diff --git a/api/src/routes/guilds/#guild_id/bans.ts b/api/src/routes/guilds/#guild_id/bans.ts
new file mode 100644
index 00000000..d9752f61
--- /dev/null
+++ b/api/src/routes/guilds/#guild_id/bans.ts
@@ -0,0 +1,90 @@
+import { Request, Response, Router } from "express";
+import { BanModel, getPermission, GuildBanAddEvent, GuildBanRemoveEvent, GuildModel, toObject } from "@fosscord/server-util";
+import { HTTPError } from "lambert-server";
+import { getIpAdress } from "../../../util/ipAddress";
+import { BanCreateSchema } from "../../../schema/Ban";
+import { emitEvent } from "../../../util/Event";
+import { check } from "../../../util/instanceOf";
+import { removeMember } from "../../../util/Member";
+import { getPublicUser } from "../../../util/User";
+
+const router: Router = Router();
+
+router.get("/", async (req: Request, res: Response) => {
+ const { guild_id } = req.params;
+
+ const guild = await GuildModel.exists({ id: guild_id });
+ if (!guild) throw new HTTPError("Guild not found", 404);
+
+ var bans = await BanModel.find({ guild_id: guild_id }, { user_id: true, reason: true }).exec();
+ return res.json(toObject(bans));
+});
+
+router.get("/:user", async (req: Request, res: Response) => {
+ const { guild_id } = req.params;
+ const user_id = req.params.ban;
+
+ var ban = await BanModel.findOne({ guild_id: guild_id, user_id: user_id }).exec();
+ return res.json(ban);
+});
+
+router.put("/:user_id", check(BanCreateSchema), async (req: Request, res: Response) => {
+ const { guild_id } = req.params;
+ const banned_user_id = req.params.user_id;
+
+ const banned_user = await getPublicUser(banned_user_id);
+ const perms = await getPermission(req.user_id, guild_id);
+ perms.hasThrow("BAN_MEMBERS");
+ if (req.user_id === banned_user_id) throw new HTTPError("You can't ban yourself", 400);
+
+ await removeMember(banned_user_id, guild_id);
+
+ const ban = await new BanModel({
+ user_id: banned_user_id,
+ guild_id: guild_id,
+ ip: getIpAdress(req),
+ executor_id: req.user_id,
+ reason: req.body.reason // || otherwise empty
+ }).save();
+
+ await emitEvent({
+ event: "GUILD_BAN_ADD",
+ data: {
+ guild_id: guild_id,
+ user: banned_user
+ },
+ guild_id: guild_id
+ } as GuildBanAddEvent);
+
+ return res.json(toObject(ban));
+});
+
+router.delete("/:user_id", async (req: Request, res: Response) => {
+ var { guild_id } = req.params;
+ var banned_user_id = req.params.user_id;
+
+ const banned_user = await getPublicUser(banned_user_id);
+ const guild = await GuildModel.exists({ id: guild_id });
+ if (!guild) throw new HTTPError("Guild not found", 404);
+
+ const perms = await getPermission(req.user_id, guild_id);
+ perms.hasThrow("BAN_MEMBERS");
+
+ await BanModel.deleteOne({
+ user_id: banned_user_id,
+ guild_id
+ }).exec();
+
+ await emitEvent({
+ event: "GUILD_BAN_REMOVE",
+ data: {
+ guild_id,
+ user: banned_user
+ },
+ guild_id
+ } as GuildBanRemoveEvent);
+
+ return res.status(204).send();
+});
+
+export default router;
diff --git a/api/src/routes/guilds/#guild_id/channels.ts b/api/src/routes/guilds/#guild_id/channels.ts
new file mode 100644
index 00000000..52361f5e
--- /dev/null
+++ b/api/src/routes/guilds/#guild_id/channels.ts
@@ -0,0 +1,73 @@
+import { Router, Response, Request } from "express";
+import {
+ ChannelCreateEvent,
+ ChannelModel,
+ ChannelType,
+ GuildModel,
+ Snowflake,
+ toObject,
+ ChannelUpdateEvent,
+ AnyChannel,
+ getPermission
+} from "@fosscord/server-util";
+import { HTTPError } from "lambert-server";
+import { ChannelModifySchema } from "../../../schema/Channel";
+import { emitEvent } from "../../../util/Event";
+import { check } from "../../../util/instanceOf";
+import { createChannel } from "../../../util/Channel";
+const router = Router();
+
+router.get("/", async (req: Request, res: Response) => {
+ const { guild_id } = req.params;
+ const channels = await ChannelModel.find({ guild_id }).exec();
+
+ res.json(toObject(channels));
+});
+
+// TODO: check if channel type is permitted
+// TODO: check if parent_id exists
+
+router.post("/", check(ChannelModifySchema), async (req: Request, res: Response) => {
+ // creates a new guild channel https://discord.com/developers/docs/resources/guild#create-guild-channel
+ const { guild_id } = req.params;
+ const body = req.body as ChannelModifySchema;
+
+ const channel = await createChannel({ ...body, guild_id }, req.user_id);
+
+ res.json(toObject(channel));
+});
+
+// TODO: check if parent_id exists
+router.patch(
+ "/",
+ check([{ id: String, $position: Number, $lock_permissions: Boolean, $parent_id: String }]),
+ async (req: Request, res: Response) => {
+ // changes guild channel position
+ const { guild_id } = req.params;
+ const body = req.body as { id: string; position?: number; lock_permissions?: boolean; parent_id?: string };
+ body.position = Math.floor(body.position || 0);
+ if (!body.position && !body.parent_id) throw new HTTPError(`You need to at least specify position or parent_id`, 400);
+
+ const permission = await getPermission(req.user_id, guild_id);
+ permission.hasThrow("MANAGE_CHANNELS");
+
+ const opts: any = {};
+ if (body.position) opts.position = body.position;
+
+ if (body.parent_id) {
+ opts.parent_id = body.parent_id;
