From 0baef5015a2827f189eb61097dc171614a840a12 Mon Sep 17 00:00:00 2001 From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> Date: Sat, 27 Mar 2021 21:52:02 +0100 Subject: :bug: remove relative @paths --- src/routes/api/v8/channels/#channel_id/invites.ts | 8 ++++---- .../api/v8/channels/#channel_id/messages/bulk-delete.ts | 6 +++--- src/routes/api/v8/channels/#channel_id/messages/index.ts | 16 ++++++++++++---- src/routes/api/v8/guilds/#id/bans.ts | 12 ++++++------ 4 files changed, 25 insertions(+), 17 deletions(-) (limited to 'src/routes') diff --git a/src/routes/api/v8/channels/#channel_id/invites.ts b/src/routes/api/v8/channels/#channel_id/invites.ts index e3f2b77e..0e09c00c 100644 --- a/src/routes/api/v8/channels/#channel_id/invites.ts +++ b/src/routes/api/v8/channels/#channel_id/invites.ts @@ -1,11 +1,11 @@ import { Router, Request, Response } from "express"; import { HTTPError } from "lambert-server"; -import { check } from "@util/instanceOf"; -import { random } from "@util/RandomInviteID"; -import { emitEvent } from "@util/Event"; +import { check } from "../../../../../util/instanceOf"; +import { random } from "../../../../../util/RandomInviteID"; +import { emitEvent } from "../../../../../util/Event"; -import { InviteCreateSchema } from "@schema/Invite"; +import { InviteCreateSchema } from "../../../../../schema/Invite"; import { getPermission, ChannelModel, InviteModel, InviteCreateEvent } from "fosscord-server-util"; diff --git a/src/routes/api/v8/channels/#channel_id/messages/bulk-delete.ts b/src/routes/api/v8/channels/#channel_id/messages/bulk-delete.ts index dc7d5f66..c805cf08 100644 --- a/src/routes/api/v8/channels/#channel_id/messages/bulk-delete.ts +++ b/src/routes/api/v8/channels/#channel_id/messages/bulk-delete.ts @@ -1,9 +1,9 @@ import { Router } from "express"; import { ChannelModel, getPermission, MessageDeleteBulkEvent, MessageModel } from "fosscord-server-util"; import { HTTPError } from "lambert-server"; -import Config from "@util/Config"; -import { emitEvent } from "@util/Event"; -import { check } from "@util/instanceOf"; +import Config from "../../../../../../util/Config"; +import { emitEvent } from "../../../../../../util/Event"; +import { check } from "../../../../../../util/instanceOf"; const router: Router = Router(); diff --git a/src/routes/api/v8/channels/#channel_id/messages/index.ts b/src/routes/api/v8/channels/#channel_id/messages/index.ts index 2f383056..b214275d 100644 --- a/src/routes/api/v8/channels/#channel_id/messages/index.ts +++ b/src/routes/api/v8/channels/#channel_id/messages/index.ts @@ -1,11 +1,11 @@ import { Router } from "express"; import { ChannelModel, ChannelType, getPermission, Message, MessageCreateEvent, MessageModel, Snowflake } from "fosscord-server-util"; import { HTTPError } from "lambert-server"; -import { MessageCreateSchema } from "@schema/Message"; -import { check, instanceOf, Length } from "@util/instanceOf"; -import { PublicUserProjection } from "@util/User"; +import { MessageCreateSchema } from "../../../../../../schema/Message"; +import { check, instanceOf, Length } from "../../../../../../util/instanceOf"; +import { PublicUserProjection } from "../../../../../../util/User"; import multer from "multer"; -import { emitEvent } from "@util/Event"; +import { emitEvent } from "../../../../../../util/Event"; const router: Router = Router(); export default router; @@ -111,6 +111,7 @@ router.post("/", check(MessageCreateSchema), async (req, res) => { // TODO: should it be checked if the message exists? } + // TODO: properly build message object const message: Message = { id: Snowflake.generate(), channel_id, @@ -118,6 +119,13 @@ router.post("/", check(MessageCreateSchema), async (req, res) => { author_id: req.user_id, content: req.body, timestamp: new Date(), + mention_channels_ids: [], + mention_role_ids: [], + mention_user_ids: [], + attachments: [], + embeds: [], + reactions: [], + type: 0, }; await new MessageModel(message).save(); diff --git a/src/routes/api/v8/guilds/#id/bans.ts b/src/routes/api/v8/guilds/#id/bans.ts index 9fbcf01c..5133ee3c 100644 --- a/src/routes/api/v8/guilds/#id/bans.ts +++ b/src/routes/api/v8/guilds/#id/bans.ts @@ -1,12 +1,12 @@ import { Request, Response, Router } from "express"; import { BanModel, getPermission, GuildBanAddEvent, GuildBanRemoveEvent, GuildModel } from "fosscord-server-util"; import { HTTPError } from "lambert-server"; -import { getIpAdress } from "@middlewares/GlobalRateLimit"; -import { BanCreateSchema } from "@schema/Ban"; -import { emitEvent } from "@util/Event"; -import { check } from "@util/instanceOf"; -import { removeMember } from "@util/Member"; -import { getPublicUser } from "@util/User"; +import { getIpAdress } from "../../../../../middlewares/GlobalRateLimit"; +import { BanCreateSchema } from "../../../../../schema/Ban"; +import { emitEvent } from "../../../../../util/Event"; +import { check } from "../../../../../util/instanceOf"; +import { removeMember } from "../../../../../util/Member"; +import { getPublicUser } from "../../../../../util/User"; const router: Router = Router(); -- cgit 1.5.1 From 9050415611f883288f1d1e2b8a0e579c9a52a2ef Mon Sep 17 00:00:00 2001 From: xnacly Date: Sun, 28 Mar 2021 19:12:06 +0200 Subject: added GET [#12] --- src/routes/api/v8/channels/#channel_id/invites.ts | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'src/routes') diff --git a/src/routes/api/v8/channels/#channel_id/invites.ts b/src/routes/api/v8/channels/#channel_id/invites.ts index 0e09c00c..4c21e7d4 100644 --- a/src/routes/api/v8/channels/#channel_id/invites.ts +++ b/src/routes/api/v8/channels/#channel_id/invites.ts @@ -45,4 +45,23 @@ router.post("/", check(InviteCreateSchema), async (req: Request, res: Response) res.status(201).send(invite); }); +router.get("/", async (req: Request, res: Response) => { + const usID = req.user_id; + const chID = BigInt(req.params.channel_id); + const channel = await ChannelModel.findOne({ id: chID }).exec(); + + if (!channel || !channel.guild_id) { + throw new HTTPError("This channel doesn't exist", 404); + } + const { guild_id: guID } = channel; + const permission = await getPermission(usID, guID); + + if (!permission.has("MANAGE_CHANNELS")) { + throw new HTTPError("You aren't authorised to access this endpoint", 401); + } + + const invites = await InviteModel.find({ guild_id: guID }).exec(); + res.status(200).send(invites); +}); + export default router; -- cgit 1.5.1 From 0d0dd4f6b8433a3a90b5b0eebab7e3991bda2302 Mon Sep 17 00:00:00 2001 From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> Date: Tue, 30 Mar 2021 15:37:43 +0200 Subject: move routes to top level no more /api/v8 -> use reverse proxy instead --- src/routes/api/v8/auth/login.ts | 93 -------- src/routes/api/v8/auth/register.ts | 262 --------------------- .../api/v8/channels/#channel_id/followers.ts | 4 - src/routes/api/v8/channels/#channel_id/index.ts | 4 - src/routes/api/v8/channels/#channel_id/invites.ts | 67 ------ .../channels/#channel_id/messages/bulk-delete.ts | 37 --- .../api/v8/channels/#channel_id/messages/index.ts | 136 ----------- .../api/v8/channels/#channel_id/permissions.ts | 4 - src/routes/api/v8/channels/#channel_id/pins.ts | 4 - .../api/v8/channels/#channel_id/recipients.ts | 4 - src/routes/api/v8/channels/#channel_id/typing.ts | 4 - src/routes/api/v8/channels/#channel_id/webhooks.ts | 4 - src/routes/api/v8/guilds/#id/bans.ts | 93 -------- src/routes/api/v8/guilds/#id/channels.ts | 51 ---- src/routes/api/v8/guilds/#id/index.ts | 73 ------ src/routes/api/v8/guilds/#id/members.ts | 54 ----- src/routes/api/v8/guilds/index.ts | 81 ------- src/routes/api/v8/guilds/templates/index.ts | 4 - src/routes/api/v8/invites/index.ts | 4 - src/routes/api/v8/users/@me/guilds.ts | 50 ---- src/routes/api/v8/users/@me/index.ts | 15 -- src/routes/assets/index.ts | 34 --- src/routes/auth/login.ts | 93 ++++++++ src/routes/auth/register.ts | 262 +++++++++++++++++++++ src/routes/channels/#channel_id/followers.ts | 4 + src/routes/channels/#channel_id/index.ts | 4 + src/routes/channels/#channel_id/invites.ts | 67 ++++++ .../channels/#channel_id/messages/bulk-delete.ts | 37 +++ src/routes/channels/#channel_id/messages/index.ts | 136 +++++++++++ src/routes/channels/#channel_id/permissions.ts | 4 + src/routes/channels/#channel_id/pins.ts | 4 + src/routes/channels/#channel_id/recipients.ts | 4 + src/routes/channels/#channel_id/typing.ts | 4 + src/routes/channels/#channel_id/webhooks.ts | 4 + src/routes/guilds/#id/bans.ts | 93 ++++++++ src/routes/guilds/#id/channels.ts | 51 ++++ src/routes/guilds/#id/index.ts | 73 ++++++ src/routes/guilds/#id/members.ts | 54 +++++ src/routes/guilds/index.ts | 81 +++++++ src/routes/guilds/templates/index.ts | 4 + src/routes/invites/index.ts | 4 + src/routes/test.ts | 14 -- src/routes/users/@me/guilds.ts | 50 ++++ src/routes/users/@me/index.ts | 15 ++ 44 files changed, 1048 insertions(+), 1096 deletions(-) delete mode 100644 src/routes/api/v8/auth/login.ts delete mode 100644 src/routes/api/v8/auth/register.ts delete mode 100644 src/routes/api/v8/channels/#channel_id/followers.ts delete mode 100644 src/routes/api/v8/channels/#channel_id/index.ts delete mode 100644 src/routes/api/v8/channels/#channel_id/invites.ts delete mode 100644 src/routes/api/v8/channels/#channel_id/messages/bulk-delete.ts delete mode 100644 src/routes/api/v8/channels/#channel_id/messages/index.ts delete mode 100644 src/routes/api/v8/channels/#channel_id/permissions.ts delete mode 100644 src/routes/api/v8/channels/#channel_id/pins.ts delete mode 100644 src/routes/api/v8/channels/#channel_id/recipients.ts delete mode 100644 src/routes/api/v8/channels/#channel_id/typing.ts delete mode 100644 src/routes/api/v8/channels/#channel_id/webhooks.ts delete mode 100644 src/routes/api/v8/guilds/#id/bans.ts delete mode 100644 src/routes/api/v8/guilds/#id/channels.ts delete mode 100644 src/routes/api/v8/guilds/#id/index.ts delete mode 100644 src/routes/api/v8/guilds/#id/members.ts delete mode 100644 src/routes/api/v8/guilds/index.ts delete mode 100644 src/routes/api/v8/guilds/templates/index.ts delete mode 100644 src/routes/api/v8/invites/index.ts delete mode 100644 src/routes/api/v8/users/@me/guilds.ts delete mode 100644 src/routes/api/v8/users/@me/index.ts delete mode 100644 src/routes/assets/index.ts create mode 100644 src/routes/auth/login.ts create mode 100644 src/routes/auth/register.ts create mode 100644 src/routes/channels/#channel_id/followers.ts create mode 100644 src/routes/channels/#channel_id/index.ts create mode 100644 src/routes/channels/#channel_id/invites.ts create mode 100644 src/routes/channels/#channel_id/messages/bulk-delete.ts create mode 100644 src/routes/channels/#channel_id/messages/index.ts create mode 100644 src/routes/channels/#channel_id/permissions.ts create mode 100644 src/routes/channels/#channel_id/pins.ts create mode 100644 src/routes/channels/#channel_id/recipients.ts create mode 100644 src/routes/channels/#channel_id/typing.ts create mode 100644 src/routes/channels/#channel_id/webhooks.ts create mode 100644 src/routes/guilds/#id/bans.ts create mode 100644 src/routes/guilds/#id/channels.ts create mode 100644 src/routes/guilds/#id/index.ts create mode 100644 src/routes/guilds/#id/members.ts create mode 100644 src/routes/guilds/index.ts create mode 100644 src/routes/guilds/templates/index.ts create mode 100644 src/routes/invites/index.ts delete mode 100644 src/routes/test.ts create mode 100644 src/routes/users/@me/guilds.ts create mode 100644 src/routes/users/@me/index.ts (limited to 'src/routes') diff --git a/src/routes/api/v8/auth/login.ts b/src/routes/api/v8/auth/login.ts deleted file mode 100644 index 3f924e7c..00000000 --- a/src/routes/api/v8/auth/login.ts +++ /dev/null @@ -1,93 +0,0 @@ -import { Request, Response, Router } from "express"; -import { check, FieldErrors, Length } from "../../../../util/instanceOf"; -import bcrypt from "bcrypt"; -import jwt from "jsonwebtoken"; -import { User, UserModel } from "fosscord-server-util"; -import Config from "../../../../util/Config"; -import { adjustEmail } from "./register"; - -const router: Router = Router(); -export default router; - -router.post( - "/", - check({ - login: new Length(String, 2, 100), // email or telephone - password: new Length(String, 8, 64), - $undelete: Boolean, - $captcha_key: String, - $login_source: String, - $gift_code_sku_id: String, - }), - async (req: Request, res: Response) => { - const { login, password } = req.body; - const email = adjustEmail(login); - const query: any[] = [{ phone: login }]; - if (email) query.push({ email }); - - // * MongoDB Specific query for user with same email or phone number - const user = await UserModel.findOne( - { - $or: query, - }, - `hash id user_settings.locale user_settings.theme` - ).exec(); - - if (!user) { - throw FieldErrors({ - login: { message: req.t("auth:login.INVALID_LOGIN"), code: "INVALID_LOGIN" }, - }); - } - - // the salt is saved in the password refer to bcrypt docs - const same_password = await bcrypt.compare(password, user.hash); - if (!same_password) { - throw FieldErrors({ - password: { message: req.t("auth:login.INVALID_PASSWORD"), code: "INVALID_PASSWORD" }, - }); - } - - const token = await generateToken(user.id); - - // Notice this will have a different token structure, than discord - // Discord header is just the user id as string, which is not possible with npm-jsonwebtoken package - // https://user-images.githubusercontent.com/6506416/81051916-dd8c9900-8ec2-11ea-8794-daf12d6f31f0.png - - res.json({ token, user_settings: user.user_settings }); - } -); - -export async function generateToken(id: bigint) { - const iat = Math.floor(Date.now() / 1000); - const algorithm = "HS256"; - - return new Promise((res, rej) => { - jwt.sign( - { id: `${id}`, iat }, - Config.get().security.jwtSecret, - { - algorithm, - }, - (err, token) => { - if (err) return rej(err); - return res(token); - } - ); - }); -} - -/** - * POST /auth/login - * @argument { login: "email@gmail.com", password: "cleartextpassword", undelete: false, captcha_key: null, login_source: null, gift_code_sku_id: null, } - - - * MFA required: - * @returns {"token": null, "mfa": true, "sms": true, "ticket": "SOME TICKET JWT TOKEN"} - - * Captcha required: - * @returns {"captcha_key": ["captcha-required"], "captcha_sitekey": null, "captcha_service": "recaptcha"} - - * Sucess: - * @returns {"token": "USERTOKEN", "user_settings": {"locale": "en", "theme": "dark"}} - - */ diff --git a/src/routes/api/v8/auth/register.ts