diff --git a/api/src/routes/guilds/#guild_id/index.ts b/api/src/routes/guilds/#guild_id/index.ts
index 6f55be3b..80b5c609 100644
--- a/api/src/routes/guilds/#guild_id/index.ts
+++ b/api/src/routes/guilds/#guild_id/index.ts
@@ -14,8 +14,8 @@ router.get("/", async (req: Request, res: Response) => {
const [guild, member_count, member] = await Promise.all([
Guild.findOneOrFail({ id: guild_id }),
- Member.count({ guild: { id: guild_id }, id: req.user_id }),
- Member.findOneOrFail({ id: req.user_id })
+ Member.count({ guild_id: guild_id, user_id: req.user_id }),
+ Member.findOneOrFail({ user_id: req.user_id })
]);
if (!member_count) throw new HTTPError("You are not a member of the guild you are trying to access", 401);
diff --git a/api/src/routes/guilds/#guild_id/members/#member_id/index.ts b/api/src/routes/guilds/#guild_id/members/#member_id/index.ts
index d9ce91c0..733a64c4 100644
--- a/api/src/routes/guilds/#guild_id/members/#member_id/index.ts
+++ b/api/src/routes/guilds/#guild_id/members/#member_id/index.ts
@@ -21,7 +21,7 @@ router.get("/", async (req: Request, res: Response) => {
const { guild_id, member_id } = req.params;
await Member.IsInGuildOrFail(req.user_id, guild_id);
- const member = await Member.findOneOrFail({ id: member_id, guild_id });
+ const member = await Member.findOneOrFail({ user_id: member_id, guild_id });
return res.json(member);
});
@@ -29,13 +29,17 @@ router.get("/", async (req: Request, res: Response) => {
router.patch("/", check(MemberChangeSchema), async (req: Request, res: Response) => {
const { guild_id, member_id } = req.params;
const body = req.body as MemberChangeSchema;
+
+ const permission = await getPermission(req.user_id, guild_id);
+
if (body.roles) {
const roles = await Role.find({ id: In(body.roles) });
if (body.roles.length !== roles.length) throw new HTTPError("Roles not found", 404);
- // TODO: check if user has permission to add role
+
+ permission.hasThrow("MANAGE_ROLES");
}
- const member = await Member.findOneOrFail({ id: member_id, guild_id });
+ const member = await Member.findOneOrFail({ user_id: member_id, guild_id });
member.assign(req.body);
Promise.all([
diff --git a/api/src/routes/guilds/#guild_id/widget.json.ts b/api/src/routes/guilds/#guild_id/widget.json.ts
index ae1f0599..193ed095 100644
--- a/api/src/routes/guilds/#guild_id/widget.json.ts
+++ b/api/src/routes/guilds/#guild_id/widget.json.ts
@@ -63,7 +63,7 @@ router.get("/", async (req: Request, res: Response) => {
// Fetch members
// TODO: Understand how Discord's max 100 random member sample works, and apply to here (see top of this file)
- let members = await Member.find({ where: { guild_id: guild_id } });
+ let members = await Member.find({ guild_id: guild_id });
// Construct object to respond with
const data = {
diff --git a/api/src/routes/guilds/index.ts b/api/src/routes/guilds/index.ts
index a54b83ba..92525317 100644
--- a/api/src/routes/guilds/index.ts
+++ b/api/src/routes/guilds/index.ts
@@ -13,7 +13,7 @@ router.post("/", check(GuildCreateSchema), async (req: Request, res: Response) =
const body = req.body as GuildCreateSchema;
const { maxGuilds } = Config.get().limits.user;
- const guild_count = await Member.count({ id: req.user_id });
+ const guild_count = await Member.count({ user_id: req.user_id });
if (guild_count >= maxGuilds) {
throw DiscordApiErrors.MAXIMUM_GUILDS.withParams(maxGuilds);
}
diff --git a/api/src/routes/guilds/templates/index.ts b/api/src/routes/guilds/templates/index.ts
index 3a619278..16b65c65 100644
--- a/api/src/routes/guilds/templates/index.ts
+++ b/api/src/routes/guilds/templates/index.ts
@@ -20,7 +20,7 @@ router.post("/:code", check(GuildTemplateCreateSchema), async (req: Request, res
const { maxGuilds } = Config.get().limits.user;
- const guild_count = await Member.count({ id: req.user_id });
+ const guild_count = await Member.count({ user_id: req.user_id });
if (guild_count >= maxGuilds) {
throw DiscordApiErrors.MAXIMUM_GUILDS.withParams(maxGuilds);
}
|
