From 3498ffdc013e82efec16aa7b985f1e3d08bdfe99 Mon Sep 17 00:00:00 2001
From: Madeline <46743919+MaddyUnderStars@users.noreply.github.com>
Date: Sun, 27 Aug 2023 16:54:54 +1000
Subject: prevent put /guilds/id/members/id for others until we have oauth2
 scopes impled

---
 src/api/routes/guilds/#guild_id/members/#member_id/index.ts | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/api/routes/guilds/#guild_id/members/#member_id/index.ts b/src/api/routes/guilds/#guild_id/members/#member_id/index.ts
index cafb922e..c168f2dc 100644
--- a/src/api/routes/guilds/#guild_id/members/#member_id/index.ts
+++ b/src/api/routes/guilds/#guild_id/members/#member_id/index.ts
@@ -18,6 +18,7 @@
 
 import { route } from "@spacebar/api";
 import {
+	DiscordApiErrors,
 	emitEvent,
 	Emoji,
 	getPermission,
@@ -198,7 +199,9 @@ router.put(
 			member_id = req.user_id;
 			rights.hasThrow("JOIN_GUILDS");
 		} else {
-			// TODO: join others by controller
+			// TODO: check oauth2 scope
+
+			throw DiscordApiErrors.MISSING_REQUIRED_OAUTH2_SCOPE;
 		}
 
 		const guild = await Guild.findOneOrFail({
-- 
cgit 1.4.1