b/src/routes/api/v8/auth/register.ts deleted file mode 100644 index 99df82f1..00000000 --- a/src/routes/api/v8/auth/register.ts +++ /dev/null @@ -1,262 +0,0 @@ -import { Request, Response, Router } from "express"; -import Config from "../../../../util/Config"; -import { trimSpecial, User, Snowflake, UserModel } from "fosscord-server-util"; -import bcrypt from "bcrypt"; -import { check, Email, EMAIL_REGEX, FieldErrors, Length } from "../../../../util/instanceOf"; -import "missing-native-js-functions"; -import { generateToken } from "./login"; - -const router: Router = Router(); - -router.post( - "/", - check({ - username: new Length(String, 2, 32), - // TODO: check min password length in config - // prevent Denial of Service with max length of 64 chars - password: new Length(String, 8, 64), - consent: Boolean, - $email: new Length(Email, 5, 100), - $fingerprint: String, - $invite: String, - $date_of_birth: Date, // "2000-04-03" - $gift_code_sku_id: String, - $captcha_key: String, - }), - async (req: Request, res: Response) => { - const { - email, - username, - password, - consent, - fingerprint, - invite, - date_of_birth, - gift_code_sku_id, // ? what is this - captcha_key, - } = req.body; - // TODO: automatically join invite - // TODO: gift_code_sku_id? - // TODO: check password strength - - // adjusted_email will be slightly modified version of the user supplied email -> e.g. protection against GMail Trick - let adjusted_email: string | undefined = adjustEmail(email); - - // adjusted_password will be the hash of the password - let adjusted_password: string = ""; - - // trim special uf8 control characters -> Backspace, Newline, ... - let adjusted_username: string = trimSpecial(username); - - // discriminator will be randomly generated - let discriminator = ""; - - // get register Config - const { register } = Config.get(); - - // check if registration is allowed - if (!register.allowNewRegistration) { - throw FieldErrors({ - email: { code: "REGISTRATION_DISABLED", message: req.t("auth:register.REGISTRATION_DISABLED") }, - }); - } - - // check if the user agreed to the Terms of Service - if (!consent) { - throw FieldErrors({ - consent: { code: "CONSENT_REQUIRED", message: req.t("auth:register.CONSENT_REQUIRED") }, - }); - } - - // require invite to register -> e.g. for organizations to send invites to their employees - if (register.requireInvite && !invite) { - throw FieldErrors({ - email: { code: "INVITE_ONLY", message: req.t("auth:register.INVITE_ONLY") }, - }); - } - - if (email) { - // replace all dots and chars after +, if its a gmail.com email - if (!adjusted_email) throw FieldErrors({ email: { code: "INVALID_EMAIL", message: "Invalid Email format" } }); - - // check if there is already an account with this email - const exists = await UserModel.findOne({ email: adjusted_email }).exec(); - - if (exists) { - throw FieldErrors({ - email: { - code: "EMAIL_ALREADY_REGISTERED", - message: req.t("auth.register.EMAIL_ALREADY_REGISTERED"), - }, - }); - } - } else if (register.email.required) { - throw FieldErrors({ - email: { code: "BASE_TYPE_REQUIRED", message: req.t("common:field.BASE_TYPE_REQUIRED") }, - }); - } - - if (register.dateOfBirth.required && !date_of_birth) { - throw FieldErrors({ - date_of_birth: { code: "BASE_TYPE_REQUIRED", message: req.t("common:field.BASE_TYPE_REQUIRED") }, - }); - } else if (register.dateOfBirth.minimum) { - const minimum = new Date(); - minimum.setFullYear(minimum.getFullYear() - register.dateOfBirth.minimum); - - // higher is younger - if (date_of_birth > minimum) { - throw FieldErrors({ - date_of_birth: { - code: "DATE_OF_BIRTH_UNDERAGE", - message: req.t("auth:register.DATE_OF_BIRTH_UNDERAGE", { years: register.dateOfBirth.minimum }), - }, - }); - } - } - - if (!register.allowMultipleAccounts) { - // TODO: check if fingerprint was eligible generated - const exists = await UserModel.findOne({ fingerprints: fingerprint }).exec(); - - if (exists) { - throw FieldErrors({ - email: { - code: "EMAIL_ALREADY_REGISTERED", - message: req.t("auth:register.EMAIL_ALREADY_REGISTERED"), - }, - }); - } - } - - if (register.requireCaptcha) { - if (!captcha_key) { - const { sitekey, service } = Config.get().security.captcha; - return res.status(400).json({ - captcha_key: ["captcha-required"], - captcha_sitekey: sitekey, - captcha_service: service, - }); - } - - // TODO: check captcha - } - - // the salt is saved in the password refer to bcrypt docs - adjusted_password = await bcrypt.hash(password, 12); - - let exists; - // randomly generates a discriminator between 1 and 9999 and checks max five times if it already exists - // if it all five times already exists, abort with USERNAME_TOO_MANY_USERS error - // else just continue - // TODO: is there any better way to generate a random discriminator only once, without checking if it already exists in the mongodb database? - for (let tries = 0; tries < 5; tries++) { - discriminator = Math.randomIntBetween(1, 9999).toString().padStart(4, "0"); - exists = await UserModel.findOne({ discriminator, username: adjusted_username }, "id").exec(); - if (!exists) break; - } - - if (exists) { - throw FieldErrors({ - username: { - code: "USERNAME_TOO_MANY_USERS", - message: req.t("auth:register.USERNAME_TOO_MANY_USERS"), - }, - }); - } - - // constructing final user object - // TODO fix: - // @ts-ignore - const user: User = { - id: Snowflake.generate(), - created_at: new Date(), - username: adjusted_username, - discriminator, - avatar: null, - bot: false, - system: false, - mfa_enabled: false, - verified: false, - email: adjusted_email, - flags: 0n, // TODO: generate default flags - hash: adjusted_password, - guilds: [], - valid_tokens_since: new Date(), - user_settings: { - afk_timeout: 300, - allow_accessibility_detection: true, - animate_emoji: true, - animate_stickers: 0, - contact_sync_enabled: false, - convert_emoticons: false, - custom_status: { - emoji_id: null, - emoji_name: null, - expires_at: null, - text: null, - }, - default_guilds_restricted: false, - detect_platform_accounts: true, - developer_mode: false, - disable_games_tab: false, - enable_tts_command: true, - explicit_content_filter: 0, - friend_source_flags: { all: true }, - gateway_connected: false, - gif_auto_play: true, - guild_folders: [], - guild_positions: [], - inline_attachment_media: true, - inline_embed_media: true, - locale: req.language, - message_display_compact: false, - native_phone_integration_enabled: true, - render_embeds: true, - render_reactions: true, - restricted_guilds: [], - show_current_game: true, - status: "offline", - stream_notifications_enabled: true, - theme: "dark", - timezone_offset: 0, - // timezone_offset: // TODO: timezone from request - }, - }; - - // insert user into database - await new UserModel(user).save({}); - - return res.json({ token: await generateToken(user.id) }); - } -); - -export function adjustEmail(email: string): string | undefined { - // body parser already checked if it is a valid email - const parts = email.match(EMAIL_REGEX); - // @ts-ignore - if (!parts || parts.length < 5) return undefined; - const domain = parts[5]; - const user = parts[1]; - - // TODO: check accounts with uncommon email domains - if (domain === "gmail.com" || domain === "googlemail.com") { - // replace .dots and +alternatives -> Gmail Dot Trick https://support.google.com/mail/answer/7436150 and https://generator.email/blog/gmail-generator - return user.replace(/[.]|(\+.*)/g, "") + "@gmail.com"; - } - - return email; -} - -export default router; - -/** - * POST /auth/register - * @argument { "fingerprint":"805826570869932034.wR8vi8lGlFBJerErO9LG5NViJFw", "email":"qo8etzvaf@gmail.com", "username":"qp39gr98", "password":"wtp9gep9gw", "invite":null, "consent":true, "date_of_birth":"2000-04-04", "gift_code_sku_id":null, "captcha_key":null} - * - * Field Error - * @returns { "code": 50035, "errors": { "consent": { "_errors": [{ "code": "CONSENT_REQUIRED", "message": "You must agree to Discord's Terms of Service and Privacy Policy." }]}}, "message": "Invalid Form Body"} - * - * Success 201: - * @returns {token: "OMITTED"} - */ diff --git a/src/routes/api/v8/channels/#channel_id/followers.ts b/src/routes/api/v8/channels/#channel_id/followers.ts deleted file mode 100644 index 9a4e81fa..00000000 --- a/src/routes/api/v8/channels/#channel_id/followers.ts +++ /dev/null @@ -1,4 +0,0 @@ -import { Router } from "express"; -const router: Router = Router(); - -export default router; diff --git a/src/routes/api/v8/channels/#channel_id/index.ts b/src/routes/api/v8/channels/#channel_id/index.ts deleted file mode 100644 index 9a4e81fa..00000000 --- a/src/routes/api/v8/channels/#channel_id/index.ts +++ /dev/null @@ -1,4 +0,0 @@ -import { Router } from "express"; -const router: Router = Router(); - -export default router; diff --git a/src/routes/api/v8/channels/#channel_id/invites.ts b/src/routes/api/v8/channels/#channel_id/invites.ts deleted file mode 100644 index 4c21e7d4..00000000 --- a/src/routes/api/v8/channels/#channel_id/invites.ts +++ /dev/null @@ -1,67 +0,0 @@ -import { Router, Request, Response } from "express"; -import { HTTPError } from "lambert-server"; - -import { check } from "../../../../../util/instanceOf"; -import { random } from "../../../../../util/RandomInviteID"; -import { emitEvent } from "../../../../../util/Event"; - -import { InviteCreateSchema } from "../../../../../schema/Invite"; - -import { getPermission, ChannelModel, InviteModel, InviteCreateEvent } from "fosscord-server-util"; - -const router: Router = Router(); - -router.post("/", check(InviteCreateSchema), async (req: Request, res: Response) => { - const usID = req.user_id; - const chID = BigInt(req.params.channel_id); - const channel = await ChannelModel.findOne({ id: chID }).exec(); - - if (!channel || !channel.guild_id) { - throw new HTTPError("This channel doesn't exist", 404); - } - const { guild_id: guID } = channel; - - const permission = await getPermission(usID, guID); - - if (!permission.has("CREATE_INSTANT_INVITE")) { - throw new HTTPError("You aren't authorised to access this endpoint", 401); - } - - const invite = { - code: random(), - temporary: req.body.temporary, - uses: 0, - max_uses: req.body.max_uses, - max_age: req.body.max_age, - created_at: new Date(), - guild_id: guID, - channel_id: chID, - inviter_id: usID, - }; - - await new InviteModel(invite).save(); - - await emitEvent({ event: "INVITE_CREATE", data: invite } as InviteCreateEvent); - res.status(201).send(invite); -}); - -router.get("/", async (req: Request, res: Response) => { - const usID = req.user_id; - const chID = BigInt(req.params.channel_id); - const channel = await ChannelModel.findOne({ id: chID }).exec(); - - if (!channel || !channel.guild_id) { - throw new HTTPError("This channel doesn't exist", 404); - } - const { guild_id: guID } = channel; - const permission = await getPermission(usID, guID); - - if (!permission.has("MANAGE_CHANNELS")) { - throw new HTTPError("You aren't authorised to access this endpoint", 401); - } - - const invites = await InviteModel.find({ guild_id: guID }).exec(); - res.status(200).send(invites); -}); - -export default router; diff --git a/src/routes/api/v8/channels/#channel_id/messages/bulk-delete.ts b/src/routes/api/v8/channels/#channel_id/messages/bulk-delete.ts deleted file mode 100644 index c805cf08..00000000 --- a/src/routes/api/v8/channels/#channel_id/messages/bulk-delete.ts +++ /dev/null @@ -1,37 +0,0 @@ -import { Router } from "express"; -import { ChannelModel, getPermission, MessageDeleteBulkEvent, MessageModel } from "fosscord-server-util"; -import { HTTPError } from "lambert-server"; -import Config from "../../../../../../util/Config"; -import { emitEvent } from "../../../../../../util/Event"; -import { check } from "../../../../../../util/instanceOf"; - -const router: Router = Router(); - -export default router; - -// TODO: should users be able to bulk delete messages or only bots? -// TODO: should this request fail, if you provide messages older than 14 days/invalid ids? -// https://discord.com/developers/docs/resources/channel#bulk-delete-messages -router.post("/", check({ messages: [BigInt] }), async (req, res) => { - const channel_id = BigInt(req.params.channel_id); - const channel = await ChannelModel.findOne({ id: channel_id }, { permission_overwrites: true, guild_id: true }).exec(); - if (!channel?.guild_id) throw new HTTPError("Can't bulk delete dm channel messages", 400); - - const permission = await getPermission(req.user_id, channel?.guild_id, channel_id, { channel }); - if (!permission.has("MANAGE_MESSAGES")) throw new HTTPError("You are missing the MANAGE_MESSAGES permissions"); - - const { maxBulkDelete } = Config.get().limits.message; - - const { messages } = req.body as { messages: bigint[] }; - if (messages.length < 2) throw new HTTPError("You must at least specify 2 messages to bulk delete"); - if (messages.length > maxBulkDelete) throw new HTTPError(`You cannot delete more than ${maxBulkDelete} messages`); - - await MessageModel.deleteMany({ id: { $in: messages } }).exec(); - await emitEvent({ - event: "MESSAGE_DELETE_BULK", - channel_id, - data: { ids: messages, channel_id, guild_id: channel.guild_id }, - } as MessageDeleteBulkEvent); - - res.status(204).send(); -}); diff --git a/src/routes/api/v8/channels/#channel_id/messages/index.ts b/src/routes/api/v8/channels/#channel_id/messages/index.ts deleted file mode 100644 index ade048a0..00000000 --- a/src/routes/api/v8/channels/#channel_id/messages/index.ts +++ /dev/null @@ -1,136 +0,0 @@ -import { Router } from "express"; -import { ChannelModel, ChannelType, getPermission, Message, MessageCreateEvent, MessageModel, Snowflake } from "fosscord-server-util"; -import { HTTPError } from "lambert-server"; -import { MessageCreateSchema } from "../../../../../../schema/Message"; -import { check, instanceOf, Length } from "../../../../../../util/instanceOf"; -import { PublicUserProjection } from "../../../../../../util/User"; -import multer from "multer"; -import { emitEvent } from "../../../../../../util/Event"; -const router: Router = Router(); - -export default router; - -function isTextChannel(type: ChannelType): boolean { - switch (type) { - case ChannelType.GUILD_VOICE: - case ChannelType.GUILD_CATEGORY: - throw new HTTPError("not a text channel", 400); - case ChannelType.DM: - case ChannelType.GROUP_DM: - case ChannelType.GUILD_NEWS: - case ChannelType.GUILD_STORE: - case ChannelType.GUILD_TEXT: - return