diff --git a/api/src/routes/guilds/#guild_id/bans.ts b/api/src/routes/guilds/#guild_id/bans.ts
index 7ccf34d7..1ce41936 100644
--- a/api/src/routes/guilds/#guild_id/bans.ts
+++ b/api/src/routes/guilds/#guild_id/bans.ts
@@ -33,17 +33,32 @@ router.get("/", route({ permission: "BAN_MEMBERS" }), async (req: Request, res:
const { guild_id } = req.params;
let bans = await Ban.find({ guild_id: guild_id });
+ let promisesToAwait: object[] = [];
+ const bansObj: object[] = [];
- /* Filter secret from database registry.*/
+ bans.filter((ban) => ban.user_id !== ban.executor_id); // pretend self-bans don't exist to prevent victim chasing
- bans.filter(ban => ban.user_id !== ban.executor_id);
- // pretend self-bans don't exist to prevent victim chasing
-
- bans.forEach((registry: BanRegistrySchema) => {
- delete registry.ip;
+ bans.forEach((ban) => {
+ promisesToAwait.push(User.getPublicUser(ban.user_id));
});
-
- return res.json(bans);
+
+ const bannedUsers: object[] = await Promise.all(promisesToAwait);
+
+ bans.forEach((ban, index) => {
+ const user = bannedUsers[index] as User;
+ bansObj.push({
+ reason: ban.reason,
+ user: {
+ username: user.username,
+ discriminator: user.discriminator,
+ id: user.id,
+ avatar: user.avatar,
+ public_flags: user.public_flags
+ }
+ });
+ });
+
+ return res.json(bansObj);
});
router.get("/:user", route({ permission: "BAN_MEMBERS" }), async (req: Request, res: Response) => {
diff --git a/api/src/routes/guilds/#guild_id/members/#member_id/index.ts b/api/src/routes/guilds/#guild_id/members/#member_id/index.ts
index 24c74af7..34836292 100644
--- a/api/src/routes/guilds/#guild_id/members/#member_id/index.ts
+++ b/api/src/routes/guilds/#guild_id/members/#member_id/index.ts
@@ -25,13 +25,19 @@ router.patch("/", route({ body: "MemberChangeSchema" }), async (req: Request, re
const member = await Member.findOneOrFail({ where: { id: member_id, guild_id }, relations: ["roles", "user"] });
const permission = await getPermission(req.user_id, guild_id);
+ const everyone = await Role.findOneOrFail({ guild_id: guild_id, name: "@everyone", position: 0 });
if (body.roles) {
permission.hasThrow("MANAGE_ROLES");
+
+ if (body.roles.indexOf(everyone.id) === -1) body.roles.push(everyone.id);
member.roles = body.roles.map((x) => new Role({ id: x })); // foreign key constraint will fail if role doesn't exist
}
await member.save();
+
+ member.roles = member.roles.filter((x) => x.id !== everyone.id);
+
// do not use promise.all as we have to first write to db before emitting the event to catch errors
await emitEvent({
event: "GUILD_MEMBER_UPDATE",
diff --git a/api/src/routes/guilds/#guild_id/vanity-url.ts b/api/src/routes/guilds/#guild_id/vanity-url.ts
index 63173345..29cd25e2 100644
--- a/api/src/routes/guilds/#guild_id/vanity-url.ts
+++ b/api/src/routes/guilds/#guild_id/vanity-url.ts
@@ -9,11 +9,19 @@ const InviteRegex = /\W/g;
router.get("/", route({ permission: "MANAGE_GUILD" }), async (req: Request, res: Response) => {
const { guild_id } = req.params;
+ const guild = await Guild.findOneOrFail({ id: guild_id });
- const invite = await Invite.findOne({ where: { guild_id: guild_id, vanity_url: true } });
- if (!invite) return res.json({ code: null });
+ if (!guild.features.includes("ALIASABLE_NAMES")) {
+ const invite = await Invite.findOne({ where: { guild_id: guild_id, vanity_url: true } });
+ if (!invite) return res.json({ code: null });
- return res.json({ code: invite.code, uses: invite.uses });
+ return res.json({ code: invite.code, uses: invite.uses });
+ } else {
+ const invite = await Invite.find({ where: { guild_id: guild_id, vanity_url: true } });
+ if (!invite || invite.length == 0) return res.json({ code: null });
+
+ return res.json(invite.map((x) => ({ code: x.code, uses: x.uses })));
+ }
});
export interface VanityUrlSchema {
@@ -24,18 +32,33 @@ export interface VanityUrlSchema {
code?: string;
}
-// TODO: check if guild is elgible for vanity url