+ const parent_channel = await ChannelModel.findOne({ id: body.parent_id, guild_id }, { permission_overwrites: true }).exec();
+ if (body.lock_permissions) {
+ opts.permission_overwrites = parent_channel.permission_overwrites;
+ }
+ }
+
+ const channel = await ChannelModel.findOneAndUpdate({ id: req.body, guild_id }, opts).exec();
+
+ await emitEvent({ event: "CHANNEL_UPDATE", data: channel, channel_id: body.id, guild_id } as ChannelUpdateEvent);
+
+ res.json(toObject(channel));
+ }
+);
+
+export default router;
diff --git a/api/src/routes/guilds/#guild_id/delete.ts b/api/src/routes/guilds/#guild_id/delete.ts
new file mode 100644
index 00000000..6cca289e
--- /dev/null
+++ b/api/src/routes/guilds/#guild_id/delete.ts
@@ -0,0 +1,48 @@
+import {
+ ChannelModel,
+ EmojiModel,
+ GuildDeleteEvent,
+ GuildModel,
+ InviteModel,
+ MemberModel,
+ MessageModel,
+ RoleModel,
+ UserModel
+} from "@fosscord/server-util";
+import { Router, Request, Response } from "express";
+import { HTTPError } from "lambert-server";
+import { emitEvent } from "../../../util/Event";
+
+const router = Router();
+
+// discord prefixes this route with /delete instead of using the delete method
+// docs are wrong https://discord.com/developers/docs/resources/guild#delete-guild
+router.post("/", async (req: Request, res: Response) => {
+ var { guild_id } = req.params;
+
+ const guild = await GuildModel.findOne({ id: guild_id }, "owner_id").exec();
+ if (guild.owner_id !== req.user_id) throw new HTTPError("You are not the owner of this guild", 401);
+
+ await emitEvent({
+ event: "GUILD_DELETE",
+ data: {
+ id: guild_id
+ },
+ guild_id: guild_id
+ } as GuildDeleteEvent);
+
+ await Promise.all([
+ GuildModel.deleteOne({ id: guild_id }).exec(),
+ UserModel.updateMany({ guilds: guild_id }, { $pull: { guilds: guild_id } }).exec(),
+ RoleModel.deleteMany({ guild_id }).exec(),
+ ChannelModel.deleteMany({ guild_id }).exec(),
+ EmojiModel.deleteMany({ guild_id }).exec(),
+ InviteModel.deleteMany({ guild_id }).exec(),
+ MessageModel.deleteMany({ guild_id }).exec(),
+ MemberModel.deleteMany({ guild_id }).exec()
+ ]);
+
+ return res.sendStatus(204);
+});
+
+export default router;
diff --git a/api/src/routes/guilds/#guild_id/index.ts b/api/src/routes/guilds/#guild_id/index.ts
new file mode 100644
index 00000000..dc4ddb39
--- /dev/null
+++ b/api/src/routes/guilds/#guild_id/index.ts
@@ -0,0 +1,61 @@
+import { Request, Response, Router } from "express";
+import {
+ ChannelModel,
+ EmojiModel,
+ getPermission,
+ GuildDeleteEvent,
+ GuildModel,
+ GuildUpdateEvent,
+ InviteModel,
+ MemberModel,
+ MessageModel,
+ RoleModel,
+ toObject,
+ UserModel
+} from "@fosscord/server-util";
+import { HTTPError } from "lambert-server";
+import { GuildUpdateSchema } from "../../../schema/Guild";
+import { emitEvent } from "../../../util/Event";
+import { check } from "../../../util/instanceOf";
+import { handleFile } from "../../../util/cdn";
+import "missing-native-js-functions";
+
+const router = Router();
+
+router.get("/", async (req: Request, res: Response) => {
+ const { guild_id } = req.params;
+
+ const guild = await GuildModel.findOne({ id: guild_id })
+ .populate({ path: "joined_at", match: { id: req.user_id } })
+ .exec();
+
+ const member = await MemberModel.exists({ guild_id: guild_id, id: req.user_id });
+ if (!member) throw new HTTPError("You are not a member of the guild you are trying to access", 401);
+
+ return res.json(guild);
+});
+
+router.patch("/", check(GuildUpdateSchema), async (req: Request, res: Response) => {
+ const body = req.body as GuildUpdateSchema;
+ const { guild_id } = req.params;
+ // TODO: guild update check image
+
+ const perms = await getPermission(req.user_id, guild_id);
+ perms.hasThrow("MANAGE_GUILD");
+
+ if (body.icon) body.icon = await handleFile(`/icons/${guild_id}`, body.icon);
+ if (body.banner) body.banner = await handleFile(`/banners/${guild_id}`, body.banner);
+ if (body.splash) body.splash = await handleFile(`/splashes/${guild_id}`, body.splash);
+
+ const guild = await GuildModel.findOneAndUpdate({ id: guild_id }, body)
+ .populate({ path: "joined_at", match: { id: req.user_id } })
+ .exec();
+
+ const data = toObject(guild);
+
+ emitEvent({ event: "GUILD_UPDATE", data: data, guild_id } as GuildUpdateEvent);
+
+ return res.json(data);
+});
+
+export default router;
diff --git a/api/src/routes/guilds/#guild_id/invites.ts b/api/src/routes/guilds/#guild_id/invites.ts
new file mode 100644
index 00000000..1894ec96
--- /dev/null
+++ b/api/src/routes/guilds/#guild_id/invites.ts
@@ -0,0 +1,17 @@
+import { getPermission, InviteModel, toObject } from "@fosscord/server-util";
+import { Request, Response, Router } from "express";
+
+const router = Router();
+
+router.get("/", async (req: Request, res: Response) => {
+ const { guild_id } = req.params;
+
+ const permissions = await getPermission(req.user_id, guild_id);
+ permissions.hasThrow("MANAGE_GUILD");
+
+ const invites = await InviteModel.find({ guild_id }).exec();
+
+ return res.json(toObject(invites));
+});
+
+export default router;
diff --git a/api/src/routes/guilds/#guild_id/members/#member_id/index.ts b/api/src/routes/guilds/#guild_id/members/#member_id/index.ts