true; - } -} - -// https://discord.com/developers/docs/resources/channel#create-message -// get messages -router.get("/", async (req, res) => { - const channel_id = BigInt(req.params.channel_id); - const channel = await ChannelModel.findOne({ id: channel_id }, { guild_id: true, type: true, permission_overwrites: true }).exec(); - if (!channel) throw new HTTPError("Channel not found", 404); - - isTextChannel(channel.type); - - try { - instanceOf({ $around: BigInt, $after: BigInt, $before: BigInt, $limit: new Length(Number, 1, 100) }, req.query, { - path: "query", - req, - }); - } catch (error) { - return res.status(400).json({ code: 50035, message: "Invalid Query", success: false, errors: error }); - } - var { around, after, before, limit }: { around?: bigint; after?: bigint; before?: bigint; limit?: number } = req.query; - if (!limit) limit = 50; - var halfLimit = BigInt(Math.floor(limit / 2)); - - if ([ChannelType.GUILD_VOICE, ChannelType.GUILD_CATEGORY, ChannelType.GUILD_STORE].includes(channel.type)) - throw new HTTPError("Not a text channel"); - - if (channel.guild_id) { - const permissions = await getPermission(req.user_id, channel.guild_id, channel_id, { channel }); - if (!permissions.has("VIEW_CHANNEL")) throw new HTTPError("You don't have permission to view this channel", 401); - if (!permissions.has("READ_MESSAGE_HISTORY")) return res.json([]); - } else if (channel.recipients) { - // group/dm channel - if (!channel.recipients.includes(req.user_id)) throw new HTTPError("You don't have permission to view this channel", 401); - } - - var query: any; - if (after) query = MessageModel.find({ channel_id, id: { $gt: after } }); - else if (before) query = MessageModel.find({ channel_id, id: { $lt: before } }); - else if (around) query = MessageModel.find({ channel_id, id: { $gt: around - halfLimit, $lt: around + halfLimit } }); - else { - query = MessageModel.find({ channel_id }).sort({ id: -1 }); - } - - const messages = await query - .limit(limit) - .populate({ path: "author", select: PublicUserProjection }) - .populate({ path: "mentions", select: PublicUserProjection }) - .populate({ path: "mention_channels", select: { id: true, guild_id: true, type: true, name: true } }) - .populate("mention_roles") - // .populate({ path: "member", select: PublicMemberProjection }) - .exec(); - - return res.json(messages); -}); - -// TODO: config max upload size -const messageUpload = multer({ limits: { fieldSize: 1024 * 1024 * 1024 * 50 } }); // max upload 50 mb - -// TODO: dynamically change limit of MessageCreateSchema with config -// TODO: check: sum of all characters in an embed structure must not exceed 6000 characters - -// https://discord.com/developers/docs/resources/channel#create-message -// TODO: text channel slowdown -// TODO: trim and replace message content and every embed field -// Send message -router.post("/", check(MessageCreateSchema), async (req, res) => { - const channel_id = BigInt(req.params.channel_id); - const body = req.body as MessageCreateSchema; - - const channel = await ChannelModel.findOne({ id: channel_id }, { guild_id: true, type: true, permission_overwrites: true }).exec(); - if (!channel) throw new HTTPError("Channel not found", 404); - - if (channel.guild_id) { - const permissions = await getPermission(req.user_id, channel.guild_id, channel_id, { channel }); - if (!permissions.has("SEND_MESSAGES")) throw new HTTPError("You don't have the SEND_MESSAGES permission"); - if (body.tts && !permissions.has("SEND_TTS_MESSAGES")) throw new HTTPError("You are missing the SEND_TTS_MESSAGES permission"); - if (body.message_reference) { - if (!permissions.has("READ_MESSAGE_HISTORY")) - throw new HTTPError("You are missing the READ_MESSAGE_HISTORY permission to reply"); - if (body.message_reference.guild_id !== channel.guild_id) - throw new HTTPError("You can only reference messages from this guild"); - } - } - - if (body.message_reference) { - if (body.message_reference.channel_id !== channel_id) throw new HTTPError("You can only reference messages from this channel"); - // TODO: should it be checked if the message exists? - } - - const embeds = []; - if (body.embed) embeds.push(body.embed); - - const message: Message = { - id: Snowflake.generate(), - channel_id, - guild_id: channel.guild_id, - author_id: req.user_id, - content: req.body, - timestamp: new Date(), - mention_channels_ids: [], - mention_role_ids: [], - mention_user_ids: [], - attachments: [], - embeds: [], - reactions: [], - type: 0, - }; - - await new MessageModel(message).save(); - - await emitEvent({ event: "MESSAGE_CREATE", channel_id, data: {} } as MessageCreateEvent); -}); diff --git a/src/routes/api/v8/channels/#channel_id/permissions.ts b/src/routes/api/v8/channels/#channel_id/permissions.ts deleted file mode 100644 index 9a4e81fa..00000000 --- a/src/routes/api/v8/channels/#channel_id/permissions.ts +++ /dev/null @@ -1,4 +0,0 @@ -import { Router } from "express"; -const router: Router = Router(); - -export default router; diff --git a/src/routes/api/v8/channels/#channel_id/pins.ts b/src/routes/api/v8/channels/#channel_id/pins.ts deleted file mode 100644 index 9a4e81fa..00000000 --- a/src/routes/api/v8/channels/#channel_id/pins.ts +++ /dev/null @@ -1,4 +0,0 @@ -import { Router } from "express"; -const router: Router = Router(); - -export default router; diff --git a/src/routes/api/v8/channels/#channel_id/recipients.ts b/src/routes/api/v8/channels/#channel_id/recipients.ts deleted file mode 100644 index 9a4e81fa..00000000 --- a/src/routes/api/v8/channels/#channel_id/recipients.ts +++ /dev/null @@ -1,4 +0,0 @@ -import { Router } from "express"; -const router: Router = Router(); - -export default router; diff --git a/src/routes/api/v8/channels/#channel_id/typing.ts b/src/routes/api/v8/channels/#channel_id/typing.ts deleted file mode 100644 index 9a4e81fa..00000000 --- a/src/routes/api/v8/channels/#channel_id/typing.ts +++ /dev/null @@ -1,4 +0,0 @@ -import { Router } from "express"; -const router: Router = Router(); - -export default router; diff --git a/src/routes/api/v8/channels/#channel_id/webhooks.ts b/src/routes/api/v8/channels/#channel_id/webhooks.ts deleted file mode 100644 index 9a4e81fa..00000000 --- a/src/routes/api/v8/channels/#channel_id/webhooks.ts +++ /dev/null @@ -1,4 +0,0 @@ -import { Router } from "express"; -const router: Router = Router(); - -export default router; diff --git a/src/routes/api/v8/guilds/#id/bans.ts b/src/routes/api/v8/guilds/#id/bans.ts deleted file mode 100644 index 5133ee3c..00000000 --- a/src/routes/api/v8/guilds/#id/bans.ts +++ /dev/null @@ -1,93 +0,0 @@ -import { Request, Response, Router } from "express"; -import { BanModel, getPermission, GuildBanAddEvent, GuildBanRemoveEvent, GuildModel } from "fosscord-server-util"; -import { HTTPError } from "lambert-server"; -import { getIpAdress } from "../../../../../middlewares/GlobalRateLimit"; -import { BanCreateSchema } from "../../../../../schema/Ban"; -import { emitEvent } from "../../../../../util/Event"; -import { check } from "../../../../../util/instanceOf"; -import { removeMember } from "../../../../../util/Member"; -import { getPublicUser } from "../../../../../util/User"; - -const router: Router = Router(); - -router.get("/", async (req: Request, res: Response) => { - const guild_id = BigInt(req.params.id); - - const guild = await GuildModel.findOne({ id: guild_id }).exec(); - if (!guild) throw new HTTPError("Guild not found", 404); - - var bans = await BanModel.find({ guild_id: guild_id }).exec(); - return res.json(bans); -}); - -router.get("/:user", async (req: Request, res: Response) => { - const guild_id = BigInt(req.params.id); - const user_id = BigInt(req.params.ban); - - var ban = await BanModel.findOne({ guild_id: guild_id, user_id: user_id }).exec(); - if (!ban) throw new HTTPError("Ban not found", 404); - return res.json(ban); -}); - -router.post("/:user_id", check(BanCreateSchema), async (req: Request, res: Response) => { - const guild_id = BigInt(req.params.id); - const banned_user_id = BigInt(req.params.user_id); - - const banned_user = await getPublicUser(banned_user_id); - const perms = await getPermission(req.user_id, guild_id); - if (!perms.has("BAN_MEMBERS")) throw new HTTPError("You don't have the permission to ban members", 403); - if (req.user_id === banned_user_id) throw new HTTPError("You can't ban yourself", 400); - - await removeMember(banned_user_id, guild_id); - - const ban = await new BanModel({ - user_id: banned_user_id, - guild_id: guild_id, - ip: getIpAdress(req), - executor_id: req.user_id, - reason: req.body.reason, // || otherwise empty - }).save(); - - await emitEvent({ - event: "GUILD_BAN_ADD", - data: { - guild_id: guild_id, - user: banned_user, - }, - guild_id: guild_id, - } as GuildBanAddEvent); - - return res.json(ban).send(); -}); - -router.delete("/:user_id", async (req: Request, res: Response) => { - var guild_id = BigInt(req.params.id); - var banned_user_id = BigInt(req.params.user_id); - - const banned_user = await getPublicUser(banned_user_id); - const guild = await GuildModel.findOne({ id: guild_id }, { id: true }).exec(); - if (!guild) throw new HTTPError("Guild not found", 404); - - const perms = await getPermission(req.user_id, guild.id); - if (!perms.has("BAN_MEMBERS")) { - throw new HTTPError("No permissions", 403); - } - - await BanModel.deleteOne({ - user_id: banned_user_id, - guild_id: guild.id, - }).exec(); - - await emitEvent({ - event: "GUILD_BAN_REMOVE", - data: { - guild_id: guild.id, - user: banned_user, - }, - guild_id: guild.id, - } as GuildBanRemoveEvent); - - return res.status(204).send(); -}); - -export default router; diff --git a/src/routes/api/v8/guilds/#id/channels.ts b/src/routes/api/v8/guilds/#id/channels.ts deleted file mode 100644 index 1316a2ca..00000000 --- a/src/routes/api/v8/guilds/#id/channels.ts +++ /dev/null @@ -1,51 +0,0 @@ -import { Router } from "express"; -import { ChannelModel, ChannelType, GuildModel, Snowflake } from "fosscord-server-util"; -import { HTTPError } from "lambert-server"; -import { ChannelModifySchema } from "../../../../../schema/Channel"; -import { check } from "../../../../../util/instanceOf"; -const router = Router(); - -router.get("/", async (req, res) => { - const guild_id = BigInt(req.params.id); - const channels = await ChannelModel.find({ guild_id }).exec(); - - res.json(channels); -}); - -router.post("/", check(ChannelModifySchema), async (req, res) => { - const guild_id = BigInt(req.params.id); - const body = req.body as ChannelModifySchema; - if (!body.permission_overwrites) body.permission_overwrites = []; - if (!body.topic) body.topic = ""; - if (!body.rate_limit_per_user) body.rate_limit_per_user = 0; - switch (body.type) { - case ChannelType.DM: - case ChannelType.GROUP_DM: - throw new HTTPError("You can't create a dm channel in a guild"); - // TODO: - case ChannelType.GUILD_STORE: - throw new HTTPError("Not yet supported"); - case ChannelType.GUILD_NEWS: - // TODO: check if guild is community server - } - - if (body.parent_id) { - const exists = ChannelModel.findOne({ channel_id: body.parent_id }).exec(); - if (!exists) throw new HTTPError("Parent id channel doesn't exist", 400); - } - - const guild = await GuildModel.findOne({ id: guild_id }, { id: true }).exec(); - if (!guild) throw new HTTPError("Guild not found", 4040); - - const channel = { - ...body, - id: Snowflake.generate(), - created_at: new Date(), - guild_id, - }; - await new ChannelModel(channel).save(); - - res.json(channel); -}); - -export default router; diff --git a/src/routes/api/v8/guilds/#id/index.ts b/src/routes/api/v8/guilds/#id/index.ts deleted file mode 100644 index e86d9416..00000000 --- a/src/routes/api/v8/guilds/#id/index.ts +++ /dev/null @@ -1,73 +0,0 @@ -import { Request, Response, Router } from "express"; -import { - ChannelModel, - EmojiModel, - getPermission, - GuildDeleteEvent, - GuildModel, - InviteModel, - MemberModel, - MessageModel, - RoleModel, - UserModel, -} from "fosscord-server-util"; -import { HTTPError } from "lambert-server"; -import { GuildUpdateSchema } from "../../../../../schema/Guild"; -import { emitEvent } from "../../../../../util/Event"; -import { check } from "../../../../../util/instanceOf"; - -const router = Router(); - -router.get("/", async (req: Request, res: Response) => { - const guild_id = BigInt(req.params.id); - - const guild = await GuildModel.findOne({ id: guild_id }).exec(); - if (!guild) throw new HTTPError("Guild does not exist", 404); - - const member = await MemberModel.findOne({ guild_id: guild_id, id: req.user_id }, "id").exec(); - if (!member) throw new HTTPError("You are not a member of the guild you are trying to access", 401); - - return res.json(guild); -}); - -router.patch("/", check(GuildUpdateSchema), async (req: Request, res: Response) => { - const body = req.body as GuildUpdateSchema; - const guild_id = BigInt(req.params.id); - - const guild = await GuildModel.findOne({ id: guild_id }).exec(); - if (!guild) throw new HTTPError("This guild does not exist", 404); - - const perms = await getPermission(req.user_id, guild_id); - if (!perms.has("MANAGE_GUILD")) throw new HTTPError("You do not have the MANAGE_GUILD permission", 401); - - await GuildModel.updateOne({ id: guild_id }, body).exec(); - return res.status(204); -}); - -router.delete("/", async (req: Request, res: Response) => { - var guild_id = BigInt(req.params.id); - - const guild = await GuildModel.findOne({ id: guild_id }, "owner_id").exec(); - if (!guild) throw new HTTPError("This guild does not exist", 404); - if (guild.owner_id !