From b51e687793aa9c752d9643cf7a9ac4c3dade6bd2 Mon Sep 17 00:00:00 2001 From: RealMANI <96433859+ImAaronFR@users.noreply.github.com> Date: Sun, 6 Mar 2022 12:20:47 +0330 Subject: [Fix] Changing bio and accent color --- api/src/routes/users/@me/index.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'api/src') diff --git a/api/src/routes/users/@me/index.ts b/api/src/routes/users/@me/index.ts index 5834921c..78e203a2 100644 --- a/api/src/routes/users/@me/index.ts +++ b/api/src/routes/users/@me/index.ts @@ -58,7 +58,7 @@ router.patch("/", route({ body: "UserModifySchema" }), async (req: Request, res: } var check_username = body?.username?.replace(/\s/g, ''); - if(!check_username && !body?.avatar && !body?.banner) { + if(!check_username && !body?.avatar && !body?.banner && !body?.bio && !body?.accent_color) { throw FieldErrors({ username: { code: "BASE_TYPE_REQUIRED", message: req.t("common:field.BASE_TYPE_REQUIRED") } }); -- cgit 1.5.1 From fa750de6fb95fb483ec078f008a417ed166b8183 Mon Sep 17 00:00:00 2001 From: RealMANI <96433859+ImAaronFR@users.noreply.github.com> Date: Sun, 6 Mar 2022 12:37:16 +0330 Subject: Check username --- api/src/routes/users/@me/index.ts | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) (limited to 'api/src') diff --git a/api/src/routes/users/@me/index.ts b/api/src/routes/users/@me/index.ts index 78e203a2..d32b44f9 100644 --- a/api/src/routes/users/@me/index.ts +++ b/api/src/routes/users/@me/index.ts @@ -57,12 +57,14 @@ router.patch("/", route({ body: "UserModifySchema" }), async (req: Request, res: user.data.hash = await bcrypt.hash(body.new_password, 12); } - var check_username = body?.username?.replace(/\s/g, ''); - if(!check_username && !body?.avatar && !body?.banner && !body?.bio && !body?.accent_color) { - throw FieldErrors({ - username: { code: "BASE_TYPE_REQUIRED", message: req.t("common:field.BASE_TYPE_REQUIRED") } - }); - } + if(body.username){ + var check_username = body?.username?.replace(/\s/g, ''); + if(!check_username) { + throw FieldErrors({ + username: { code: "BASE_TYPE_REQUIRED", message: req.t("common:field.BASE_TYPE_REQUIRED") } + }); + } + } await user.save(); -- cgit 1.5.1 From 4294c6a8753379a06b5f4c21c4d4258352ec139d Mon Sep 17 00:00:00 2001 From: Nobody Date: Tue, 8 Mar 2022 12:01:00 -0300 Subject: fix(api): working ban list We should never use await inside loops --- api/src/routes/guilds/#guild_id/bans.ts | 31 +++++++++++++++++++++++-------- 1 file changed, 23 insertions(+), 8 deletions(-) (limited to 'api/src') diff --git a/api/src/routes/guilds/#guild_id/bans.ts b/api/src/routes/guilds/#guild_id/bans.ts index 7ccf34d7..1ce41936 100644 --- a/api/src/routes/guilds/#guild_id/bans.ts +++ b/api/src/routes/guilds/#guild_id/bans.ts @@ -33,17 +33,32 @@ router.get("/", route({ permission: "BAN_MEMBERS" }), async (req: Request, res: const { guild_id } = req.params; let bans = await Ban.find({ guild_id: guild_id }); + let promisesToAwait: object[] = []; + const bansObj: object[] = []; - /* Filter secret from database registry.*/ + bans.filter((ban) => ban.user_id !== ban.executor_id); // pretend self-bans don't exist to prevent victim chasing - bans.filter(ban => ban.user_id !== ban.executor_id); - // pretend self-bans don't exist to prevent victim chasing - - bans.forEach((registry: BanRegistrySchema) => { - delete registry.ip; + bans.forEach((ban) => { + promisesToAwait.push(User.getPublicUser(ban.user_id)); }); - - return res.json(bans); + + const bannedUsers: object[] = await Promise.all(promisesToAwait); + + bans.forEach((ban, index) => { + const user = bannedUsers[index] as User; + bansObj.push({ + reason: ban.reason, + user: { + username: user.username, + discriminator: user.discriminator, + id: user.id, + avatar: user.avatar, + public_flags: user.public_flags + } + }); + }); + + return res.json(bansObj); }); router.get("/:user", route({ permission: "BAN_MEMBERS" }), async (req: Request, res: Response) => { -- cgit 1.5.1 From c097fce8417ea9af344203e5d27430cdea5e110f Mon Sep 17 00:00:00 2001 From: RealMANI <96433859+ImAaronFR@users.noreply.github.com> Date: Tue, 8 Mar 2022 18:35:19 +0330 Subject: Fix bans list (#674) * Fix bans list - Bans list should load properly now * Updated Removed await Removed unnecessary foreach * Update ban.ts await --- api/src/routes/guilds/#guild_id/bans.ts | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) (limited to 'api/src') diff --git a/api/src/routes/guilds/#guild_id/bans.ts b/api/src/routes/guilds/#guild_id/bans.ts index 7ccf34d7..99adf5ae 100644 --- a/api/src/routes/guilds/#guild_id/bans.ts +++ b/api/src/routes/guilds/#guild_id/bans.ts @@ -33,17 +33,21 @@ router.get("/", route({ permission: "BAN_MEMBERS" }), async (req: Request, res: const { guild_id } = req.params; let bans = await Ban.find({ guild_id: guild_id }); - - /* Filter secret from database registry.*/ - - bans.filter(ban => ban.user_id !== ban.executor_id); + // pretend self-bans don't exist to prevent victim chasing + bans.filter(ban => ban.user_id !== ban.executor_id); - bans.forEach((registry: BanRegistrySchema) => { - delete registry.ip; - }); + /* Create an separate array to modify and return */ + + var bans_array: object[] = []; + + for (const ban of bans) { + const banned_user = await User.getPublicUser(ban.user_id); + var ban_object = {user: {id: banned_user.id, username: banned_user.username, avatar: banned_user.avatar, discriminator: banned_user.discriminator, public_flags: banned_user.public_flags}, reason: ban.reason}; + bans_array.push(ban_object) + } - return res.json(bans); + return res.json(bans_array); }); router.get("/:user", route({ permission: "BAN_MEMBERS" }), async (req: Request, res: Response) => { -- cgit 1.5.1 From 4a617faf02d931e5c69a509aa3764ef2b8999bea Mon Sep 17 00:00:00 2001 From: Nobody Date: Tue, 8 Mar 2022 09:18:19 -0300 Subject: fix(api): always add @everyone in user's roles When you add or delete an user's role, you MUST always add "@everyone" role to the roles map --- api/src/routes/guilds/#guild_id/members/#member_id/index.ts | 3 +++ 1 file changed, 3 insertions(+) (limited to 'api/src') diff --git a/api/src/routes/guilds/#guild_id/members/#member_id/index.ts b/api/src/routes/guilds/#guild_id/members/#member_id/index.ts index 24c74af7..c33eb2fe 100644 --- a/api/src/routes/guilds/#guild_id/members/#member_id/index.ts +++ b/api/src/routes/guilds/#guild_id/members/#member_id/index.ts @@ -28,6 +28,9 @@ router.patch("/", route({ body: "MemberChangeSchema" }), async (req: Request, re if (body.roles) { permission.hasThrow("MANAGE_ROLES"); + + const everyone = await Role.findOneOrFail({ guild_id: guild_id, name: "@everyone", position: 0 }); + body.roles.push(everyone?.id); member.roles = body.roles.map((x) => new Role({ id: x })); // foreign key constraint will fail if role doesn't exist } -- cgit 1.5.1 From b20746bd17e6b5b177b35bcf26434b5d0e1b38d6 Mon Sep 17 00:00:00 2001 From: Nobody Date: Tue, 8 Mar 2022 09:25:14 -0300 Subject: fix(api): prevent @everyone role duplication If user already has @everyone role, then don't push it to the array --- api/src/routes/guilds/#guild_id/members/#member_id/index.