new file mode 100644
index 00000000..9a1676e6
--- /dev/null
+++ b/api/src/routes/guilds/#guild_id/members/#member_id/index.ts
@@ -0,0 +1,69 @@
+import { Request, Response, Router } from "express";
+import {
+ GuildModel,
+ MemberModel,
+ UserModel,
+ toObject,
+ GuildMemberAddEvent,
+ getPermission,
+ PermissionResolvable,
+ RoleModel,
+ GuildMemberUpdateEvent
+} from "@fosscord/server-util";
+import { HTTPError } from "lambert-server";
+import { addMember, isMember, removeMember } from "../../../../../util/Member";
+import { check } from "../../../../../util/instanceOf";
+import { MemberChangeSchema } from "../../../../../schema/Member";
+import { emitEvent } from "../../../../../util/Event";
+
+const router = Router();
+
+router.get("/", async (req: Request, res: Response) => {
+ const { guild_id, member_id } = req.params;
+ await isMember(req.user_id, guild_id);
+
+ const member = await MemberModel.findOne({ id: member_id, guild_id }).exec();
+
+ return res.json(toObject(member));
+});
+
+router.patch("/", check(MemberChangeSchema), async (req: Request, res: Response) => {
+ const { guild_id, member_id } = req.params;
+ const body = req.body as MemberChangeSchema;
+ if (body.roles) {
+ const roles = await RoleModel.find({ id: { $in: body.roles } }).exec();
+ if (body.roles.length !== roles.length) throw new HTTPError("Roles not found", 404);
+ // TODO: check if user has permission to add role
+ }
+
+ const member = await MemberModel.findOneAndUpdate({ id: member_id, guild_id }, body).exec();
+
+ await emitEvent({
+ event: "GUILD_MEMBER_UPDATE",
+ guild_id,
+ data: toObject(member)
+ } as GuildMemberUpdateEvent);
+
+ res.json(toObject(member));
+});
+
+router.put("/", async (req: Request, res: Response) => {
+ const { guild_id, member_id } = req.params;
+
+ throw new HTTPError("Maintenance: Currently you can't add a member", 403);
+ // TODO: only for oauth2 applications
+ await addMember(member_id, guild_id);
+ res.sendStatus(204);
+});
+
+router.delete("/", async (req: Request, res: Response) => {
+ const { guild_id, member_id } = req.params;
+
+ const perms = await getPermission(req.user_id, guild_id);
+ perms.hasThrow("KICK_MEMBERS");
+
+ await removeMember(member_id, guild_id);
+ res.sendStatus(204);
+});
+
+export default router;
diff --git a/api/src/routes/guilds/#guild_id/members/#member_id/nick.ts b/api/src/routes/guilds/#guild_id/members/#member_id/nick.ts
new file mode 100644
index 00000000..9078409d
--- /dev/null
+++ b/api/src/routes/guilds/#guild_id/members/#member_id/nick.ts
@@ -0,0 +1,24 @@
+import { getPermission, PermissionResolvable } from "@fosscord/server-util";
+import { Request, Response, Router } from "express";
+import { check } from "lambert-server";
+import { MemberNickChangeSchema } from "../../../../../schema/Member";
+import { changeNickname } from "../../../../../util/Member";
+
+const router = Router();
+
+router.patch("/", check(MemberNickChangeSchema), async (req: Request, res: Response) => {
+ var { guild_id, member_id } = req.params;
+ var permissionString: PermissionResolvable = "MANAGE_NICKNAMES";
+ if (member_id === "@me") {
+ member_id = req.user_id;
+ permissionString = "CHANGE_NICKNAME";
+ }
+
+ const perms = await getPermission(req.user_id, guild_id);
+ perms.hasThrow(permissionString);
+
+ await changeNickname(member_id, guild_id, req.body.nickname);
+ res.status(204);
+});
+
+export default router;
diff --git a/api/src/routes/guilds/#guild_id/members/#member_id/roles/#role_id/index.ts b/api/src/routes/guilds/#guild_id/members/#member_id/roles/#role_id/index.ts
new file mode 100644
index 00000000..b7a43c74
--- /dev/null
+++ b/api/src/routes/guilds/#guild_id/members/#member_id/roles/#role_id/index.ts
@@ -0,0 +1,27 @@
+import { getPermission } from "@fosscord/server-util";
+import { Request, Response, Router } from "express";
+import { addRole, removeRole } from "../../../../../../../util/Member";
+
+const router = Router();
+
+router.delete("/:member_id/roles/:role_id", async (req: Request, res: Response) => {
+ const { guild_id, role_id, member_id } = req.params;
+
+ const perms = await getPermission(req.user_id, guild_id);
+ perms.hasThrow("MANAGE_ROLES");
+
+ await removeRole(member_id, guild_id, role_id);
+ res.sendStatus(204);
+});
+
+router.put("/:member_id/roles/:role_id", async (req: Request, res: Response) => {
+ const { guild_id, role_id, member_id } = req.params;
+
+ const perms = await getPermission(req.user_id, guild_id);
+ perms.hasThrow("MANAGE_ROLES");
+
+ await addRole(member_id, guild_id, role_id);
+ res.sendStatus(204);
+});
+
+export default router;
diff --git a/api/src/routes/guilds/#guild_id/members/index.ts b/api/src/routes/guilds/#guild_id/members/index.ts
new file mode 100644
index 00000000..a157d8f5
--- /dev/null
+++ b/api/src/routes/guilds/#guild_id/members/index.ts
@@ -0,0 +1,38 @@
+import { Request, Response, Router } from "express";
+import { GuildModel, MemberModel, toObject } from "@fosscord/server-util";
+import { HTTPError } from "lambert-server";
+import { instanceOf, Length } from "../../../../util/instanceOf";
+import { PublicMemberProjection, isMember } from "../../../../util/Member";
+
+const router = Router();