== req.user_id) throw new HTTPError("You are not the owner of this guild", 401); - - await emitEvent({ - event: "GUILD_DELETE", - data: { - id: guild_id, - }, - guild_id: guild_id, - } as GuildDeleteEvent); - - await GuildModel.deleteOne({ id: guild_id }).exec(); - await UserModel.updateMany({ guilds: guild_id }, { $pull: { guilds: guild_id } }).exec(); - await RoleModel.deleteMany({ guild_id }).exec(); - await ChannelModel.deleteMany({ guild_id }).exec(); - await EmojiModel.deleteMany({ guild_id }).exec(); - await InviteModel.deleteMany({ guild_id }).exec(); - await MessageModel.deleteMany({ guild_id }).exec(); - - return res.status(204).send(); -}); - -export default router; diff --git a/src/routes/api/v8/guilds/#id/members.ts b/src/routes/api/v8/guilds/#id/members.ts deleted file mode 100644 index 0aed61ae..00000000 --- a/src/routes/api/v8/guilds/#id/members.ts +++ /dev/null @@ -1,54 +0,0 @@ -import { Request, Response, Router } from "express"; -import { GuildModel, MemberModel } from "fosscord-server-util"; -import { HTTPError } from "lambert-server"; -import { instanceOf, Length } from "../../../../../util/instanceOf"; -import { PublicMemberProjection } from "../../../../../util/Member"; -import { PublicUserProjection } from "../../../../../util/User"; - -const router = Router(); - -// TODO: not allowed for user -> only allowed for bots with privileged intents -// TODO: send over websocket -router.get("/", async (req: Request, res: Response) => { - const guild_id = BigInt(req.params.id); - const guild = await GuildModel.findOne({ id: guild_id }).exec(); - if (!guild) throw new HTTPError("Guild not found", 404); - - try { - instanceOf({ $limit: new Length(Number, 1, 1000), $after: BigInt }, req.query, { - path: "query", - req, - ref: { obj: null, key: "" }, - }); - } catch (error) { - return res.status(400).json({ code: 50035, message: "Invalid Query", success: false, errors: error }); - } - - // @ts-ignore - if (!req.query.limit) req.query.limit = 1; - const { limit, after } = (req.query) as { limit: number; after: bigint }; - const query = after ? { id: { $gt: after } } : {}; - - var members = await MemberModel.find({ guild_id, ...query }, PublicMemberProjection) - .limit(limit) - .populate({ path: "user", select: PublicUserProjection }) - .exec(); - - return res.json(members); -}); - -router.get("/:member", async (req: Request, res: Response) => { - const guild_id = BigInt(req.params.id); - const user_id = BigInt(req.params.member); - - const member = await MemberModel.findOne({ id: user_id, guild_id }).populate({ path: "user", select: PublicUserProjection }).exec(); - if (!member) throw new HTTPError("Member not found", 404); - - return res.json(member); -}); - -router.put("/:member", async (req: Request, res: Response) => { - // https://discord.com/developers/docs/resources/guild#add-guild-member -}); - -export default router; diff --git a/src/routes/api/v8/guilds/index.ts b/src/routes/api/v8/guilds/index.ts deleted file mode 100644 index 319184ad..00000000 --- a/src/routes/api/v8/guilds/index.ts +++ /dev/null @@ -1,81 +0,0 @@ -import { Router, Request, Response } from "express"; -import { RoleModel, GuildModel, Snowflake, Guild } from "fosscord-server-util"; -import { HTTPError } from "lambert-server"; -import { check } from "./../../../../util/instanceOf"; -import { GuildCreateSchema } from "../../../../schema/Guild"; -import Config from "../../../../util/Config"; -import { getPublicUser } from "../../../../util/User"; -import { addMember } from "../../../../util/Member"; - -const router: Router = Router(); - -router.post("/", check(GuildCreateSchema), async (req: Request, res: Response) => { - const body = req.body as GuildCreateSchema; - - const { maxGuilds } = Config.get().limits.user; - const user = await getPublicUser(req.user_id, { guilds: true }); - - if (user.guilds.length >= maxGuilds) { - throw new HTTPError(`Maximum number of guilds reached ${maxGuilds}`, 403); - } - - const guild_id = Snowflake.generate(); - const guild: Guild = { - name: body.name, - region: body.region || "en-US", - owner_id: req.user_id, - icon: undefined, - afk_channel_id: undefined, - afk_timeout: 300, - application_id: undefined, - banner: undefined, - default_message_notifications: undefined, - description: undefined, - splash: undefined, - discovery_splash: undefined, - explicit_content_filter: undefined, - features: [], - id: guild_id, - large: undefined, - max_members: 250000, - max_presences: 250000, - max_video_channel_users: 25, - presence_count: 0, - member_count: 0, // will automatically be increased by addMember() - mfa_level: 0, - preferred_locale: "en-US", - premium_subscription_count: 0, - premium_tier: 0, - public_updates_channel_id: undefined, - rules_channel_id: undefined, - system_channel_flags: undefined, - system_channel_id: undefined, - unavailable: false, - vanity_url_code: undefined, - verification_level: undefined, - welcome_screen: [], - widget_channel_id: undefined, - widget_enabled: false, - }; - - await Promise.all([ - new GuildModel(guild).save(), - new RoleModel({ - id: guild_id, - guild_id: guild_id, - color: 0, - hoist: false, - managed: true, - mentionable: true, - name: "@everyone", - permissions: 2251804225n, - position: 0, - tags: null, - }).save(), - ]); - await addMember(req.user_id, guild_id, { guild }); - - res.status(201).json({ id: guild.id }); -}); - -export default router; diff --git a/src/routes/api/v8/guilds/templates/index.ts b/src/routes/api/v8/guilds/templates/index.ts deleted file mode 100644 index 9a4e81fa..00000000 --- a/src/routes/api/v8/guilds/templates/index.ts +++ /dev/null @@ -1,4 +0,0 @@ -import { Router } from "express"; -const router: Router = Router(); - -export default router; diff --git a/src/routes/api/v8/invites/index.ts b/src/routes/api/v8/invites/index.ts deleted file mode 100644 index 9a4e81fa..00000000 --- a/src/routes/api/v8/invites/index.ts +++ /dev/null @@ -1,4 +0,0 @@ -import { Router } from "express"; -const router: Router = Router(); - -export default router; diff --git a/src/routes/api/v8/users/@me/guilds.ts b/src/routes/api/v8/users/@me/guilds.ts deleted file mode 100644 index a2a64ce6..00000000 --- a/src/routes/api/v8/users/@me/guilds.ts +++ /dev/null @@ -1,50 +0,0 @@ -import { Router, Request, Response } from "express"; -import { GuildModel, MemberModel, UserModel, GuildDeleteEvent, GuildMemberRemoveEvent } from "fosscord-server-util"; -import { HTTPError } from "lambert-server"; -import { emitEvent } from "../../../../../util/Event"; -import { getPublicUser } from "../../../../../util/User"; - -const router: Router = Router(); - -router.get("/", async (req: Request, res: Response) => { - const user = await UserModel.findOne({ id: req.user_id }, { guilds: true }).exec(); - if (!user) throw new HTTPError("User not found", 404); - - var guildIDs = user.guilds || []; - var guild = await GuildModel.find({ id: { $in: guildIDs } }).exec(); - res.json(guild); -}); - -// user send to leave a certain guild -router.delete("/:id", async (req: Request, res: Response) => { - const guildID = BigInt(req.params.id); - const guild = await GuildModel.findOne({ id: guildID }).exec(); - - if (!guild) throw new HTTPError("Guild doesn't exist", 404); - if (guild.owner_id === req.user_id) throw new HTTPError("You can't leave your own guild", 400); - - await MemberModel.deleteOne({ id: req.user_id, guild_id: guildID }).exec(); - await UserModel.updateOne({ id: req.user_id }, { $pull: { guilds: guildID } }).exec(); - const user = await getPublicUser(req.user_id); - - await emitEvent({ - event: "GUILD_DELETE", - data: { - id: guildID, - }, - user_id: req.user_id, - } as GuildDeleteEvent); - - await emitEvent({ - event: "GUILD_MEMBER_REMOVE", - data: { - guild_id: guildID, - user: user, - }, - guild_id: guildID, - } as GuildMemberRemoveEvent); - - return res.status(204).send(); -}); - -export default router; diff --git a/src/routes/api/v8/users/@me/index.ts b/src/routes/api/v8/users/@me/index.ts deleted file mode 100644 index 32877dcc..00000000 --- a/src/routes/api/v8/users/@me/index.ts +++ /dev/null @@ -1,15 +0,0 @@ -import { Router, Request, Response } from "express"; -import { UserModel } from "fosscord-server-util"; -import { HTTPError } from "lambert-server"; - -const router: Router = Router(); - -router.get("/", async (req: Request, res: Response) => { - // TODO: user projection - const user = await UserModel.findOne({ id: req.user_id }).exec(); - if (!user) throw new HTTPError("User not found", 404); - - res.json(user); -}); - -export default router; diff --git a/src/routes/assets/index.ts b/src/routes/assets/index.ts deleted file mode 100644 index df30d13e..00000000 --- a/src/routes/assets/index.ts +++ /dev/null @@ -1,34 +0,0 @@ -/** - * * patch to redirect requests from cloned client - * (../../client/index.html) - */ -import { Router } from "express"; -import fetch, { Response } from "node-fetch"; - -const router: Router = Router(); -const cache = new Map(); -const assetEndpoint = "https://discord.com/assets/"; - -export async function getCache(key: string): Promise { - let cachedRessource = cache.get(key); - - if (!cachedRessource) { - const res = await fetch(assetEndpoint + key); - // @ts-ignore - res.bufferResponse = await res.buffer(); - cache.set(key, res); - cachedRessource = res; - } - - return cachedRessource; -} - -router.get("/:hash", async (req, res) => { - res.set("Cache-Control", "public, max-age=" + 60 * 60 * 24); - const cache = await getCache(req.params.hash); - res.set("content-type", cache.headers.get("content-type")); - // @ts-ignore - res.send(cache.bufferResponse); -}); - -export default router; diff --git a/src/routes/auth/login.ts b/src/routes/auth/login.ts new file mode 100644 index 00000000..3f924e7c --- /dev/null +++ b/src/routes/auth/login.ts @@ -0,0 +1,93 @@ +import { Request, Response, Router } from "express"; +import { check, FieldErrors, Length } from "../../../../util/instanceOf"; +import bcrypt from "bcrypt"; +import jwt from "jsonwebtoken"; +import { User, UserModel } from "fosscord-server-util"; +import Config from "../../../../util/Config"; +import { adjustEmail } from "./register"; + +const router: Router = Router(); +export default router; + +router.post( + "/", + check({ + login: new Length(String, 2, 100), // email or telephone + password: new Length(String, 8, 64), + $undelete: Boolean, + $captcha_key: String, + $login_source: String, + $gift_code_sku_id: String, + }), + async (req: Request, res: Response) => { + const { login, password } = req.body; + const email = adjustEmail(login); + const query: any[] = [{ phone: login }]; + if (email) query.push({ email }); + + // * MongoDB Specific query for user with same email or phone number + const user = await UserModel.findOne( + { + $or: query, + }, + `hash id user_settings.locale user_settings.theme` + ).exec(); + + if (!user) { + throw FieldErrors({ + login: { message: req.t("auth:login.INVALID_LOGIN"), code: "INVALID_LOGIN" }, + }); + } + + // the salt is saved in the password refer to bcrypt docs + const same_password = await bcrypt.compare(password, user.hash); + if (!same_password) { + throw FieldErrors({ + password: { message: req.t("auth:login.INVALID_PASSWORD"), code: "INVALID_PASSWORD" }, + }); + } + + const token = await generateToken(user.id); + + // Notice this will have a different token structure, than discord + // Discord header is just the user id as string, which is not possible with npm-jsonwebtoken package + // https://user-images.githubusercontent.com/6506416/81051916-dd8c9900-8ec2-11ea-8794-daf12d6f31f0.png + + res.json({ token, user_settings: user.user_settings }); + } +); + +export async function generateToken(id: bigint) { + const iat = Math.floor(Date.now() / 1000); + const algorithm = "HS256"; + + return new Promise((res, rej) => { + jwt.sign( + { id: `${id}`, iat }, + Config.get().security.jwtSecret, + { + algorithm, + }, + (err, token) => { + if (err) return rej(err); + return res(token); + } + ); + }); +} + +/** + * POST /auth/login + * @argument { login: "email@gmail.com", password: "cleartextpassword", undelete: false, captcha_key: null, login_source: null, gift_code_sku_id: null, } + + + * MFA required: + * @returns {"token": null, "mfa": true, "sms": true, "ticket": "SOME TICKET JWT TOKEN"} + + * Captcha required: + * @returns {"captcha_key": ["captcha-required"], "captcha_sitekey": null, "captcha_service": "recaptcha"} + + * Sucess: + * @returns {"token": "USERTOKEN", "user_settings": {"locale": "en", "theme": "dark"}} + + */ diff --git a/src/routes/auth/register.ts b/src/routes/auth/register.ts new file mode 100644 index 00000000..99df82f1 --- /dev/null +++ b/src/routes/auth/register.ts @@ -0,0 +1,262 @@ +import { Request, Response, Router } from "express"; +import Config from "../../../../util/Config"; +import { trimSpecial, User, Snowflake, UserModel } from "fosscord-server-util"; +import bcrypt from "bcrypt"; +import { check, Email, EMAIL_REGEX, FieldErrors, Length } from "../../../../util/instanceOf"; +import "missing-native-js-functions"; +import { generateToken } from "./login"; + +const router: Router = Router(); + +router.post( + "/", + check({ + username: new Length(String, 2, 32), + // TODO: check min password length in config + // prevent Denial of Service with max length of 64 chars + password: new Length(String, 8, 64), + consent: Boolean, + $email: new Length(Email, 5, 100), + $fingerprint: String, + $invite: String, + $date_of_birth: Date, // "2000-04-03" + $gift_code_sku_id: String, + $captcha_key: String, + }), + async (req: Request, res: Response) => { + const { + email, + username, + password, + consent, + fingerprint, + invite, + date_of_birth, + gift_code_sku_id, // ? what is this + captcha_key, + } = req.body; + // TODO: automatically join invite + // TODO: gift_code_sku_id? + // TODO: check password strength + + // adjusted_email will be slightly modified version of the user supplied email -> e.g. protection against GMail Trick + let adjusted_email: string | undefined = adjustEmail(email); + + // adjusted_password will be the hash of the password + let adjusted_password: string = ""; + + // trim special uf8 control characters -> Backspace, Newline, ... + let adjusted_username: string = trimSpecial(username); + + // discriminator will be randomly generated + let discriminator = ""; + + // get register Config + const { register } = Config.get(); + + // check if registration is allowed + if (!register.allowNewRegistration) { + throw FieldErrors({ + email: { code: "REGISTRATION_DISABLED", message: req.t("auth:register.REGISTRATION_DISABLED") }, + }); + } + + // check if the user agreed to the Terms of Service + if (!consent) { + throw FieldErrors({ + consent: { code: "CONSENT_REQUIRED", message: req.t("auth:register.CONSENT_REQUIRED") }, + }); + } + + // require invite to register -> e.g. for organizations to send invites to their employees + if (register.requireInvite && !invite) { + throw FieldErrors({ + email: { code: "INVITE_ONLY", message: req.t("auth:register.INVITE_ONLY") }, + }); + } + + if (email) { + // replace all dots and chars after +, if its a gmail.com email + if (!adjusted_email) throw FieldErrors({ email: { code: "INVALID_EMAIL", message: "Invalid Email format" } }); + + // check if there is already an account with this email + const exists = await UserModel.findOne({ email: adjusted_email }).exec(); + + if (exists) { + throw