router.patch("/", route({ body: "VanityUrlSchema", permission: "MANAGE_GUILD" }), async (req: Request, res: Response) => {
const { guild_id } = req.params;
const body = req.body as VanityUrlSchema;
const code = body.code?.replace(InviteRegex, "");
+ const guild = await Guild.findOneOrFail({ id: guild_id });
+ if (!guild.features.includes("VANITY_URL")) throw new HTTPError("Your guild doesn't support vanity urls");
+
+ if (!code || code.length === 0) throw new HTTPError("Code cannot be null or empty");
+
const invite = await Invite.findOne({ code });
if (invite) throw new HTTPError("Invite already exists");
const { id } = await Channel.findOneOrFail({ guild_id, type: ChannelType.GUILD_TEXT });
- await Invite.update({ vanity_url: true, guild_id }, { code: code, channel_id: id });
+ await new Invite({
+ vanity_url: true,
+ code: code,
+ temporary: false,
+ uses: 0,
+ max_uses: 0,
+ max_age: 0,
+ created_at: new Date(),
+ expires_at: new Date(),
+ guild_id: guild_id,
+ channel_id: id
+ }).save();
return res.json({ code: code });
});
diff --git a/api/src/routes/users/@me/index.ts b/api/src/routes/users/@me/index.ts
index d32b44f9..a8465e3c 100644
--- a/api/src/routes/users/@me/index.ts
+++ b/api/src/routes/users/@me/index.ts
@@ -1,5 +1,5 @@
import { Router, Request, Response } from "express";
-import { User, PrivateUserProjection, emitEvent, UserUpdateEvent, handleFile, FieldErrors } from "@fosscord/util";
+import { User, PrivateUserProjection, emitEvent, UserUpdateEvent, handleFile, FieldErrors, adjustEmail } from "@fosscord/util";
import { route } from "@fosscord/api";
import bcrypt from "bcrypt";
@@ -21,6 +21,7 @@ export interface UserModifySchema {
password?: string;
new_password?: string;
code?: string;
+ email?: string;
}
router.get("/", route({}), async (req: Request, res: Response) => {
@@ -46,6 +47,12 @@ router.patch("/", route({ body: "UserModifySchema" }), async (req: Request, res:
}
}
+ if (body.email) {
+ body.email = adjustEmail(body.email);
+ if (!body.email)
+ throw FieldErrors({ email: { message: req.t("auth:register.EMAIL_INVALID"), code: "EMAIL_INVALID" } });
+ }
+
user.assign(body);
if (body.new_password) {
diff --git a/api/src/routes/users/@me/notes.ts b/api/src/routes/users/@me/notes.ts
index 2ef27bc0..96067bf5 100644
--- a/api/src/routes/users/@me/notes.ts
+++ b/api/src/routes/users/@me/notes.ts
@@ -6,9 +6,9 @@ const router: Router = Router();
router.put("/:id", route({}), async (req: Request, res: Response) => {
//TODO
res.json({
- message: "400: Bad Request",
- code: 0
- }).status(400);
+ message: "Unknown User",
+ code: 10013
+ }).status(404);
});
export default router;
diff --git a/api/src/util/handlers/Message.ts b/api/src/util/handlers/Message.ts
index 21664368..2d9f7032 100644
--- a/api/src/util/handlers/Message.ts
+++ b/api/src/util/handlers/Message.ts
@@ -82,10 +82,12 @@ export async function handleMessage(opts: MessageOptions): Promise<Message> {
if (opts.message_reference) {
permission.hasThrow("READ_MESSAGE_HISTORY");
// code below has to be redone when we add custom message routing and cross-channel replies
- const guild = await Guild.findOneOrFail({ id: channel.guild_id });
- if (!guild.features.includes("CROSS_CHANNEL_REPLIES")) {
- if (opts.message_reference.guild_id !== channel.guild_id) throw new HTTPError("You can only reference messages from this guild");
- if (opts.message_reference.channel_id !== opts.channel_id) throw new HTTPError("You can only reference messages from this channel");
+ if (message.guild_id !== null) {
+ const guild = await Guild.findOneOrFail({ id: channel.guild_id });
+ if (!guild.features.includes("CROSS_CHANNEL_REPLIES")) {
+ if (opts.message_reference.guild_id !== channel.guild_id) throw new HTTPError("You can only reference messages from this guild");
+ if (opts.message_reference.channel_id !== opts.channel_id) throw new HTTPError("You can only reference messages from this channel");
+ }
}
// TODO: should be checked if the referenced message exists?
// @ts-ignore
|