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'api/src') diff --git a/api/src/routes/guilds/#guild_id/members/#member_id/index.ts b/api/src/routes/guilds/#guild_id/members/#member_id/index.ts index c33eb2fe..3234a405 100644 --- a/api/src/routes/guilds/#guild_id/members/#member_id/index.ts +++ b/api/src/routes/guilds/#guild_id/members/#member_id/index.ts @@ -30,7 +30,7 @@ router.patch("/", route({ body: "MemberChangeSchema" }), async (req: Request, re permission.hasThrow("MANAGE_ROLES"); const everyone = await Role.findOneOrFail({ guild_id: guild_id, name: "@everyone", position: 0 }); - body.roles.push(everyone?.id); + if (body.roles.indexOf(everyone.id) === -1) body.roles.push(everyone.id); member.roles = body.roles.map((x) => new Role({ id: x })); // foreign key constraint will fail if role doesn't exist } -- cgit 1.5.1 From 0bb00e044b736596a48a609c575786d557b26f59 Mon Sep 17 00:00:00 2001 From: Nobody Date: Tue, 8 Mar 2022 09:36:21 -0300 Subject: fix(api): don't send @everyone in route response The response of `PATCH /guilds/{guild.id}/members/{user.id}` should not include "@everyone" role --- api/src/routes/guilds/#guild_id/members/#member_id/index.ts | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'api/src') diff --git a/api/src/routes/guilds/#guild_id/members/#member_id/index.ts b/api/src/routes/guilds/#guild_id/members/#member_id/index.ts index 3234a405..34836292 100644 --- a/api/src/routes/guilds/#guild_id/members/#member_id/index.ts +++ b/api/src/routes/guilds/#guild_id/members/#member_id/index.ts @@ -25,16 +25,19 @@ router.patch("/", route({ body: "MemberChangeSchema" }), async (req: Request, re const member = await Member.findOneOrFail({ where: { id: member_id, guild_id }, relations: ["roles", "user"] }); const permission = await getPermission(req.user_id, guild_id); + const everyone = await Role.findOneOrFail({ guild_id: guild_id, name: "@everyone", position: 0 }); if (body.roles) { permission.hasThrow("MANAGE_ROLES"); - const everyone = await Role.findOneOrFail({ guild_id: guild_id, name: "@everyone", position: 0 }); if (body.roles.indexOf(everyone.id) === -1) body.roles.push(everyone.id); member.roles = body.roles.map((x) => new Role({ id: x })); // foreign key constraint will fail if role doesn't exist } await member.save(); + + member.roles = member.roles.filter((x) => x.id !== everyone.id); + // do not use promise.all as we have to first write to db before emitting the event to catch errors await emitEvent({ event: "GUILD_MEMBER_UPDATE", -- cgit 1.5.1 From 4adf6602deb67c4d2b613d4a3787d2c5eca9da0c Mon Sep 17 00:00:00 2001 From: RealMANI <96433859+ImAaronFR@users.noreply.github.com> Date: Tue, 8 Mar 2022 01:27:32 +0330 Subject: Temporary notes fix Temporary fix for getting stuck on loading user note. //TODO --- api/src/routes/users/@me/notes.ts | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'api/src') diff --git a/api/src/routes/users/@me/notes.ts b/api/src/routes/users/@me/notes.ts index 2ef27bc0..96067bf5 100644 --- a/api/src/routes/users/@me/notes.ts +++ b/api/src/routes/users/@me/notes.ts @@ -6,9 +6,9 @@ const router: Router = Router(); router.put("/:id", route({}), async (req: Request, res: Response) => { //TODO res.json({ - message: "400: Bad Request", - code: 0 - }).status(400); + message: "Unknown User", + code: 10013 + }).status(404); }); export default router; -- cgit 1.5.1 From 64f0b1f1a16c89c7f47facf2d0a73400e377cbe2 Mon Sep 17 00:00:00 2001 From: Nobody Date: Wed, 9 Mar 2022 06:04:50 -0300 Subject: fix(api): working replies in dm channels --- api/src/util/handlers/Message.ts | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'api/src') diff --git a/api/src/util/handlers/Message.ts b/api/src/util/handlers/Message.ts index 21664368..2d9f7032 100644 --- a/api/src/util/handlers/Message.ts +++ b/api/src/util/handlers/Message.ts @@ -82,10 +82,12 @@ export async function handleMessage(opts: MessageOptions): Promise { if (opts.message_reference) { permission.hasThrow("READ_MESSAGE_HISTORY"); // code below has to be redone when we add custom message routing and cross-channel replies - const guild = await Guild.findOneOrFail({ id: channel.guild_id }); - if (!guild.features.includes("CROSS_CHANNEL_REPLIES")) { - if (opts.message_reference.guild_id !