From df2b83ac158be1e7233d8edce59033c15c193599 Mon Sep 17 00:00:00 2001
From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com>
Date: Tue, 14 Sep 2021 22:15:55 +0200
Subject: :construction: webhook

---
 api/src/util/route.ts | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'api/src/util')

diff --git a/api/src/util/route.ts b/api/src/util/route.ts
index 6cd8f622..1e2beb5d 100644
--- a/api/src/util/route.ts
+++ b/api/src/util/route.ts
@@ -1,4 +1,4 @@
-import { DiscordApiErrors, Event, EventData, getPermission, PermissionResolvable, Permissions } from "@fosscord/util";
+import { DiscordApiErrors, Event, EventData, getPermission, PermissionResolvable, Permissions, Webhook } from "@fosscord/util";
 import { NextFunction, Request, Response } from "express";
 import fs from "fs";
 import path from "path";
@@ -54,9 +54,13 @@ export function route(opts: RouteOptions) {
 	return async (req: Request, res: Response, next: NextFunction) => {
 		if (opts.permission) {
 			const required = new Permissions(opts.permission);
+			if (req.params.webhook_id) {
+				const webhook = await Webhook.findOneOrFail({ id: req.params.webhook_id });
+				req.params.channel_id = webhook.channel_id;
+				req.params.guild_id = webhook.guild_id;
+			}
 			const permission = await getPermission(req.user_id, req.params.guild_id, req.params.channel_id);
 
-			// bitfield comparison: check if user lacks certain permission
 			if (!permission.has(required)) {
 				throw DiscordApiErrors.MISSING_PERMISSIONS.withParams(opts.permission as string);
 			}
-- 
cgit 1.5.1