2 files changed, 3 insertions, 2 deletions

diff --git a/api/src/middlewares/RateLimit.ts b/api/src/middlewares/RateLimit.ts

index 7d5c51e2..ca6de98f 100644
--- a/api/src/middlewares/RateLimit.ts
+++ b/api/src/middlewares/RateLimit.ts
@@ -46,7 +46,8 @@ export default function rateLimit(opts: {
 }): any {
 	return async (req: Request, res: Response, next: NextFunction): Promise<any> => {
 		// exempt user? if so, immediately short circuit
-		if (getRights(req.user_id).has("BYPASS_RATE_LIMITS")) return;
+		const rights = await getRights(req.user_id);
+		if (rights.has("BYPASS_RATE_LIMITS")) return;
 		
 		const bucket_id = opts.bucket || req.originalUrl.replace(API_PREFIX_TRAILING_SLASH, "");
 		var executor_id = getIpAdress(req);
diff --git a/api/src/routes/channels/#channel_id/messages/#message_id/index.ts b/api/src/routes/channels/#channel_id/messages/#message_id/index.ts

index 958954b6..63fee9b9 100644
--- a/api/src/routes/channels/#channel_id/messages/#message_id/index.ts
+++ b/api/src/routes/channels/#channel_id/messages/#message_id/index.ts
@@ -95,7 +95,7 @@ router.put(
 		var body = req.body as MessageCreateSchema;
 		const attachments: Attachment[] = [];
 		
-		const rights = getRights(req.user_id);
+		const rights = await getRights(req.user_id);
 		rights.hasThrow("SEND_MESSAGES");
 
 		// regex to check if message contains anything other than numerals ( also no decimals )