+
+// TODO: not allowed for user -> only allowed for bots with privileged intents
+// TODO: send over websocket
+router.get("/", async (req: Request, res: Response) => {
+ const { guild_id } = req.params;
+ const guild = await GuildModel.findOne({ id: guild_id }).exec();
+ await isMember(req.user_id, guild_id);
+
+ try {
+ instanceOf({ $limit: new Length(Number, 1, 1000), $after: String }, req.query, {
+ path: "query",
+ req,
+ ref: { obj: null, key: "" }
+ });
+ } catch (error) {
+ return res.status(400).json({ code: 50035, message: "Invalid Query", success: false, errors: error });
+ }
+
+ // @ts-ignore
+ if (!req.query.limit) req.query.limit = 1;
+ const { limit, after } = (<unknown>req.query) as { limit: number; after: string };
+ const query = after ? { id: { $gt: after } } : {};
+
+ var members = await MemberModel.find({ guild_id, ...query }, PublicMemberProjection)
+ .limit(limit)
+ .exec();
+
+ return res.json(toObject(members));
+});
+
+export default router;
diff --git a/api/src/routes/guilds/#guild_id/regions.ts b/api/src/routes/guilds/#guild_id/regions.ts
new file mode 100644
index 00000000..3a46d766
--- /dev/null
+++ b/api/src/routes/guilds/#guild_id/regions.ts
@@ -0,0 +1,10 @@
+import { Config } from "@fosscord/server-util";
+import { Request, Response, Router } from "express";
+
+const router = Router();
+
+router.get("/", async (req: Request, res: Response) => {
+ return res.json(Config.get().regions.available);
+});
+
+export default router;
\ No newline at end of file
diff --git a/api/src/routes/guilds/#guild_id/roles.ts b/api/src/routes/guilds/#guild_id/roles.ts
new file mode 100644
index 00000000..77206a0f
--- /dev/null
+++ b/api/src/routes/guilds/#guild_id/roles.ts
@@ -0,0 +1,128 @@
+import { Request, Response, Router } from "express";
+import {
+ RoleModel,
+ GuildModel,
+ getPermission,
+ toObject,
+ UserModel,
+ Snowflake,
+ MemberModel,
+ GuildRoleCreateEvent,
+ GuildRoleUpdateEvent,
+ GuildRoleDeleteEvent
+} from "@fosscord/server-util";
+import { HTTPError } from "lambert-server";
+import { emitEvent } from "../../../util/Event";
+import { check } from "../../../util/instanceOf";
+import { RoleModifySchema } from "../../../schema/Roles";
+import { getPublicUser } from "../../../util/User";
+import { isMember } from "../../../util/Member";
+
+const router: Router = Router();
+
+router.get("/", async (req: Request, res: Response) => {
+ const guild_id = req.params.guild_id;
+
+ await isMember(req.user_id, guild_id);
+
+ const roles = await RoleModel.find({ guild_id: guild_id }).exec();
+
+ return res.json(toObject(roles));
+});
+
+router.post("/", check(RoleModifySchema), async (req: Request, res: Response) => {
+ const guild_id = req.params.guild_id;
+ const body = req.body as RoleModifySchema;
+
+ const guild = await GuildModel.findOne({ id: guild_id }, { id: true }).exec();
+ const user = await UserModel.findOne({ id: req.user_id }).exec();
+
+ const perms = await getPermission(req.user_id, guild_id);
+ perms.hasThrow("MANAGE_ROLES");
+ if (!body.name) throw new HTTPError("You need to specify a name");
+
+ const role = await new RoleModel({
+ ...body,
+ id: Snowflake.generate(),
+ guild_id: guild_id,
+ managed: false,
+ position: 0,
+ tags: null,
+ permissions: body.permissions || 0n
+ }).save();
+
+ await emitEvent({
+ event: "GUILD_ROLE_CREATE",
+ guild_id,
+ data: {
+ guild_id,
+ role: toObject(role)
+ }
+ } as GuildRoleCreateEvent);
+
+ res.json(toObject(role));
+});
+
+router.delete("/:role_id", async (req: Request, res: Response) => {
+ const guild_id = req.params.guild_id;
+ const { role_id } = req.params;
+
+ const guild = await GuildModel.findOne({ id: guild_id }, { id: true }).exec();
+ const user = await UserModel.findOne({ id: req.user_id }).exec();
+
+ const perms = await getPermission(req.user_id, guild_id);
+
+ if (!perms.has("MANAGE_ROLES")) throw new HTTPError("You missing the MANAGE_ROLES permission", 401);
+
+ await RoleModel.findOneAndDelete({
+ id: role_id,
+ guild_id: guild_id
+ }).exec();
+
+ await emitEvent({
+ event: "GUILD_ROLE_DELETE",
+ guild_id,
+ data: {
+ guild_id,
+ role_id
+ }
+ } as GuildRoleDeleteEvent);
+
+ res.sendStatus(204);
+});
+
+// TODO: check role hierarchy
+
+router.patch("/:role_id", check(RoleModifySchema), async (req: Request, res: Response) => {
+ const guild_id = req.params.guild_id;
+ const { role_id } = req.params;
+ const body = req.body as RoleModifySchema;
+
+ const guild = await GuildModel.findOne({ id: guild_id }, { id: true }).exec();
+ const user = await UserModel.findOne({ id: req.user_id }).exec();
+
+ const perms = await getPermission(req.user_id, guild_id);
+ perms.hasThrow("MANAGE_ROLES");
+
+ const role = await RoleModel.findOneAndUpdate(
+ {
+ id: role_id,
+ guild_id: guild_id
+ },
+ // @ts-ignore
+ body
+ ).exec();
+
+ await emitEvent({
+ event: "GUILD_ROLE_UPDATE",
+ guild_id,
+ data: {
+ guild_id,
+ role
+ }
+ } as GuildRoleUpdateEvent);
+
+ res.json(toObject(role));
+});
+
+export default router;
diff --git a/api/src/routes/guilds/#guild_id/templates.ts b/api/src/routes/guilds/#guild_id/templates.ts
new file mode 100644
index 00000000..8306ac37
--- /dev/null
+++ b/api/src/routes/guilds/#guild_id/templates.ts
