summary refs log tree commit diff
path: root/src/api/routes/guilds/#guild_id/members/#member_id/index.ts
blob: d785eb00ef3cc808bd8a91109fcbb914406df7c7 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
import { Request, Response, Router } from "express";
import { Member, getPermission, getRights, Role, GuildMemberUpdateEvent, emitEvent, Sticker, Emoji, Rights, Guild } from "@fosscord/util";
import { HTTPError } from "lambert-server";
import { route } from "@fosscord/api";

const router = Router();

export interface MemberChangeSchema {
	roles?: string[];
	nick?: string;
}

router.get("/", route({}), async (req: Request, res: Response) => {
	const { guild_id, member_id } = req.params;
	await Member.IsInGuildOrFail(req.user_id, guild_id);

	const member = await Member.findOneOrFail({ where: { id: member_id, guild_id } });

	return res.json(member);
});

router.patch("/", route({ body: "MemberChangeSchema" }), async (req: Request, res: Response) => {
	let { guild_id, member_id } = req.params;
	if (member_id === "@me") member_id = req.user_id;
	const body = req.body as MemberChangeSchema;

	const member = await Member.findOneOrFail({ where: { id: member_id, guild_id }, relations: ["roles", "user"] });
	const permission = await getPermission(req.user_id, guild_id);
	const everyone = await Role.findOneOrFail({ where: { guild_id: guild_id, name: "@everyone", position: 0 } });

	if (body.roles) {
		permission.hasThrow("MANAGE_ROLES");

		if (body.roles.indexOf(everyone.id) === -1) body.roles.push(everyone.id);
		member.roles = body.roles.map((x) => Role.create({ id: x })); // foreign key constraint will fail if role doesn't exist
	}

	if ('nick' in body) {
		permission.hasThrow(req.user_id == member.user.id ? "CHANGE_NICKNAME" : "MANAGE_NICKNAMES");
		member.nick = body.nick?.trim() || undefined;
	}

	await member.save();

	member.roles = member.roles.filter((x) => x.id !== everyone.id);

	// do not use promise.all as we have to first write to db before emitting the event to catch errors
	await emitEvent({
		event: "GUILD_MEMBER_UPDATE",
		guild_id,
		data: { ...member, roles: member.roles.map((x) => x.id) }
	} as GuildMemberUpdateEvent);

	res.json(member);
});

router.put("/", route({}), async (req: Request, res: Response) => {

	// TODO: Lurker mode

	const rights = await getRights(req.user_id);

	let { guild_id, member_id } = req.params;
	if (member_id === "@me") {
		member_id = req.user_id;
		rights.hasThrow("JOIN_GUILDS");
	} else {
		// TODO: join others by controller	
	}

	var guild = await Guild.findOneOrFail({
		where: { id: guild_id }
	});

	var emoji = await Emoji.find({
		where: { guild_id: guild_id }
	});

	var roles = await Role.find({
		where: { guild_id: guild_id }
	});

	var stickers = await Sticker.find({
		where: { guild_id: guild_id }
	});

	await Member.addToGuild(member_id, guild_id);
	res.send({ ...guild, emojis: emoji, roles: roles, stickers: stickers });
});

router.delete("/", route({}), async (req: Request, res: Response) => {
	const permission = await getPermission(req.user_id);
	const rights = await getRights(req.user_id);
	const { guild_id, member_id } = req.params;
	if (member_id !== "@me" || member_id === req.user_id) {
		// TODO: unless force-joined
		rights.hasThrow("SELF_LEAVE_GROUPS");
	} else {
		rights.hasThrow("KICK_BAN_MEMBERS");
		permission.hasThrow("KICK_MEMBERS");
	}

	await Member.removeFromGuild(member_id, guild_id);
	res.sendStatus(204);
});

export default router;