FieldErrors({ + email: { + code: "EMAIL_ALREADY_REGISTERED", + message: req.t("auth.register.EMAIL_ALREADY_REGISTERED"), + }, + }); + } + } else if (register.email.required) { + throw FieldErrors({ + email: { code: "BASE_TYPE_REQUIRED", message: req.t("common:field.BASE_TYPE_REQUIRED") }, + }); + } + + if (register.dateOfBirth.required && !date_of_birth) { + throw FieldErrors({ + date_of_birth: { code: "BASE_TYPE_REQUIRED", message: req.t("common:field.BASE_TYPE_REQUIRED") }, + }); + } else if (register.dateOfBirth.minimum) { + const minimum = new Date(); + minimum.setFullYear(minimum.getFullYear() - register.dateOfBirth.minimum); + + // higher is younger + if (date_of_birth > minimum) { + throw FieldErrors({ + date_of_birth: { + code: "DATE_OF_BIRTH_UNDERAGE", + message: req.t("auth:register.DATE_OF_BIRTH_UNDERAGE", { years: register.dateOfBirth.minimum }), + }, + }); + } + } + + if (!register.allowMultipleAccounts) { + // TODO: check if fingerprint was eligible generated + const exists = await UserModel.findOne({ fingerprints: fingerprint }).exec(); + + if (exists) { + throw FieldErrors({ + email: { + code: "EMAIL_ALREADY_REGISTERED", + message: req.t("auth:register.EMAIL_ALREADY_REGISTERED"), + }, + }); + } + } + + if (register.requireCaptcha) { + if (!captcha_key) { + const { sitekey, service } = Config.get().security.captcha; + return res.status(400).json({ + captcha_key: ["captcha-required"], + captcha_sitekey: sitekey, + captcha_service: service, + }); + } + + // TODO: check captcha + } + + // the salt is saved in the password refer to bcrypt docs + adjusted_password = await bcrypt.hash(password, 12); + + let exists; + // randomly generates a discriminator between 1 and 9999 and checks max five times if it already exists + // if it all five times already exists, abort with USERNAME_TOO_MANY_USERS error + // else just continue + // TODO: is there any better way to generate a random discriminator only once, without checking if it already exists in the mongodb database? + for (let tries = 0; tries < 5; tries++) { + discriminator = Math.randomIntBetween(1, 9999).toString().padStart(4, "0"); + exists = await UserModel.findOne({ discriminator, username: adjusted_username }, "id").exec(); + if (!exists) break; + } + + if (exists) { + throw FieldErrors({ + username: { + code: "USERNAME_TOO_MANY_USERS", + message: req.t("auth:register.USERNAME_TOO_MANY_USERS"), + }, + }); + } + + // constructing final user object + // TODO fix: + // @ts-ignore + const user: User = { + id: Snowflake.generate(), + created_at: new Date(), + username: adjusted_username, + discriminator, + avatar: null, + bot: false, + system: false, + mfa_enabled: false, + verified: false, + email: adjusted_email, + flags: 0n, // TODO: generate default flags + hash: adjusted_password, + guilds: [], + valid_tokens_since: new Date(), + user_settings: { + afk_timeout: 300, + allow_accessibility_detection: true, + animate_emoji: true, + animate_stickers: 0, + contact_sync_enabled: false, + convert_emoticons: false, + custom_status: { + emoji_id: null, + emoji_name: null, + expires_at: null, + text: null, + }, + default_guilds_restricted: false, + detect_platform_accounts: true, + developer_mode: false, + disable_games_tab: false, + enable_tts_command: true, + explicit_content_filter: 0, + friend_source_flags: { all: true }, + gateway_connected: false, + gif_auto_play: true, + guild_folders: [], + guild_positions: [], + inline_attachment_media: true, + inline_embed_media: true, + locale: req.language, + message_display_compact: false, + native_phone_integration_enabled: true, + render_embeds: true, + render_reactions: true, + restricted_guilds: [], + show_current_game: true, + status: "offline", + stream_notifications_enabled: true, + theme: "dark", + timezone_offset: 0, + // timezone_offset: // TODO: timezone from request + }, + }; + + // insert user into database + await new UserModel(user).save({}); + + return res.json({ token: await generateToken(user.id) }); + } +); + +export function adjustEmail(email: string): string | undefined { + // body parser already checked if it is a valid email + const parts = email.match(EMAIL_REGEX); + // @ts-ignore + if (!parts || parts.length < 5) return undefined; + const domain = parts[5]; + const user = parts[1]; + + // TODO: check accounts with uncommon email domains + if (domain === "gmail.com" || domain === "googlemail.com") { + // replace .dots and +alternatives -> Gmail Dot Trick https://support.google.com/mail/answer/7436150 and https://generator.email/blog/gmail-generator + return user.replace(/[.]|(\+.*)/g, "") + "@gmail.com"; + } + + return email; +} + +export default router; + +/** + * POST /auth/register + * @argument { "fingerprint":"805826570869932034.wR8vi8lGlFBJerErO9LG5NViJFw", "email":"qo8etzvaf@gmail.com", "username":"qp39gr98", "password":"wtp9gep9gw", "invite":null, "consent":true, "date_of_birth":"2000-04-04", "gift_code_sku_id":null, "captcha_key":null} + * + * Field Error + * @returns { "code": 50035, "errors": { "consent": { "_errors": [{ "code": "CONSENT_REQUIRED", "message": "You must agree to Discord's Terms of Service and Privacy Policy." }]}}, "message": "Invalid Form Body"} + * + * Success 201: + * @returns {token: "OMITTED"} + */ diff --git a/src/routes/channels/#channel_id/followers.ts b/src/routes/channels/#channel_id/followers.ts new file mode 100644 index 00000000..9a4e81fa --- /dev/null +++ b/src/routes/channels/#channel_id/followers.ts @@ -0,0 +1,4 @@ +import { Router } from "express"; +const router: Router = Router(); + +export default router; diff --git a/src/routes/channels/#channel_id/index.ts b/src/routes/channels/#channel_id/index.ts new file mode 100644 index 00000000..9a4e81fa --- /dev/null +++ b/src/routes/channels/#channel_id/index.ts @@ -0,0 +1,4 @@ +import { Router } from "express"; +const router: Router = Router(); + +export default router; diff --git a/src/routes/channels/#channel_id/invites.ts b/src/routes/channels/#channel_id/invites.ts new file mode 100644 index 00000000..4c21e7d4 --- /dev/null +++ b/src/routes/channels/#channel_id/invites.ts @@ -0,0 +1,67 @@ +import { Router, Request, Response } from "express"; +import { HTTPError } from "lambert-server"; + +import { check } from "../../../../../util/instanceOf"; +import { random } from "../../../../../util/RandomInviteID"; +import { emitEvent } from "../../../../../util/Event"; + +import { InviteCreateSchema } from "../../../../../schema/Invite"; + +import { getPermission, ChannelModel, InviteModel, InviteCreateEvent } from "fosscord-server-util"; + +const router: Router = Router(); + +router.post("/", check(InviteCreateSchema), async (req: Request, res: Response) => { + const usID = req.user_id; + const chID = BigInt(req.params.channel_id); + const channel = await ChannelModel.findOne({ id: chID }).exec(); + + if (!channel || !channel.guild_id) { + throw new HTTPError("This channel doesn't exist", 404); + } + const { guild_id: guID } = channel; + + const permission = await getPermission(usID, guID); + + if (!permission.has("CREATE_INSTANT_INVITE")) { + throw new HTTPError("You aren't authorised to access this endpoint", 401); + } + + const invite = { + code: random(), + temporary: req.body.temporary, + uses: 0, + max_uses: req.body.max_uses, + max_age: req.body.max_age, + created_at: new Date(), + guild_id: guID, + channel_id: chID, + inviter_id: usID, + }; + + await new InviteModel(invite).save(); + + await emitEvent({ event: "INVITE_CREATE", data: invite } as InviteCreateEvent); + res.status(201).send(invite); +}); + +router.get("/", async (req: Request, res: Response) => { + const usID = req.user_id; + const chID = BigInt(req.params.channel_id); + const channel = await ChannelModel.findOne({ id: chID }).exec(); + + if (!channel || !channel.guild_id) { + throw new HTTPError("This channel doesn't exist", 404); + } + const { guild_id: guID } = channel; + const permission = await getPermission(usID, guID); + + if (!permission.has("MANAGE_CHANNELS")) { + throw new HTTPError("You aren't authorised to access this endpoint", 401); + } + + const invites = await InviteModel.find({ guild_id: guID }).exec(); + res.status(200).send(invites); +}); + +export default router; diff --git a/src/routes/channels/#channel_id/messages/bulk-delete.ts b/src/routes/channels/#channel_id/messages/bulk-delete.ts new file mode 100644 index 00000000..c805cf08 --- /dev/null +++ b/src/routes/channels/#channel_id/messages/bulk-delete.ts @@ -0,0 +1,37 @@ +import { Router } from "express"; +import { ChannelModel, getPermission, MessageDeleteBulkEvent, MessageModel } from "fosscord-server-util"; +import { HTTPError } from "lambert-server"; +import Config from "../../../../../../util/Config"; +import { emitEvent } from "../../../../../../util/Event"; +import { check } from "../../../../../../util/instanceOf"; + +const router: Router = Router(); + +export default router; + +// TODO: should users be able to bulk delete messages or only bots? +// TODO: should this request fail, if you provide messages older than 14 days/invalid ids? +// https://discord.com/developers/docs/resources/channel#bulk-delete-messages +router.post("/", check({ messages: [BigInt] }), async (req, res) => { + const channel_id = BigInt(req.params.channel_id); + const channel = await ChannelModel.findOne({ id: channel_id }, { permission_overwrites: true, guild_id: true }).exec(); + if (!channel?.guild_id) throw new HTTPError("Can't bulk delete dm channel messages", 400); + + const permission = await getPermission(req.user_id, channel?.guild_id, channel_id, { channel }); + if (!permission.has("MANAGE_MESSAGES")) throw new HTTPError("You are missing the MANAGE_MESSAGES permissions"); + + const { maxBulkDelete } = Config.get().limits.message; + + const { messages } = req.body as { messages: bigint[] }; + if (messages.length < 2) throw new HTTPError("You must at least specify 2 messages to bulk delete"); + if (messages.length > maxBulkDelete) throw new HTTPError(`You cannot delete more than ${maxBulkDelete} messages`); + + await MessageModel.deleteMany({ id: { $in: messages } }).exec(); + await emitEvent({ + event: "MESSAGE_DELETE_BULK", + channel_id, + data: { ids: messages, channel_id, guild_id: channel.guild_id }, + } as MessageDeleteBulkEvent); + + res.status(204).send(); +}); diff --git a/src/routes/channels/#channel_id/messages/index.ts b/src/routes/channels/#channel_id/messages/index.ts new file mode 100644 index 00000000..ade048a0 --- /dev/null +++ b/src/routes/channels/#channel_id/messages/index.ts @@ -0,0 +1,136 @@ +import { Router } from "express"; +import { ChannelModel, ChannelType, getPermission, Message, MessageCreateEvent, MessageModel, Snowflake } from "fosscord-server-util"; +import { HTTPError } from "lambert-server"; +import { MessageCreateSchema } from "../../../../../../schema/Message"; +import { check, instanceOf, Length } from "../../../../../../util/instanceOf"; +import { PublicUserProjection } from "../../../../../../util/User"; +import multer from "multer"; +import { emitEvent } from "../../../../../../util/Event"; +const router: Router = Router(); + +export default router; + +function isTextChannel(type: ChannelType): boolean { + switch (type) { + case ChannelType.GUILD_VOICE: + case ChannelType.GUILD_CATEGORY: + throw new HTTPError("not a text channel", 400); + case ChannelType.DM: + case ChannelType.GROUP_DM: + case ChannelType.GUILD_NEWS: + case ChannelType.GUILD_STORE: + case ChannelType.GUILD_TEXT: + return true; + } +} + +// https://discord.com/developers/docs/resources/channel#create-message +// get messages +router.get("/", async (req, res) => { + const channel_id = BigInt(req.params.channel_id); + const channel = await ChannelModel.findOne({ id: channel_id }, { guild_id: true, type: true, permission_overwrites: true }).exec(); + if (!channel) throw new HTTPError("Channel not found", 404); + + isTextChannel(channel.type); + + try { + instanceOf({ $around: BigInt, $after: BigInt, $before: BigInt, $limit: new Length(Number, 1, 100) }, req.query, { + path: "query", + req, + }); + } catch (error) { + return res.status(400).json({ code: 50035, message: "Invalid Query", success: false, errors: error }); + } + var { around, after, before, limit }: { around?: bigint; after?: bigint; before?: bigint; limit?: number } = req.query; + if (!limit) limit = 50; + var halfLimit = BigInt(Math.floor(limit / 2)); + + if ([ChannelType.GUILD_VOICE, ChannelType.GUILD_CATEGORY, ChannelType.GUILD_STORE].includes(channel.type)) + throw new HTTPError("Not a text channel"); + + if (channel.guild_id) { + const permissions = await getPermission(req.user_id, channel.guild_id, channel_id, { channel }); + if (!permissions.has("VIEW_CHANNEL")) throw new HTTPError("You don't have permission to view this channel", 401); + if (!permissions.has("READ_MESSAGE_HISTORY")) return res.json([]); + } else if (channel.recipients) { + // group/dm channel + if (!channel.recipients.includes(req.user_id)) throw new HTTPError("You don't have permission to view this channel", 401); + } + + var query: any; + if (after) query = MessageModel.find({ channel_id, id: { $gt: after } }); + else if (before) query = MessageModel.find({ channel_id, id: { $lt: before } }); + else if (around) query = MessageModel.find({ channel_id, id: { $gt: around - halfLimit, $lt: around + halfLimit } }); + else { + query = MessageModel.find({ channel_id }).sort({ id: -1 }); + } + + const messages = await query + .limit(limit) + .populate({ path: "author", select: PublicUserProjection }) + .populate({ path: "mentions", select: PublicUserProjection }) + .populate({ path: "mention_channels", select: { id: true, guild_id: true, type: true, name: true } }) + .populate("mention_roles") + // .populate({ path: "member", select: PublicMemberProjection }) + .exec(); + + return res.json(messages); +}); + +// TODO: config max upload size +const messageUpload = multer({ limits: { fieldSize: 1024 * 1024 * 1024 * 50 } }); // max upload 50 mb + +// TODO: dynamically change limit of MessageCreateSchema with config +// TODO: check: sum of all characters in an embed structure must not exceed 6000 characters + +// https://discord.com/developers/docs/resources/channel#create-message +// TODO: text channel slowdown +// TODO: trim and replace message content and every embed field +// Send message +router.post("/", check(MessageCreateSchema), async (req, res) => { + const channel_id = BigInt(req.params.channel_id); + const body = req.body as MessageCreateSchema; + + const channel = await ChannelModel.findOne({ id: channel_id }, { guild_id: true, type: true, permission_overwrites: true }).exec(); + if (!channel) throw new HTTPError("Channel not found", 404); + + if (channel.guild_id) { + const permissions = await getPermission(req.user_id, channel.guild_id, channel_id, { channel }); + if (!permissions.has("SEND_MESSAGES")) throw new HTTPError("You don't have the SEND_MESSAGES permission"); + if (body.tts && !permissions.has("SEND_TTS_MESSAGES")) throw new HTTPError("You are missing the SEND_TTS_MESSAGES permission"); + if (body.message_reference) { + if (!permissions.has("READ_MESSAGE_HISTORY")) + throw new HTTPError("You are missing the READ_MESSAGE_HISTORY permission to reply"); + if (body.message_reference.guild_id !