@@ -0,0 +1,99 @@
+import { Request, Response, Router } from "express";
+import { TemplateModel, GuildModel, getPermission, toObject, UserModel, Snowflake } from "@fosscord/server-util";
+import { HTTPError } from "lambert-server";
+import { TemplateCreateSchema, TemplateModifySchema } from "../../../schema/Template";
+import { check } from "../../../util/instanceOf";
+import { generateCode } from "../../../util/String";
+
+const router: Router = Router();
+
+const TemplateGuildProjection = {
+ name: true,
+ description: true,
+ region: true,
+ verification_level: true,
+ default_message_notifications: true,
+ explicit_content_filter: true,
+ preferred_locale: true,
+ afk_timeout: true,
+ roles: true,
+ channels: true,
+ afk_channel_id: true,
+ system_channel_id: true,
+ system_channel_flags: true,
+ icon_hash: true
+};
+
+router.get("/", async (req: Request, res: Response) => {
+ const { guild_id } = req.params;
+
+ var templates = await TemplateModel.find({ source_guild_id: guild_id }).exec();
+
+ return res.json(toObject(templates));
+});
+
+router.post("/", check(TemplateCreateSchema), async (req: Request, res: Response) => {
+ const { guild_id } = req.params;
+ const guild = await GuildModel.findOne({ id: guild_id }, TemplateGuildProjection).exec();
+ const perms = await getPermission(req.user_id, guild_id);
+ perms.hasThrow("MANAGE_GUILD");
+
+ const exists = await TemplateModel.findOne({ id: guild_id })
+ .exec()
+ .catch((e) => {});
+ if (exists) throw new HTTPError("Template already exists", 400);
+
+ const template = await new TemplateModel({
+ ...req.body,
+ code: generateCode(),
+ creator_id: req.user_id,
+ created_at: new Date(),
+ updated_at: new Date(),
+ source_guild_id: guild_id,
+ serialized_source_guild: guild
+ }).save();
+
+ res.json(toObject(template)).send();
+});
+
+router.delete("/:code", async (req: Request, res: Response) => {
+ const guild_id = req.params.guild_id;
+ const { code } = req.params;
+
+ const perms = await getPermission(req.user_id, guild_id);
+ perms.hasThrow("MANAGE_GUILD");
+
+ const template = await TemplateModel.findOneAndDelete({
+ code
+ }).exec();
+
+ res.send(toObject(template));
+});
+
+router.put("/:code", async (req: Request, res: Response) => {
+ const guild_id = req.params.guild_id;
+ const { code } = req.params;
+
+ const guild = await GuildModel.findOne({ id: guild_id }, TemplateGuildProjection).exec();
+
+ const perms = await getPermission(req.user_id, guild_id);
+ perms.hasThrow("MANAGE_GUILD");
+
+ const template = await TemplateModel.findOneAndUpdate({ code }, { serialized_source_guild: guild }).exec();
+
+ res.json(toObject(template)).send();
+});
+
+router.patch("/:code", check(TemplateModifySchema), async (req: Request, res: Response) => {
+ const { guild_id } = req.params;
+ const { code } = req.params;
+
+ const perms = await getPermission(req.user_id, guild_id);
+ perms.hasThrow("MANAGE_GUILD");
+
+ const template = await TemplateModel.findOneAndUpdate({ code }, { name: req.body.name, description: req.body.description }).exec();
+
+ res.json(toObject(template)).send();
+});
+
+export default router;
diff --git a/api/src/routes/guilds/#guild_id/vanity-url.ts b/api/src/routes/guilds/#guild_id/vanity-url.ts
new file mode 100644
index 00000000..323b2647
--- /dev/null
+++ b/api/src/routes/guilds/#guild_id/vanity-url.ts
@@ -0,0 +1,45 @@
+import { getPermission, GuildModel, InviteModel, trimSpecial } from "@fosscord/server-util";
+import { Router, Request, Response } from "express";
+import { HTTPError } from "lambert-server";
+import { check, Length } from "../../../util/instanceOf";
+import { isMember } from "../../../util/Member";
+
+const router = Router();
+
+const InviteRegex = /\W/g;
+
+router.get("/", async (req: Request, res: Response) => {
+ const { guild_id } = req.params;
+
+ await isMember(req.user_id, guild_id);
+ const guild = await GuildModel.findOne({ id: guild_id }).exec();
+ if (!guild.vanity_url) throw new HTTPError("This guild has no vanity url", 204);
+
+ return res.json({ code: guild.vanity_url.code });
+});
+
+// TODO: check if guild is elgible for vanity url
+router.patch("/", check({ code: new Length(String, 0, 20) }), async (req: Request, res: Response) => {
+ const { guild_id } = req.params;
+ var code = req.body.code.replace(InviteRegex);
+ if (!code) code = null;
+
+ const permission = await getPermission(req.user_id, guild_id);
+ permission.hasThrow("MANAGE_GUILD");
+
+ const alreadyExists = await Promise.all([
+ GuildModel.findOne({ "vanity_url.code": code })
+ .exec()
+ .catch(() => null),
+ InviteModel.findOne({ code: code })
+ .exec()
+ .catch(() => null)
+ ]);
+ if (alreadyExists.some((x) => x)) throw new HTTPError("Vanity url already exists", 400);
+
+ await GuildModel.updateOne({ id: guild_id }, { "vanity_url.code": code }).exec();
+
+ return res.json({ code: code });
+});
+
+export default router;
diff --git a/api/src/routes/guilds/#guild_id/welcome_screen.ts b/api/src/routes/guilds/#guild_id/welcome_screen.ts
new file mode 100644
index 00000000..656a0ee0
--- /dev/null
+++ b/api/src/routes/guilds/#guild_id/welcome_screen.ts
@@ -0,0 +1,49 @@
+import { Request, Response, Router } from "express";
