From 9b9e6cfa9d9911d09cde0026a62087d9976f1a2c Mon Sep 17 00:00:00 2001
From: Thesourtimes <cckhmck@gmail.com>
Date: Sun, 5 Dec 2021 21:53:23 +0300
Subject: Make INTERNAL_EMPLOYEE_ONLY functional

---
 api/src/routes/invites/index.ts | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'api/src')

diff --git a/api/src/routes/invites/index.ts b/api/src/routes/invites/index.ts
index 185311bc..c327a63e 100644
--- a/api/src/routes/invites/index.ts
+++ b/api/src/routes/invites/index.ts
@@ -1,5 +1,5 @@
 import { Router, Request, Response } from "express";
-import { emitEvent, getPermission, Guild, Invite, InviteDeleteEvent, Member, PublicInviteRelation } from "@fosscord/util";
+import { emitEvent, getPermission, Guild, Invite, InviteDeleteEvent, User, PublicInviteRelation } from "@fosscord/util";
 import { route } from "@fosscord/api";
 import { HTTPError } from "lambert-server";
 
@@ -15,6 +15,11 @@ router.get("/:code", route({}), async (req: Request, res: Response) => {
 
 router.post("/:code", route({}), async (req: Request, res: Response) => {
 	const { code } = req.params;
+	const { features } = await Guild.findOneOrFail({where: { code }});
+	const { public_flags } = await User.findOneOrFail({ id: req.user_id });
+	
+	if(features.includes("INTERNAL_EMPLOYEE_ONLY") && (public_flags & 1) !== 1) throw new HTTPError("You are not allowed to join this guild.", 401)
+	
 	const invite = await Invite.joinGuild(req.user_id, code);
 
 	res.json(invite);
-- 
cgit 1.4.1