== channel.guild_id) throw new HTTPError("You can only reference messages from this guild"); - if (opts.message_reference.channel_id !== opts.channel_id) throw new HTTPError("You can only reference messages from this channel"); + if (message.guild_id !== null) { + const guild = await Guild.findOneOrFail({ id: channel.guild_id }); + if (!guild.features.includes("CROSS_CHANNEL_REPLIES")) { + if (opts.message_reference.guild_id !== channel.guild_id) throw new HTTPError("You can only reference messages from this guild"); + if (opts.message_reference.channel_id !== opts.channel_id) throw new HTTPError("You can only reference messages from this channel"); + } } // TODO: should be checked if the referenced message exists? // @ts-ignore -- cgit 1.5.1 From 134d746ebf41fe0682d8525b20c10bf8bcde25f8 Mon Sep 17 00:00:00 2001 From: Nobody <17956512+n0bodysec@users.noreply.github.com> Date: Wed, 9 Mar 2022 11:35:19 -0300 Subject: fix(api): add vanity urls creation/update (#665) * fix(api): add vanity urls creation/update * refactor(api): multiple vanity urls Old vanty urls will not be updated, instead a new one will be created. * feat(api): add ALIASABLE_NAMES feature Reference: https://github.com/fosscord/fosscord-server/issues/407 --- api/src/routes/guilds/#guild_id/vanity-url.ts | 33 +++++++++++++++++++++++---- 1 file changed, 28 insertions(+), 5 deletions(-) (limited to 'api/src') diff --git a/api/src/routes/guilds/#guild_id/vanity-url.ts b/api/src/routes/guilds/#guild_id/vanity-url.ts index 63173345..29cd25e2 100644 --- a/api/src/routes/guilds/#guild_id/vanity-url.ts +++ b/api/src/routes/guilds/#guild_id/vanity-url.ts @@ -9,11 +9,19 @@ const InviteRegex = /\W/g; router.get("/", route({ permission: "MANAGE_GUILD" }), async (req: Request, res: Response) => { const { guild_id } = req.params; + const guild = await Guild.findOneOrFail({ id: guild_id }); - const invite = await Invite.findOne({ where: { guild_id: guild_id, vanity_url: true } }); - if (!invite) return res.json({ code: null }); + if (!guild.features.includes("ALIASABLE_NAMES")) { + const invite = await Invite.findOne({ where: { guild_id: guild_id, vanity_url: true } }); + if (!invite) return res.json({ code: null }); - return res.json({ code: invite.code, uses: invite.uses }); + return res.json({ code: invite.code, uses: invite.uses }); + } else { + const invite = await Invite.find({ where: { guild_id: guild_id, vanity_url: true } }); + if (!invite || invite.length == 0) return res.json({ code: null }); + + return res.json(invite.map((x) => ({ code: x.code, uses: x.uses }))); + } }); export interface VanityUrlSchema { @@ -24,18 +32,33 @@ export interface VanityUrlSchema { code?: string; } -// TODO: check if guild is elgible for vanity url router.patch("/", route({ body: "VanityUrlSchema", permission: "MANAGE_GUILD" }), async (req: Request, res: Response) => { const { guild_id } = req.params; const body = req.body as VanityUrlSchema; const code = body.code?.replace(InviteRegex, ""); + const guild = await Guild.findOneOrFail({ id: guild_id }); + if (!guild.features.includes("VANITY_URL")) throw new HTTPError("Your guild doesn't support vanity urls"); + + if (!code || code.length === 0) throw new HTTPError("Code cannot be null or empty"); + const invite = await Invite.findOne({ code }); if (invite) throw new HTTPError("Invite already exists"); const { id } = await Channel.findOneOrFail({ guild_id, type: ChannelType.GUILD_TEXT }); - await Invite.update({ vanity_url: true, guild_id }, { code: code, channel_id: id }); + await new Invite({ + vanity_url: true, + code: code, + temporary: false, + uses: 0, + max_uses: 0, + max_age: 0, + created_at: new Date(), + expires_at: new Date(), + guild_id: guild_id, + channel_id: id + }).save(); return res.json({ code: code }); }); -- cgit 1.5.1