+import { GuildModel, getPermission, toObject, Snowflake } from "@fosscord/server-util";
+import { HTTPError } from "lambert-server";
+import { emitEvent } from "../../../util/Event";
+import { check } from "../../../util/instanceOf";
+import { isMember } from "../../../util/Member";
+import { GuildAddChannelToWelcomeScreenSchema } from "../../../schema/Guild";
+import { getPublicUser } from "../../../util/User";
+
+const router: Router = Router();
+
+router.get("/", async (req: Request, res: Response) => {
+ const guild_id = req.params.guild_id;
+
+ const guild = await GuildModel.findOne({ id: guild_id });
+
+ await isMember(req.user_id, guild_id);
+
+ res.json(toObject(guild.welcome_screen));
+});
+
+router.post("/", check(GuildAddChannelToWelcomeScreenSchema), async (req: Request, res: Response) => {
+ const guild_id = req.params.guild_id;
+ const body = req.body as GuildAddChannelToWelcomeScreenSchema;
+
+ const guild = await GuildModel.findOne({ id: guild_id }).exec();
+
+ var channelObject = {
+ ...body
+ };
+
+ const perms = await getPermission(req.user_id, guild_id);
+ perms.hasThrow("MANAGE_GUILD");
+
+ if (!guild.welcome_screen.enabled) throw new HTTPError("Welcome screen disabled", 400);
+ if (guild.welcome_screen.welcome_channels.some((channel) => channel.channel_id === body.channel_id))
+ throw new Error("Welcome Channel exists");
+
+ await GuildModel.findOneAndUpdate(
+ {
+ id: guild_id
+ },
+ { $push: { "welcome_screen.welcome_channels": channelObject } }
+ ).exec();
+
+ res.sendStatus(204);
+});
+
+export default router;
diff --git a/api/src/routes/guilds/#guild_id/widget.json.ts b/api/src/routes/guilds/#guild_id/widget.json.ts
new file mode 100644
index 00000000..6f777ab4
--- /dev/null
+++ b/api/src/routes/guilds/#guild_id/widget.json.ts
@@ -0,0 +1,139 @@
+import { Request, Response, Router } from "express";
+import { Config, Permissions, GuildModel, InviteModel, ChannelModel, MemberModel } from "@fosscord/server-util";
+import { HTTPError } from "lambert-server";
+import { random } from "../../../util/RandomInviteID";
+
+const router: Router = Router();
+
+// Undocumented API notes:
+// An invite is created for the widget_channel_id on request (only if an existing one created by the widget doesn't already exist)
+// This invite created doesn't include an inviter object like user created ones and has a default expiry of 24 hours
+// Missing user object information is intentional (https://github.com/discord/discord-api-docs/issues/1287)
+// channels returns voice channel objects where @everyone has the CONNECT permission
+// members (max 100 returned) is a sample of all members, and bots par invisible status, there exists some alphabetical distribution pattern between the members returned
+
+// https://discord.com/developers/docs/resources/guild#get-guild-widget
+// TODO: Cache the response for a guild for 5 minutes regardless of response
+router.get("/", async (req: Request, res: Response) => {
+ const { guild_id } = req.params;
+
+ const guild = await GuildModel.findOne({ id: guild_id }).exec();
+ if (!guild.widget_enabled) throw new HTTPError("Widget Disabled", 404);
+
+ // Fetch existing widget invite for widget channel
+ var invite = await InviteModel.findOne({ channel_id: guild.widget_channel_id, inviter_id: { $type: 10 } }).exec();
+ if (guild.widget_channel_id && !invite) {
+ // Create invite for channel if none exists
+ // TODO: Refactor invite create code to a shared function
+ const max_age = 86400; // 24 hours
+ const expires_at = new Date(max_age * 1000 + Date.now());
+ const body = {
+ code: random(),
+ temporary: false,
+ uses: 0,
+ max_uses: 0,
+ max_age: max_age,
+ expires_at,
+ created_at: new Date(),
+ guild_id,
+ channel_id: guild.widget_channel_id,
+ inviter_id: null
+ };
+
+ invite = await new InviteModel(body).save();
+ }
+
+ // Fetch voice channels, and the @everyone permissions object
+ let channels: any[] = [];
+ await ChannelModel.find({ guild_id: guild_id, type: 2 }, { permission_overwrites: { $elemMatch: { id: guild_id } } })
+ .lean()
+ .select("id name position permission_overwrites")
+ .sort({ position: 1 })
+ .cursor()
+ .eachAsync((doc) => {
+ // Only return channels where @everyone has the CONNECT permission
+ if (
+ doc.permission_overwrites === undefined ||
+ Permissions.channelPermission(doc.permission_overwrites, Permissions.FLAGS.CONNECT) === Permissions.FLAGS.CONNECT
+ ) {
+ channels.push({
+ id: doc.id,
+ name: doc.name,
+ position: doc.position
+ });
+ }
+ });
+
+ // Fetch members
+ // TODO: Understand how Discord's max 100 random member sample works, and apply to here (see top of this file)
+ let members: any[] = [];
+ await MemberModel.find({ guild_id: guild_id })
+ .lean()
+ .populate({ path: "user", select: { _id: 0, username: 1, avatar: 1, presence: 1 } })
+ .select("id user nick deaf mute")
+ .cursor()
+ .eachAsync((doc) => {
+ const status = doc.user?.presence?.status || "offline";
+ if (status == "offline") return;
+
+ let item = {};
+
+ item = {
+ ...item,
+ id: null, // this is updated during the sort outside of the query
+ username: doc.nick || doc.user?.username,
+ discriminator: "0000", // intended (https://github.com/discord/discord-api-docs/issues/1287)