== channel.guild_id) + throw new HTTPError("You can only reference messages from this guild"); + } + } + + if (body.message_reference) { + if (body.message_reference.channel_id !== channel_id) throw new HTTPError("You can only reference messages from this channel"); + // TODO: should it be checked if the message exists? + } + + const embeds = []; + if (body.embed) embeds.push(body.embed); + + const message: Message = { + id: Snowflake.generate(), + channel_id, + guild_id: channel.guild_id, + author_id: req.user_id, + content: req.body, + timestamp: new Date(), + mention_channels_ids: [], + mention_role_ids: [], + mention_user_ids: [], + attachments: [], + embeds: [], + reactions: [], + type: 0, + }; + + await new MessageModel(message).save(); + + await emitEvent({ event: "MESSAGE_CREATE", channel_id, data: {} } as MessageCreateEvent); +}); diff --git a/src/routes/channels/#channel_id/permissions.ts b/src/routes/channels/#channel_id/permissions.ts new file mode 100644 index 00000000..9a4e81fa --- /dev/null +++ b/src/routes/channels/#channel_id/permissions.ts @@ -0,0 +1,4 @@ +import { Router } from "express"; +const router: Router = Router(); + +export default router; diff --git a/src/routes/channels/#channel_id/pins.ts b/src/routes/channels/#channel_id/pins.ts new file mode 100644 index 00000000..9a4e81fa --- /dev/null +++ b/src/routes/channels/#channel_id/pins.ts @@ -0,0 +1,4 @@ +import { Router } from "express"; +const router: Router = Router(); + +export default router; diff --git a/src/routes/channels/#channel_id/recipients.ts b/src/routes/channels/#channel_id/recipients.ts new file mode 100644 index 00000000..9a4e81fa --- /dev/null +++ b/src/routes/channels/#channel_id/recipients.ts @@ -0,0 +1,4 @@ +import { Router } from "express"; +const router: Router = Router(); + +export default router; diff --git a/src/routes/channels/#channel_id/typing.ts b/src/routes/channels/#channel_id/typing.ts new file mode 100644 index 00000000..9a4e81fa --- /dev/null +++ b/src/routes/channels/#channel_id/typing.ts @@ -0,0 +1,4 @@ +import { Router } from "express"; +const router: Router = Router(); + +export default router; diff --git a/src/routes/channels/#channel_id/webhooks.ts b/src/routes/channels/#channel_id/webhooks.ts new file mode 100644 index 00000000..9a4e81fa --- /dev/null +++ b/src/routes/channels/#channel_id/webhooks.ts @@ -0,0 +1,4 @@ +import { Router } from "express"; +const router: Router = Router(); + +export default router; diff --git a/src/routes/guilds/#id/bans.ts b/src/routes/guilds/#id/bans.ts new file mode 100644 index 00000000..5133ee3c --- /dev/null +++ b/src/routes/guilds/#id/bans.ts @@ -0,0 +1,93 @@ +import { Request, Response, Router } from "express"; +import { BanModel, getPermission, GuildBanAddEvent, GuildBanRemoveEvent, GuildModel } from "fosscord-server-util"; +import { HTTPError } from "lambert-server"; +import { getIpAdress } from "../../../../../middlewares/GlobalRateLimit"; +import { BanCreateSchema } from "../../../../../schema/Ban"; +import { emitEvent } from "../../../../../util/Event"; +import { check } from "../../../../../util/instanceOf"; +import { removeMember } from "../../../../../util/Member"; +import { getPublicUser } from "../../../../../util/User"; + +const router: Router = Router(); + +router.get("/", async (req: Request, res: Response) => { + const guild_id = BigInt(req.params.id); + + const guild = await GuildModel.findOne({ id: guild_id }).exec(); + if (!guild) throw new HTTPError("Guild not found", 404); + + var bans = await BanModel.find({ guild_id: guild_id }).exec(); + return res.json(bans); +}); + +router.get("/:user", async (req: Request, res: Response) => { + const guild_id = BigInt(req.params.id); + const user_id = BigInt(req.params.ban); + + var ban = await BanModel.findOne({ guild_id: guild_id, user_id: user_id }).exec(); + if (!ban) throw new HTTPError("Ban not found", 404); + return res.json(ban); +}); + +router.post("/:user_id", check(BanCreateSchema), async (req: Request, res: Response) => { + const guild_id = BigInt(req.params.id); + const banned_user_id = BigInt(req.params.user_id); + + const banned_user = await getPublicUser(banned_user_id); + const perms = await getPermission(req.user_id, guild_id); + if (!perms.has("BAN_MEMBERS")) throw new HTTPError("You don't have the permission to ban members", 403); + if (req.user_id === banned_user_id) throw new HTTPError("You can't ban yourself", 400); + + await removeMember(banned_user_id, guild_id); + + const ban = await new BanModel({ + user_id: banned_user_id, + guild_id: guild_id, + ip: getIpAdress(req), + executor_id: req.user_id, + reason: req.body.reason, // || otherwise empty + }).save(); + + await emitEvent({ + event: "GUILD_BAN_ADD", + data: { + guild_id: guild_id, + user: banned_user, + }, + guild_id: guild_id, + } as GuildBanAddEvent); + + return res.json(ban).send(); +}); + +router.delete("/:user_id", async (req: Request, res: Response) => { + var guild_id = BigInt(req.params.id); + var banned_user_id = BigInt(req.params.user_id); + + const banned_user = await getPublicUser(banned_user_id); + const guild = await GuildModel.findOne({ id: guild_id }, { id: true }).exec(); + if (!guild) throw new HTTPError("Guild not found", 404); + + const perms = await getPermission(req.user_id, guild.id); + if (!perms.has("BAN_MEMBERS")) { + throw new HTTPError("No permissions", 403); + } + + await BanModel.deleteOne({ + user_id: banned_user_id, + guild_id: guild.id, + }).exec(); + + await emitEvent({ + event: "GUILD_BAN_REMOVE", + data: { + guild_id: guild.id, + user: banned_user, + }, + guild_id: guild.id, + } as GuildBanRemoveEvent); + + return res.status(204).send(); +}); + +export default router; diff --git a/src/routes/guilds/#id/channels.ts b/src/routes/guilds/#id/channels.ts new file mode 100644 index 00000000..1316a2ca --- /dev/null +++ b/src/routes/guilds/#id/channels.ts @@ -0,0 +1,51 @@ +import { Router } from "express"; +import { ChannelModel, ChannelType, GuildModel, Snowflake } from "fosscord-server-util"; +import { HTTPError } from "lambert-server"; +import { ChannelModifySchema } from "../../../../../schema/Channel"; +import { check } from "../../../../../util/instanceOf"; +const router = Router(); + +router.get("/", async (req, res) => { + const guild_id = BigInt(req.params.id); + const channels = await ChannelModel.find({ guild_id }).exec(); + + res.json(channels); +}); + +router.post("/", check(ChannelModifySchema), async (req, res) => { + const guild_id = BigInt(req.params.id); + const body = req.body as ChannelModifySchema; + if (!body.permission_overwrites) body.permission_overwrites = []; + if (!body.topic) body.topic = ""; + if (!body.rate_limit_per_user) body.rate_limit_per_user = 0; + switch (body.type) { + case ChannelType.DM: + case ChannelType.GROUP_DM: + throw new HTTPError("You can't create a dm channel in a guild"); + // TODO: + case ChannelType.GUILD_STORE: + throw new HTTPError("Not yet supported"); + case ChannelType.GUILD_NEWS: + // TODO: check if guild is community server + } + + if (body.parent_id) { + const exists = ChannelModel.findOne({ channel_id: body.parent_id }).exec(); + if (!exists) throw new HTTPError("Parent id channel doesn't exist", 400); + } + + const guild = await GuildModel.findOne({ id: guild_id }, { id: true }).exec(); + if (!guild) throw new HTTPError("Guild not found", 4040); + + const channel = { + ...body, + id: Snowflake.generate(), + created_at: new Date(), + guild_id, + }; + await new ChannelModel(channel).save(); + + res.json(channel); +}); + +export default router; diff --git a/src/routes/guilds/#id/index.ts b/src/routes/guilds/#id/index.ts new file mode 100644 index 00000000..e86d9416 --- /dev/null +++ b/src/routes/guilds/#id/index.ts @@ -0,0 +1,73 @@ +import { Request, Response, Router } from "express"; +import { + ChannelModel, + EmojiModel, + getPermission, + GuildDeleteEvent, + GuildModel, + InviteModel, + MemberModel, + MessageModel, + RoleModel, + UserModel, +} from "fosscord-server-util"; +import { HTTPError } from "lambert-server"; +import { GuildUpdateSchema } from "../../../../../schema/Guild"; +import { emitEvent } from "../../../../../util/Event"; +import { check } from "../../../../../util/instanceOf"; + +const router = Router(); + +router.get("/", async (req: Request, res: Response) => { + const guild_id = BigInt(req.params.id); + + const guild = await GuildModel.findOne({ id: guild_id }).exec(); + if (!guild) throw new HTTPError("Guild does not exist", 404); + + const member = await MemberModel.findOne({ guild_id: guild_id, id: req.user_id }, "id").exec(); + if (!member) throw new HTTPError("You are not a member of the guild you are trying to access", 401); + + return res.json(guild); +}); + +router.patch("/", check(GuildUpdateSchema), async (req: Request, res: Response) => { + const body = req.body as GuildUpdateSchema; + const guild_id = BigInt(req.params.id); + + const guild = await GuildModel.findOne({ id: guild_id }).exec(); + if (!guild) throw new HTTPError("This guild does not exist", 404); + + const perms = await getPermission(req.user_id, guild_id); + if (!perms.has("MANAGE_GUILD")) throw new HTTPError("You do not have the MANAGE_GUILD permission", 401); + + await GuildModel.updateOne({ id: guild_id }, body).exec(); + return res.status(204); +}); + +router.delete("/", async (req: Request, res: Response) => { + var guild_id = BigInt(req.params.id); + + const guild = await GuildModel.findOne({ id: guild_id }, "owner_id").exec(); + if (!guild) throw new HTTPError("This guild does not exist", 404); + if (guild.owner_id !== req.user_id) throw new HTTPError("You are not the owner of this guild", 401); + + await emitEvent({ + event: "GUILD_DELETE", + data: { + id: guild_id, + }, + guild_id: guild_id, + } as GuildDeleteEvent); + + await GuildModel.deleteOne({ id: guild_id }).exec(); + await UserModel.updateMany({ guilds: guild_id }, { $pull: { guilds: guild_id } }).exec(); + await RoleModel.deleteMany({ guild_id }).exec(); + await ChannelModel.deleteMany({ guild_id }).exec(); + await EmojiModel.deleteMany({ guild_id }).exec(); + await InviteModel.deleteMany({ guild_id }).exec(); + await MessageModel.deleteMany({ guild_id }).exec(); + + return res.status(204).send(); +}); + +export default router; diff --git a/src/routes/guilds/#id/members.ts b/src/routes/guilds/#id/members.ts new file mode 100644 index 00000000..0aed61ae --- /dev/null +++ b/src/routes/guilds/#id/members.ts @@ -0,0 +1,54 @@ +import { Request, Response, Router } from "express"; +import { GuildModel, MemberModel } from "fosscord-server-util"; +import { HTTPError } from "lambert-server"; +import { instanceOf, Length } from "../../../../../util/instanceOf"; +import { PublicMemberProjection } from "../../../../../util/Member"; +import { PublicUserProjection } from "../../../../../util/User"; + +const router = Router(); + +// TODO: not allowed for user -> only allowed for bots with privileged intents +// TODO: send over websocket +router.get("/", async (req: Request, res: Response) => { + const guild_id = BigInt(req.params.id); + const guild = await GuildModel.findOne({ id: guild_id }).exec(); + if (!guild) throw new HTTPError("Guild not found", 404); + + try { + instanceOf({ $limit: new Length(Number, 1, 1000), $after: BigInt }, req.query, { + path: "query", + req, + ref: { obj: null, key: "" }, + }); + } catch (error) { + return res.status(400).json({ code: 50035, message: "Invalid Query", success: false, errors: error }); + } + + // @ts-ignore + if (!req.query.limit) req.query.limit = 1; + const { limit, after } = (req.query) as { limit: number; after: bigint }; + const query = after ? { id: { $gt: after } } : {}; + + var members = await MemberModel.find({ guild_id, ...query }, PublicMemberProjection) + .limit(limit) + .populate({ path: "user", select: PublicUserProjection }) + .exec(); + + return res.json(members); +}); + +router.get("/:member", async (req: Request, res: Response) => { + const guild_id = BigInt(req.params.id); + const user_id = BigInt(req.params.member); + + const member = await MemberModel.findOne({ id: user_id, guild_id }).populate({ path: "user", select: PublicUserProjection }).exec(); + if (!member) throw new HTTPError("Member not found", 404); + + return res.json(member); +}); + +router.put("/:member", async (req: Request, res: Response) => { + // https://discord.com/developers/docs/resources/guild#add-guild-member +}); + +export default router; diff --git a/src/routes/guilds/index.ts b/src/routes/guilds/index.ts new file mode 100644 index 00000000..319184ad --- /dev/null +++ b/src/routes/guilds/index.ts @@ -0,0 +1,81 @@ +import { Router, Request, Response } from "express"; +import { RoleModel, GuildModel, Snowflake, Guild } from "fosscord-server-util"; +import { HTTPError } from "lambert-server"; +import { check } from "./../../../../util/instanceOf"; +import { GuildCreateSchema } from "../../../../schema/Guild"; +import Config from "../../../../util/Config"; +import { getPublicUser } from "../../../../util/User"; +import { addMember } from "../../../../util/Member"; + +const router: Router = Router(); + +router.post("/", check(GuildCreateSchema), async (req: Request, res: Response) => { + const body = req.body as GuildCreateSchema; + + const { maxGuilds } = Config.get().limits.user; + const user = await getPublicUser(req.user_id, { guilds: true }); + + if (user.guilds.length >= maxGuilds) { + throw new HTTPError(`Maximum number of guilds reached ${maxGuilds}`, 403); + } + + const guild_id = Snowflake.generate(); + const guild: Guild = { + name: body.name, + region: body.region || "en-US", + owner_id: req.user_id, + icon: undefined, + afk_channel_id: undefined, + afk_timeout: 