guilds = await Guild.find({ + where: { + ...(after ? { id: MoreThan(`${after}`) } : {}), + ...(query ? { name: ILike(`%${query}%`) } : {}), + }, + take: limit, + }); + + res.send(guilds); + }, +); + //TODO: create default channel router.post( "/", route({ requestBody: "GuildCreateSchema", - right: "CREATE_GUILDS", responses: { 201: { body: "GuildCreateResponse", @@ -50,17 +105,31 @@ router.post( }), async (req: Request, res: Response) => { const body = req.body as GuildCreateSchema; + const rights = await getRights(req.user_id); + if (!rights.has("CREATE_GUILDS") && !rights.has("OPERATOR")) { + throw new HTTPError( + `You are missing the following rights CREATE_GUILDS or OPERATOR`, + 403, + ); + } const { maxGuilds } = Config.get().limits.user; const guild_count = await Member.count({ where: { id: req.user_id } }); - const rights = await getRights(req.user_id); - if (guild_count >= maxGuilds && !rights.has("MANAGE_GUILDS")) { + // allow admins to bypass guild limits + if (guild_count >= maxGuilds && !rights.has("OPERATOR")) { throw DiscordApiErrors.MAXIMUM_GUILDS.withParams(maxGuilds); } + let owner_id = req.user_id; + + // only admins can do this, is ignored otherwise + if (body.owner_id && rights.has("OPERATOR")) { + owner_id = body.owner_id; + } + const guild = await Guild.createGuild({ ...body, - owner_id: req.user_id, + owner_id, }); const { autoJoin } = Config.get().guild; |