+ avatar: null, // intended, avatar_url below will return a unique guild + user url to the avatar
+ status: status
+ };
+
+ const activity = doc.user?.presence?.activities?.[0];
+ if (activity) {
+ item = {
+ ...item,
+ game: { name: activity.name }
+ };
+ }
+
+ // TODO: If the member is in a voice channel, return extra widget details
+ // Extra fields returned include deaf, mute, self_deaf, self_mute, supress, and channel_id (voice channel connected to)
+ // Get this from VoiceState
+
+ // TODO: Implement a widget-avatar endpoint on the CDN, and implement logic here to request it
+ // Get unique avatar url for guild user, cdn to serve the actual avatar image on this url
+ /*
+ const avatar = doc.user?.avatar;
+ if (avatar) {
+ const CDN_HOST = Config.get().cdn.endpoint || "http://localhost:3003";
+ const avatar_url = "/widget-avatars/" + ;
+ item = {
+ ...item,
+ avatar_url: avatar_url
+ }
+ }
+ */
+
+ members.push(item);
+ });
+
+ // Sort members, and update ids (Unable to do under the mongoose query due to https://mongoosejs.com/docs/faq.html#populate_sort_order)
+ members = members.sort((first, second) => 0 - (first.username > second.username ? -1 : 1));
+ members.forEach((x, i) => {
+ x.id = i;
+ });
+
+ // Construct object to respond with
+ const data = {
+ id: guild_id,
+ name: guild.name,
+ instant_invite: invite?.code,
+ channels: channels,
+ members: members,
+ presence_count: guild.presence_count
+ };
+
+ res.set("Cache-Control", "public, max-age=300");
+ return res.json(data);
+});
+
+export default router;
diff --git a/api/src/routes/guilds/#guild_id/widget.png.ts b/api/src/routes/guilds/#guild_id/widget.png.ts
new file mode 100644
index 00000000..a0a8c938
--- /dev/null
+++ b/api/src/routes/guilds/#guild_id/widget.png.ts
@@ -0,0 +1,110 @@
+import { Request, Response, Router } from "express";
+import { GuildModel } from "@fosscord/server-util";
+import { HTTPError } from "lambert-server";
+import fs from "fs";
+import path from "path";
+
+const router: Router = Router();
+
+// TODO: use svg templates instead of node-canvas for improved performance and to change it easily
+
+// https://discord.com/developers/docs/resources/guild#get-guild-widget-image
+// TODO: Cache the response
+router.get("/", async (req: Request, res: Response) => {
+ const { guild_id } = req.params;
+
+ const guild = await GuildModel.findOne({ id: guild_id }).exec();
+ if (!guild.widget_enabled) throw new HTTPError("Unknown Guild", 404);
+
+ // Fetch guild information
+ const icon = guild.icon;
+ const name = guild.name;
+ const presence = guild.presence_count + " ONLINE";
+
+ // Fetch parameter
+ const style = req.query.style?.toString() || "shield";
+ if (!["shield", "banner1", "banner2", "banner3", "banner4"].includes(style)) {
+ throw new HTTPError("Value must be one of ('shield', 'banner1', 'banner2', 'banner3', 'banner4').", 400);
+ }
+
+ // Setup canvas
+ const { createCanvas } = require("canvas");
+ const { loadImage } = require("canvas");
+ const sizeOf = require("image-size");
+
+ // TODO: Widget style templates need Fosscord branding
+ const source = path.join(__dirname, "..", "..", "..", "..", "assets", "widget", `${style}.png`);
+ if (!fs.existsSync(source)) {
+ throw new HTTPError("Widget template does not exist.", 400);
+ }
+
+ // Create base template image for parameter
+ const { width, height } = await sizeOf(source);
+ const canvas = createCanvas(width, height);
+ const ctx = canvas.getContext("2d");
+ const template = await loadImage(source);
+ ctx.drawImage(template, 0, 0);
+
+ // Add the guild specific information to the template asset image
+ switch (style) {
+ case "shield":
+ ctx.textAlign = "center";
+ await drawText(ctx, 73, 13, "#FFFFFF", "thin 10px Verdana", presence);
+ break;
+ case "banner1":
+ if (icon) await drawIcon(ctx, 20, 27, 50, icon);
+ await drawText(ctx, 83, 51, "#FFFFFF", "12px Verdana", name, 22);
+ await drawText(ctx, 83, 66, "#C9D2F0FF", "thin 11px Verdana", presence);
+ break;
+ case "banner2":
+ if (icon) await drawIcon(ctx, 13, 19, 36, icon);
+ await drawText(ctx, 62, 34, "#FFFFFF", "12px Verdana", name, 15);
+ await drawText(ctx, 62, 49, "#C9D2F0FF", "thin 11px Verdana", presence);
+ break;
+ case "banner3":
+ if (icon) await drawIcon(ctx, 20, 20, 50, icon);
+ await drawText(ctx, 83, 44, "#FFFFFF", "12px Verdana", name, 27);
+ await drawText(ctx, 83, 58, "#C9D2F0FF", "thin 11px Verdana", presence);
+ break;
+ case "banner4":
+ if (icon) await drawIcon(ctx, 21, 136, 50, icon);
+ await drawText(ctx, 84, 156, "#FFFFFF", "13px Verdana", name, 27);
+ await drawText(ctx, 84, 171, "#C9D2F0FF", "thin 12px Verdana", presence);
+ break;
+ default:
+ throw new HTTPError("Value must be one of ('shield', 'banner1', 'banner2', 'banner3', 'banner4').", 400);
+ }
+
+ // Return final image
+ const buffer = canvas.toBuffer("image/png");
+ res.set("Content-Type", "image/png");
+ res.set("Cache-Control", "public, max-age=3600");
+ return res.send(buffer);
+});
+
+async function drawIcon(canvas: any, x: number, y: number, scale: number, icon: string) {
+ // @ts-ignore
+ const img = new require("canvas").Image();
+ img.src = icon;
+
+ // Do some canvas clipping magic!
+ canvas.save();
+ canvas.beginPath();
+
+ const r = scale / 2; // use scale to determine radius
+ canvas.arc(x + r, y + r, r, 0, 2 * Math.PI, false); // start circle at x, and y coords + radius to find center
+
+ canvas.clip();
+ canvas.drawImage(img, x, y, scale, scale);
+
+ canvas.restore();
+}
+
+async function drawText(canvas: any, x: number, y: number, color: string, font: string, text: string, maxcharacters?: number) {
+ canvas.fillStyle = color;
+ canvas.font = font;
+ if (text.length > (maxcharacters || 0) && maxcharacters) text = text.slice(0, maxcharacters) + "...";
+ canvas.fillText(text, x, y);
+}
+
+export default router;
diff --git a/api/src/routes/guilds/#guild_id/widget.ts b/api/src/routes/guilds/#guild_id/widget.ts
new file mode 100644
index 00000000..0e6df186
--- /dev/null
+++ b/api/src/routes/guilds/#guild_id/widget.ts
@@ -0,0 +1,35 @@
+import { Request, Response, Router } from "express";
+import { getPermission, GuildModel } from "@fosscord/server-util";
+import { HTTPError } from "lambert-server";
+import { check } from "../../../util/instanceOf";
+import { WidgetModifySchema } from "../../../schema/Widget";
+
+const router: Router = Router();
+
+// https://discord.com/developers/docs/resources/guild#get-guild-widget-settings
+router.get("/", async (req: Request, res: Response) => {
+ const { guild_id } = req.params;
+
+ const perms = await getPermission(req.user_id, guild_id);
+ perms.hasThrow("MANAGE_GUILD");
+
+ const guild = await GuildModel.findOne({ id: guild_id }).exec();
+
+ return res.json({ enabled: guild.widget_enabled || false, channel_id: guild.widget_channel_id || null });
+});
+
+// https://discord.com/developers/docs/resources/guild#modify-guild-widget
+router.patch("/", check(WidgetModifySchema), async (req: Request, res: Response) => {
+ const body = req.body as WidgetModifySchema;
+ const { guild_id } = req.params;
+
+ const perms = await getPermission(req.user_id, guild_id);
+ perms.hasThrow("MANAGE_GUILD");
+
+ await GuildModel.updateOne({ id: guild_id }, { widget_enabled: body.enabled, widget_channel_id: body.channel_id }).exec();
+ // Widget invite for the widget_channel_id gets created as part of the /guilds/{guild.id}/widget.json request
+
+ return res.json(body);
+});
+
+export default router;
diff --git a/api/src/routes/guilds/index.ts b/api/src/routes/guilds/index.ts
new file mode 100644
index 00000000..25b55896
--- /dev/null
+++ b/api/src/routes/guilds/index.ts
@@ -0,0 +1,89 @@
+import { Router, Request, Response } from "express";
+import { RoleModel, GuildModel, Snowflake, Guild, RoleDocument, Config } from "@fosscord/server-util";
+import { HTTPError } from "lambert-server";
+import { check } from "./../../util/instanceOf";
+import { GuildCreateSchema } from "../../schema/Guild";
+import { getPublicUser } from "../../util/User";
+import { addMember } from "../../util/Member";
+import { createChannel } from "../../util/Channel";
+
+const router: Router = Router();
+
+//TODO: create default channel
+
+router.post("/", check(GuildCreateSchema), async (req: Request, res: Response) => {
+ const body = req.body as GuildCreateSchema;
+
+ const { maxGuilds } = Config.get().limits.user;
+ const user = await getPublicUser(req.user_id, { guilds: true });
+
+ if (user.guilds.length >= maxGuilds) {
+ throw new HTTPError(`Maximum number of guilds reached ${maxGuilds}`, 403);
+ }
+
+ const guild_id = Snowflake.generate();
+ const guild: Guild = {
+ name: body.name,
+ region: Config.get().regions.default,
+ owner_id: req.user_id,
+ icon: undefined,
+ afk_channel_id: undefined,
+ afk_timeout: 300,
+ application_id: undefined,
+ banner: undefined,
+ default_message_notifications: 0,
+ description: undefined,
+ splash: undefined,
+ discovery_splash: undefined,
+ explicit_content_filter: 0,
+ features: [],
+ id: guild_id,
+ large: undefined,
+ max_members: 250000,
+ max_presences: 250000,
+ max_video_channel_users: 25,
+ presence_count: 0,
+ member_count: 0, // will automatically be increased by addMember()
+ mfa_level: 0,
+ preferred_locale: "en-US",
+ premium_subscription_count: 0,
+ premium_tier: 0,
+ public_updates_channel_id: undefined,
+ rules_channel_id: undefined,
+ system_channel_flags: 0,
+ system_channel_id: undefined,
+ unavailable: false,
+ vanity_url: undefined,
+ verification_level: 0,
+ welcome_screen: {
+ enabled: false,
+ description: "No description",
+ welcome_channels: []
+ },
+ widget_channel_id: undefined,
+ widget_enabled: false
+ };
+
+ const [guild_doc, role] = await Promise.all([
+ new GuildModel(guild).save(),
+ new RoleModel({
+ id: guild_id,
+ guild_id: guild_id,
+ color: 0,
+ hoist: false,
+ managed: false,
+ mentionable: false,
+ name: "@everyone",
+ permissions: 2251804225n,
+ position: 0,
+ tags: null
+ }).save()
+ ]);
+
+ await createChannel({ name: "general", type: 0, guild_id, position: 0, permission_overwrites: [] }, req.user_id);
+ await addMember(req.user_id, guild_id);
+
+ res.status(201).json({ id: guild.id });
+});
+
+export default router;
diff --git a/api/src/routes/guilds/templates/index.ts b/api/src/routes/guilds/templates/index.ts
new file mode 100644
index 00000000..0f332de0
--- /dev/null
+++ b/api/src/routes/guilds/templates/index.ts
@@ -0,0 +1,61 @@
+import { Request, Response, Router } from "express";
+const router: Router = Router();
+import { TemplateModel, GuildModel, toObject, UserModel, RoleModel, Snowflake, Guild, Config } from "@fosscord/server-util";
+import { HTTPError } from "lambert-server";
+import { GuildTemplateCreateSchema } from "../../../schema/Guild";
+import { getPublicUser } from "../../../util/User";
+import { check } from "../../../util/instanceOf";
+import { addMember } from "../../../util/Member";
+
+router.get("/:code", async (req: Request, res: Response) => {
+ const { code } = req.params;
+
+ const template = await TemplateModel.findOne({ code: code }).exec();
+
+ res.json(toObject(template)).send();
+});
+
+router.post("/:code", check(GuildTemplateCreateSchema), async (req: Request, res: Response) => {
+ const { code } = req.params;
+ const body = req.body as GuildTemplateCreateSchema;
+
+ const { maxGuilds } = Config.get().limits.user;
+ const user = await getPublicUser(req.user_id, { guilds: true });
+
+ if (user.guilds.length >= maxGuilds) {
+ throw new HTTPError(`Maximum number of guilds reached ${maxGuilds}`, 403);
+ }
+
+ const template = await TemplateModel.findOne({ code: code }).exec();
+
+ const guild_id = Snowflake.generate();
+
+ const guild: Guild = {
+ ...body,
+ ...template.serialized_source_guild,
+ id: guild_id,
+ owner_id: req.user_id
+ };
+
+ const [guild_doc, role] = await Promise.all([
+ new GuildModel(guild).save(),
+ new RoleModel({
+ id: guild_id,
+ guild_id: guild_id,
+ color: 0,
+ hoist: false,
+ managed: true,
+ mentionable: true,
+ name: "@everyone",
+ permissions: 2251804225n,
+ position: 0,
+ tags: null
+ }).save()
+ ]);
+
+ await addMember(req.user_id, guild_id, { guild: guild_doc });
+
+ res.status(201).json({ id: guild.id });
+});
+
+export default router;
|