300, + application_id: undefined, + banner: undefined, + default_message_notifications: undefined, + description: undefined, + splash: undefined, + discovery_splash: undefined, + explicit_content_filter: undefined, + features: [], + id: guild_id, + large: undefined, + max_members: 250000, + max_presences: 250000, + max_video_channel_users: 25, + presence_count: 0, + member_count: 0, // will automatically be increased by addMember() + mfa_level: 0, + preferred_locale: "en-US", + premium_subscription_count: 0, + premium_tier: 0, + public_updates_channel_id: undefined, + rules_channel_id: undefined, + system_channel_flags: undefined, + system_channel_id: undefined, + unavailable: false, + vanity_url_code: undefined, + verification_level: undefined, + welcome_screen: [], + widget_channel_id: undefined, + widget_enabled: false, + }; + + await Promise.all([ + new GuildModel(guild).save(), + new RoleModel({ + id: guild_id, + guild_id: guild_id, + color: 0, + hoist: false, + managed: true, + mentionable: true, + name: "@everyone", + permissions: 2251804225n, + position: 0, + tags: null, + }).save(), + ]); + await addMember(req.user_id, guild_id, { guild }); + + res.status(201).json({ id: guild.id }); +}); + +export default router; diff --git a/src/routes/guilds/templates/index.ts b/src/routes/guilds/templates/index.ts new file mode 100644 index 00000000..9a4e81fa --- /dev/null +++ b/src/routes/guilds/templates/index.ts @@ -0,0 +1,4 @@ +import { Router } from "express"; +const router: Router = Router(); + +export default router; diff --git a/src/routes/invites/index.ts b/src/routes/invites/index.ts new file mode 100644 index 00000000..9a4e81fa --- /dev/null +++ b/src/routes/invites/index.ts @@ -0,0 +1,4 @@ +import { Router } from "express"; +const router: Router = Router(); + +export default router; diff --git a/src/routes/test.ts b/src/routes/test.ts deleted file mode 100644 index b488d6e4..00000000 --- a/src/routes/test.ts +++ /dev/null @@ -1,14 +0,0 @@ -import { Router } from "express"; -import { getPermission, MemberModel, db } from "fosscord-server-util"; -import { Types } from "mongoose"; -const router: Router = Router(); - -router.get("/", async (req, res) => { - // @ts-ignore - const perm = await getPermission(813185668657184768n, 813189959920910336n); - console.log(perm); - if (perm.has("ADD_REACTIONS")) console.log("add"); - res.send("OK"); -}); - -export default router; diff --git a/src/routes/users/@me/guilds.ts b/src/routes/users/@me/guilds.ts new file mode 100644 index 00000000..a2a64ce6 --- /dev/null +++ b/src/routes/users/@me/guilds.ts @@ -0,0 +1,50 @@ +import { Router, Request, Response } from "express"; +import { GuildModel, MemberModel, UserModel, GuildDeleteEvent, GuildMemberRemoveEvent } from "fosscord-server-util"; +import { HTTPError } from "lambert-server"; +import { emitEvent } from "../../../../../util/Event"; +import { getPublicUser } from "../../../../../util/User"; + +const router: Router = Router(); + +router.get("/", async (req: Request, res: Response) => { + const user = await UserModel.findOne({ id: req.user_id }, { guilds: true }).exec(); + if (!user) throw new HTTPError("User not found", 404); + + var guildIDs = user.guilds || []; + var guild = await GuildModel.find({ id: { $in: guildIDs } }).exec(); + res.json(guild); +}); + +// user send to leave a certain guild +router.delete("/:id", async (req: Request, res: Response) => { + const guildID = BigInt(req.params.id); + const guild = await GuildModel.findOne({ id: guildID }).exec(); + + if (!guild) throw new HTTPError("Guild doesn't exist", 404); + if (guild.owner_id === req.user_id) throw new HTTPError("You can't leave your own guild", 400); + + await MemberModel.deleteOne({ id: req.user_id, guild_id: guildID }).exec(); + await UserModel.updateOne({ id: req.user_id }, { $pull: { guilds: guildID } }).exec(); + const user = await getPublicUser(req.user_id); + + await emitEvent({ + event: "GUILD_DELETE", + data: { + id: guildID, + }, + user_id: req.user_id, + } as GuildDeleteEvent); + + await emitEvent({ + event: "GUILD_MEMBER_REMOVE", + data: { + guild_id: guildID, + user: user, + }, + guild_id: guildID, + } as GuildMemberRemoveEvent); + + return res.status(204).send(); +}); + +export default router; diff --git a/src/routes/users/@me/index.ts b/src/routes/users/@me/index.ts new file mode 100644 index 00000000..32877dcc --- /dev/null +++ b/src/routes/users/@me/index.ts @@ -0,0 +1,15 @@ +import { Router, Request, Response } from "express"; +import { UserModel } from "fosscord-server-util"; +import { HTTPError } from "lambert-server"; + +const router: Router = Router(); + +router.get("/", async (req: Request, res: Response) => { + // TODO: user projection + const user = await UserModel.findOne({ id: req.user_id }).exec(); + if (!user) throw new HTTPError("User not found", 404); + + res.json(user); +}); + +export default router; -- cgit 1.5.1 From 247ef99a2135bedc184e209d7f2011c83be83cfb Mon Sep 17 00:00:00 2001 From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> Date: Tue, 30 Mar 2021 15:37:54 +0200 Subject: :bug: rewrite imports --- src/routes/auth/login.ts | 4 ++-- src/routes/auth/register.ts | 4 ++-- src/routes/channels/#channel_id/invites.ts | 8 ++++---- src/routes/channels/#channel_id/messages/bulk-delete.ts | 6 +++--- src/routes/channels/#channel_id/messages/index.ts | 8 ++++---- src/routes/guilds/#id/bans.ts | 12 ++++++------ src/routes/guilds/#id/channels.ts | 4 ++-- src/routes/guilds/#id/index.ts | 6 +++--- src/routes/guilds/#id/members.ts | 6 +++--- src/routes/guilds/index.ts | 10 +++++----- src/routes/users/@me/guilds.ts | 4 ++-- 11 files changed, 36 insertions(+), 36 deletions(-) (limited to 'src/routes') diff --git a/src/routes/auth/login.ts b/src/routes/auth/login.ts index 3f924e7c..de7a16d4 100644 --- a/src/routes/auth/login.ts +++ b/src/routes/auth/login.ts @@ -1,9 +1,9 @@ import { Request, Response, Router } from "express"; -import { check, FieldErrors, Length } from "../../../../util/instanceOf"; +import { check, FieldErrors, Length } from "../../util/instanceOf"; import bcrypt from "bcrypt"; import jwt from "jsonwebtoken"; import { User, UserModel } from "fosscord-server-util"; -import Config from "../../../../util/Config"; +import Config from "../../util/Config"; import { adjustEmail } from "./register"; const router: Router = Router(); diff --git a/src/routes/auth/register.ts b/src/routes/auth/register.ts index 99df82f1..87ce3cc0 100644 --- a/src/routes/auth/register.ts +++ b/src/routes/auth/register.ts @@ -1,8 +1,8 @@ import { Request, Response, Router } from "express"; -import Config from "../../../../util/Config"; +import Config from "../../util/Config"; import { trimSpecial, User, Snowflake, UserModel } from "fosscord-server-util"; import bcrypt from "bcrypt"; -import { check, Email, EMAIL_REGEX, FieldErrors, Length } from "../../../../util/instanceOf"; +import { check, Email, EMAIL_REGEX, FieldErrors, Length } from "../../util/instanceOf"; import "missing-native-js-functions"; import { generateToken } from "./login"; diff --git a/src/routes/channels/#channel_id/invites.ts b/src/routes/channels/#channel_id/invites.ts index 4c21e7d4..403ef36d 100644 --- a/src/routes/channels/#channel_id/invites.ts +++ b/src/routes/channels/#channel_id/invites.ts @@ -1,11 +1,11 @@ import { Router, Request, Response } from "express"; import { HTTPError } from "lambert-server"; -import { check } from "../../../../../util/instanceOf"; -import { random } from "../../../../../util/RandomInviteID"; -import { emitEvent } from "../../../../../util/Event"; +import { check } from "../../../util/instanceOf"; +import { random } from "../../../util/RandomInviteID"; +import { emitEvent } from "../../../util/Event"; -import { InviteCreateSchema } from "../../../../../schema/Invite"; +import { InviteCreateSchema } from "../../../schema/Invite"; import { getPermission, ChannelModel, InviteModel, InviteCreateEvent } from "fosscord-server-util"; diff --git a/src/routes/channels/#channel_id/messages/bulk-delete.ts b/src/routes/channels/#channel_id/messages/bulk-delete.ts index c805cf08..f5c9afc7 100644 --- a/src/routes/channels/#channel_id/messages/bulk-delete.ts +++ b/src/routes/channels/#channel_id/messages/bulk-delete.ts @@ -1,9 +1,9 @@ import { Router } from "express"; import { ChannelModel, getPermission, MessageDeleteBulkEvent, MessageModel } from "fosscord-server-util"; import { HTTPError } from "lambert-server"; -import Config from "../../../../../../util/Config"; -import { emitEvent } from "../../../../../../util/Event"; -import { check } from "../../../../../../util/instanceOf"; +import Config from "../../../../util/Config"; +import { emitEvent } from "../../../../util/Event"; +import { check } from "../../../../util/instanceOf"; const router: Router = Router(); diff --git a/src/routes/channels/#channel_id/messages/index.ts b/src/routes/channels/#channel_id/messages/index.ts index ade048a0..590d7059 100644 --- a/src/routes/channels/#channel_id/messages/index.ts +++ b/src/routes/channels/#channel_id/messages/index.ts @@ -1,11 +1,11 @@ import { Router } from "express"; import { ChannelModel, ChannelType, getPermission, Message, MessageCreateEvent, MessageModel, Snowflake } from "fosscord-server-util"; import { HTTPError } from "lambert-server"; -import { MessageCreateSchema } from "../../../../../../schema/Message"; -import { check, instanceOf, Length } from "../../../../../../util/instanceOf"; -import { PublicUserProjection } from "../../../../../../util/User"; +import { MessageCreateSchema } from "../../../../schema/Message"; +import { check, instanceOf, Length } from "../../../../util/instanceOf"; +import { PublicUserProjection } from "../../../../util/User"; import multer from "multer"; -import { emitEvent } from "../../../../../../util/Event"; +import { emitEvent } from "../../../../util/Event"; const router: Router = Router(); export default router; diff --git a/src/routes/guilds/#id/bans.ts b/src/routes/guilds/#id/bans.ts index 5133ee3c..27abba55 100644 --- a/src/routes/guilds/#id/bans.ts +++ b/src/routes/guilds/#id/bans.ts @@ -1,12 +1,12 @@ import { Request, Response, Router } from "express"; import { BanModel, getPermission, GuildBanAddEvent, GuildBanRemoveEvent, GuildModel } from "fosscord-server-util"; import { HTTPError } from "lambert-server"; -import { getIpAdress } from "../../../../../middlewares/GlobalRateLimit"; -import { BanCreateSchema } from "../../../../../schema/Ban"; -import { emitEvent } from "../../../../../util/Event"; -import { check } from "../../../../../util/instanceOf"; -import { removeMember } from "../../../../../util/Member"; -import { getPublicUser } from "../../../../../util/User"; +import { getIpAdress } from "../../../middlewares/GlobalRateLimit"; +import { BanCreateSchema } from "../../../schema/Ban"; +import { emitEvent } from "../../../util/Event"; +import { check } from "../../../util/instanceOf"; +import { removeMember } from "../../../util/Member"; +import { getPublicUser } from "../../../util/User"; const router: Router = Router(); diff --git a/src/routes/guilds/#id/channels.ts b/src/routes/guilds/#id/channels.ts index 1316a2ca..599b32d8 100644 --- a/src/routes/guilds/#id/channels.ts +++ b/src/routes/guilds/#id/channels.ts @@ -1,8 +1,8 @@ import { Router } from "express"; import { ChannelModel, ChannelType, GuildModel, Snowflake } from "fosscord-server-util"; import { HTTPError } from "lambert-server"; -import { ChannelModifySchema } from "../../../../../schema/Channel"; -import { check } from "../../../../../util/instanceOf"; +import { ChannelModifySchema } from "../../../schema/Channel"; +import { check } from "../../../util/instanceOf"; const router = Router(); router.get("/", async (req, res) => { diff --git a/src/routes/guilds/#id/index.ts b/src/routes/guilds/#id/index.ts index e86d9416..9b5ce313 100644 --- a/src/routes/guilds/#id/index.ts +++ b/src/routes/guilds/#id/index.ts @@ -12,9 +12,9 @@ import { UserModel, } from "fosscord-server-util"; import { HTTPError } from "lambert-server"; -import { GuildUpdateSchema } from "../../../../../schema/Guild"; -import { emitEvent } from "../../../../../util/Event"; -import { check } from "../../../../../util/instanceOf"; +import { GuildUpdateSchema } from "../../../schema/Guild"; +import { emitEvent } from "../../../util/Event"; +import { check } from "../../../util/instanceOf"; const router = Router(); diff --git a/src/routes/guilds/#id/members.ts b/src/routes/guilds/#id/members.ts index 0aed61ae..de7ea446 100644 --- a/src/routes/guilds/#id/members.ts +++ b/src/routes/guilds/#id/members.ts @@ -1,9 +1,9 @@ import { Request, Response, Router } from "express"; import { GuildModel, MemberModel } from "fosscord-server-util"; import { HTTPError } from "lambert-server"; -import { instanceOf, Length } from "../../../../../util/instanceOf"; -import { PublicMemberProjection } from "../../../../../util/Member"; -import { PublicUserProjection } from "../../../../../util/User"; +import { instanceOf, Length } from "../../../util/instanceOf"; +import { PublicMemberProjection } from "../../../util/Member"; +import { PublicUserProjection } from "../../../util/User"; const router = Router(); diff --git a/src/routes/guilds/index.ts b/src/routes/guilds/index.ts index 319184ad..d7dce64b 100644 --- a/src/routes/guilds/index.ts +++ b/src/routes/guilds/index.ts @@ -1,11 +1,11 @@ import { Router, Request, Response } from "express"; import { RoleModel, GuildModel, Snowflake, Guild } from "fosscord-server-util"; import { HTTPError } from "lambert-server"; -import { check } from "./../../../../util/instanceOf"; -import { GuildCreateSchema } from "../../../../schema/Guild"; -import Config from "../../../../util/Config"; -import { getPublicUser } from "../../../../util/User"; -import { addMember } from "../../../../util/Member"; +import { check } from "./../../util/instanceOf"; +import { GuildCreateSchema } from "../../schema/Guild"; +import Config from "../../util/Config"; +import { getPublicUser } from "../../util/User"; +import { addMember } from "../../util/Member"; const router: Router = Router(); diff --git a/src/routes/users/@me/guilds.ts b/src/routes/users/@me/guilds.ts index a2a64ce6..611e622d 100644 --- a/src/routes/users/@me/guilds.ts +++ b/src/routes/users/@me/guilds.ts @@ -1,8 +1,8 @@ import { Router, Request, Response } from "express"; import { GuildModel, MemberModel, UserModel, GuildDeleteEvent, GuildMemberRemoveEvent } from "fosscord-server-util"; import { HTTPError } from "lambert-server"; -import { emitEvent } from "../../../../../util/Event"; -import { getPublicUser } from "../../../../../util/User"; +import { emitEvent } from "../../../util/Event"; +import { getPublicUser } from "../../../util/User"; const router: Router = Router(); -- cgit 1.5.1 From 8b64ab4f3821cde44abd2e0e5403d38797bc516a Mon Sep 17 00:00:00 2001 From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> Date: Tue, 6 Apr 2021 03:58:27 +0200 Subject: :construction: experiments + gateway route --- src/middlewares/Authentication.ts | 8 +++++++- src/routes/experiments.ts | 10 ++++++++++ src/routes/gateway.ts | 9 +++++++++ 3 files changed, 26 insertions(+), 1 deletion(-) create mode 100644 src/routes/experiments.ts create mode 100644 src/routes/gateway.ts (limited to 'src/routes') diff --git a/src/middlewares/Authentication.ts b/src/middlewares/Authentication.ts index 4bfa219a..595bcf73 100644 --- a/src/middlewares/Authentication.ts +++ b/src/middlewares/Authentication.ts @@ -2,7 +2,13 @@ import { NextFunction, Request, Response } from "express"; import { HTTPError } from "lambert-server"; import { checkToken } from "fosscord-server-util"; -export const NO_AUTHORIZATION_ROUTES = ["/api/v8/auth/login", "/api/v8/auth/register", "/api/v8/webhooks/"]; +export const NO_AUTHORIZATION_ROUTES = [ + "/api/v8/auth/login", + "/api/v8/auth/register", + "/api/v8/webhooks/", + "/api/v8/gateway", + "/api/v8/experiments", +]; declare global { namespace Express { diff --git a/src/routes/experiments.ts b/src/routes/experiments.ts new file mode 100644 index 00000000..6bca49c5 --- /dev/null +++ b/src/routes/experiments.ts @@ -0,0 +1,10 @@ +import { Router } from "express"; + +const router = Router(); + +router.get("/", (req, res) => { + // TODO: + res.send({ fingerprint: "", assignments: [] }); +}); + +export default router; diff --git a/src/routes/gateway.ts b/src/routes/gateway.ts new file mode 100644 index 00000000..53302f12 --- /dev/null +++ b/src/routes/gateway.ts @@ -0,0 +1,9 @@ +import { Router } from "express"; + +const router = Router(); + +router.get("/", (req, res) => { + res.send({ url: "ws://localhost:8080" }); +}); + +export default router; -- cgit 1.5.1 From 0e9089dee95099a1ba92f292a6d0c0475fd36697 Mon Sep 17 00:00:00 2001 From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> Date: Tue, 6 Apr 2021 04:03:37 +0200 Subject: :bug: fix routes user.user_data --- src/routes/auth/register.ts | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'src/routes') diff --git a/src/routes/auth/register.ts b/src/routes/auth/register.ts index 87ce3cc0..ce54b940 100644 --- a/src/routes/auth/register.ts +++ b/src/routes/auth/register.ts @@ -180,9 +180,14 @@ router.post( verified: false, email: adjusted_email, flags: 0n, // TODO: generate default flags - hash: adjusted_password, guilds: [], - valid_tokens_since: new Date(), + user_data: { + hash: adjusted_password, + valid_tokens_since: new Date(), + relationships: [], + connected_accounts: [], + fingerprints: [], + }, user_settings: { afk_timeout: 300, allow_accessibility_detection: true, -- cgit 1.5.1 From d774216bc8782484ac7b1c562b63aa9f30510177 Mon Sep 17 00:00:00 2001 From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> Date: Tue, 6 Apr 2021 04:05:18 +0200 Subject: .lean() all mongodb requests --- src/routes/channels/#channel_id/invites.ts | 2 +- src/routes/channels/#channel_id/messages/index.ts | 1 + src/routes/guilds/#id/bans.ts | 2 +- src/routes/guilds/#id/channels.ts | 2 +- src/routes/guilds/#id/members.ts | 1 + src/routes/guilds/index.ts | 8 ++++---- src/routes/users/@me/guilds.ts | 4 +++- 7 files changed, 12 insertions(+), 8 deletions(-) (limited to 'src/routes') diff --git a/src/routes/channels/#channel_id/invites.ts b/src/routes/channels/#channel_id/invites.ts index 403ef36d..c9910ae2 100644 --- a/src/routes/channels/#channel_id/invites.ts +++ b/src/routes/channels/#channel_id/invites.ts @@ -60,7 +60,7 @@ router.get("/", async (req: Request, res: Response) => { throw new HTTPError("You aren't authorised to access this endpoint", 401); } - const invites = await InviteModel.find({ guild_id: guID }).exec(); + const invites = await InviteModel.find({ guild_id: guID }).lean().exec(); res.status(200).send(invites); }); diff --git a/src/routes/channels/#channel_id/messages/index.ts b/src/routes/channels/#channel_id/messages/index.ts index 590d7059..13c819b4 100644 --- a/src/routes/channels/#channel_id/messages/index.ts +++ b/src/routes/channels/#channel_id/messages/index.ts @@ -72,6 +72,7 @@ router.get("/", async (req, res) => { .populate({ path: "mention_channels", select: { id: true, guild_id: true, type: true, name: true } }) .populate("mention_roles") // .populate({ path: "member", select: PublicMemberProjection }) + .lean() .exec(); return res.json(messages); diff --git a/src/routes/guilds/#id/bans.ts b/src/routes/guilds/#id/bans.ts index 27abba55..ba062a44 100644 --- a/src/routes/guilds/#id/bans.ts +++ b/src/routes/guilds/#id/bans.ts @@ -16,7 +16,7 @@ router.get("/", async (req: Request, res: Response) => { const guild = await GuildModel.findOne({ id: guild_id }).exec(); if (!guild) throw new HTTPError("Guild not found", 404); - var bans = await BanModel.find({ guild_id: guild_id }).exec(); + var bans = await BanModel.find({ guild_id: guild_id }).lean().exec(); return res.json(bans); }); diff --git a/src/routes/guilds/#id/channels.ts b/src/routes/guilds/#id/channels.ts index 599b32d8..df41ec41 100644 --- a/src/routes/guilds/#id/channels.ts +++ b/src/routes/guilds/#id/channels.ts @@ -7,7 +7,7 @@ const router = Router(); router.get("/", async (req, res) => { const guild_id = BigInt(req.params.id); - const channels = await ChannelModel.find({ guild_id }).exec(); + const channels = await ChannelModel.find({ guild_id }).lean().exec(); res.json(channels); }); diff --git a/src/routes/guilds/#id/members.ts b/src/routes/guilds/#id/members.ts index de7ea446..25889e2e 100644 --- a/src/routes/guilds/#id/members.ts +++ b/src/routes/guilds/#id/members.ts @@ -32,6 +32,7 @@ router.get("/", async (req: Request, res: Response) => { var members = await MemberModel.find({ guild_id, ...query }, PublicMemberProjection) .limit(limit) .populate({ path: "user", select: PublicUserProjection }) + .lean() .exec(); return res.json(members); diff --git a/src/routes/guilds/index.ts b/src/routes/guilds/index.ts index d7dce64b..57d7ddc4 100644 --- a/src/routes/guilds/index.ts +++ b/src/routes/guilds/index.ts @@ -29,11 +29,11 @@ router.post("/", check(GuildCreateSchema), async (req: Request, res: Response) = afk_timeout: 300, application_id: undefined, banner: undefined, - default_message_notifications: undefined, + default_message_notifications: 0, description: undefined, splash: undefined, discovery_splash: undefined, - explicit_content_filter: undefined, + explicit_content_filter: 0, features: [], id: guild_id, large: undefined, @@ -48,11 +48,11 @@ router.post("/", check(GuildCreateSchema), async (req: Request, res: Response) = premium_tier: 0, public_updates_channel_id: undefined, rules_channel_id: undefined, - system_channel_flags: undefined, + system_channel_flags: 0, system_channel_id: undefined, unavailable: false, vanity_url_code: undefined, - verification_level: undefined, + verification_level: 0, welcome_screen: [], widget_channel_id: undefined, widget_enabled: false, diff --git a/src/routes/users/@me/guilds.ts b/src/routes/users/@me/guilds.ts index 611e622d..1b87b51d 100644 --- a/src/routes/users/@me/guilds.ts +++ b/src/routes/users/@me/guilds.ts @@ -11,7 +11,9 @@ router.get("/", async (req: Request, res: Response) => { if (!user) throw new HTTPError("User not found", 404); var guildIDs = user.guilds || []; - var guild = await GuildModel.find({ id: { $in: guildIDs } }).exec(); + var guild = await GuildModel.find({ id: { $in: guildIDs } }) + .lean() + .exec(); res.json(guild); }); -- cgit 1.5.1 From 73aeca20de08a2a4034476d6282b256bea431465 Mon Sep 17 00:00:00 2001 From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> Date: Tue, 6 Apr 2021 04:10:24 +0200 Subject: :bug: fix login --- package-lock.json | 4 ++-- src/routes/auth/login.ts | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'src/routes') diff --git a/package-lock.json b/package-lock.json index e13791d1..ba585fb6 100644 --- a/package-lock.json +++ b/package-lock.json @@ -4614,7 +4614,7 @@ }, "node_modules/fosscord-server-util": { "version": "1.0.0", - "resolved": "git+ssh://git@github.com/fosscord/fosscord-server-util.git#e5f408be0889562f6fa36ac1bb1730e50bf1951f", + "resolved": "git+ssh://git@github.com/fosscord/fosscord-server-util.git#770b07400e282c5e06fe0638d791139e3984f50f", "license": "ISC", "dependencies": { "jsonwebtoken": "^8.5.1", @@ -16151,7 +16151,7 @@ "integrity": "sha1-mMI9qxF1ZXuMBXPozszZGw/xjIQ=" }, "fosscord-server-util": { - "version": "git+ssh://git@github.com/fosscord/fosscord-server-util.git#e5f408be0889562f6fa36ac1bb1730e50bf1951f", + "version": "git+ssh://git@github.com/fosscord/fosscord-server-util.git#770b07400e282c5e06fe0638d791139e3984f50f", "from": "fosscord-server-util@github:fosscord/fosscord-server-util", "requires": { "jsonwebtoken": "^8.5.1", diff --git a/src/routes/auth/login.ts b/src/routes/auth/login.ts index de7a16d4..15aa2371 100644 --- a/src/routes/auth/login.ts +++ b/src/routes/auth/login.ts @@ -40,7 +40,7 @@ router.post( } // the salt is saved in the password refer to bcrypt docs - const same_password = await bcrypt.compare(password, user.hash); + const same_password = await bcrypt.compare(password, user.user_data.hash); if (!same_password) { throw FieldErrors({ password: { message: req.t("auth:login.INVALID_PASSWORD"), code: "INVALID_PASSWORD" }, -- cgit 1.5.1 From af6f9b57ad4a7fd05d4ffa19440012084fb5071f Mon Sep 17 00:00:00 2001 From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> Date: Tue, 6 Apr 2021 04:30:04 +0200 Subject: :bug: fix user guilds --- src/routes/auth/register.ts | 3 +++ src/util/User.ts | 4 +++- 2 files changed, 6 insertions(+), 1 deletion(-) (limited to 'src/routes') diff --git a/src/routes/auth/register.ts b/src/routes/auth/register.ts index ce54b940..9543e814 100644 --- a/src/routes/auth/register.ts +++ b/src/routes/auth/register.ts @@ -165,6 +165,8 @@ router.post( }); } + // TODO: save date_of_birth + // constructing final user object // TODO fix: // @ts-ignore @@ -179,6 +181,7 @@ router.post( mfa_enabled: false, verified: false, email: adjusted_email, + nsfw_allowed: true, // TODO: depending on age flags: 0n, // TODO: generate default flags guilds: [], user_data: { diff --git a/src/util/User.ts b/src/util/User.ts index 1b13e153..3658e46d 100644 --- a/src/util/User.ts +++ b/src/util/User.ts @@ -16,7 +16,9 @@ export async function getPublicUser(user_id: bigint, additional_fields?: any) { ...PublicUserProjection, ...additional_fields, } - ).exec(); + ) + .lean() + .exec(); if (!user) throw new HTTPError("User not found", 404); return user; } -- cgit 1.5.1 From dfbe855f3d59fb591eefce7c4f2947f9e16317e7 Mon Sep 17 00:00:00 2001 From: notsapinho <52896767+notsapinho@users.noreply.github.com> Date: Tue, 6 Apr 2021 11:20:30 -0300 Subject: 🐛 fix structure MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/routes/auth/login.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/routes') diff --git a/src/routes/auth/login.ts b/src/routes/auth/login.ts index 15aa2371..b0936104 100644 --- a/src/routes/auth/login.ts +++ b/src/routes/auth/login.ts @@ -30,7 +30,7 @@ router.post( { $or: query, }, - `hash id user_settings.locale user_settings.theme` + `user_data.hash id user_settings.locale user_settings.theme` ).exec(); if (!user) { -- cgit 1.5.1 From 70892870161edad2a44ae36bdf9092961ef830bb Mon Sep 17 00:00:00 2001 From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> Date: Tue, 6 Apr 2021 18:02:10 +0200 Subject: :art: Convert id bigint to string --- src/middlewares/Authentication.ts | 2 +- src/routes/auth/login.ts | 17 ++++++++++++----- src/routes/auth/register.ts | 22 ++++++++++++++++++---- src/routes/channels/#channel_id/invites.ts | 4 ++-- .../channels/#channel_id/messages/bulk-delete.ts | 6 +++--- src/routes/channels/#channel_id/messages/index.ts | 10 +++++----- src/routes/guilds/#id/bans.ts | 14 +++++++------- src/routes/guilds/#id/channels.ts | 4 ++-- src/routes/guilds/#id/index.ts | 6 +++--- src/routes/guilds/#id/members.ts | 10 +++++----- src/routes/users/@me/guilds.ts | 2 +- src/schema/Channel.ts | 10 +++++----- src/schema/Guild.ts | 14 +++++++------- src/schema/Message.ts | 12 ++++++------ src/test/mongo_test.ts | 5 ++--- src/util/Config.ts | 2 +- src/util/Member.ts | 4 ++-- src/util/User.ts | 2 +- 18 files changed, 83 insertions(+), 63 deletions(-) (limited to 'src/routes') diff --git a/src/middlewares/Authentication.ts b/src/middlewares/Authentication.ts index 595bcf73..f2cd438c 100644 --- a/src/middlewares/Authentication.ts +++ b/src/middlewares/Authentication.ts @@ -29,7 +29,7 @@ export async function Authentication(req: Request, res: Response, next: NextFunc const decoded: any = await checkToken(req.headers.authorization); req.token = decoded; - req.user_id = BigInt(decoded.id); + req.user_id = decoded.id; return next(); } catch (error) { return next(new HTTPError(error.toString(), 400)); diff --git a/src/routes/auth/login.ts b/src/routes/auth/login.ts index b0936104..3c279319 100644 --- a/src/routes/auth/login.ts +++ b/src/routes/auth/login.ts @@ -25,12 +25,20 @@ router.post( const query: any[] = [{ phone: login }]; if (email) query.push({ email }); - // * MongoDB Specific query for user with same email or phone number const user = await UserModel.findOne( { $or: query, }, - `user_data.hash id user_settings.locale user_settings.theme` + { + id: true, + user_settings: { + locale: true, + theme: true, + }, + user_data: { + hash: true, + }, + } ).exec(); if (!user) { @@ -57,13 +65,13 @@ router.post( } ); -export async function generateToken(id: bigint) { +export async function generateToken(id: string) { const iat = Math.floor(Date.now() / 1000); const algorithm = "HS256"; return new Promise((res, rej) => { jwt.sign( - { id: `${id}`, iat }, + { id: id, iat }, Config.get().security.jwtSecret, { algorithm, @@ -80,7 +88,6 @@ export async function generateToken(id: bigint) { * POST /auth/login * @argument { login: "email@gmail.com", password: "cleartextpassword", undelete: false, captcha_key: null, login_source: null, gift_code_sku_id: null, } - * MFA required: * @returns {"token": null, "mfa": true, "sms": true, "ticket": "SOME TICKET JWT TOKEN"} diff --git a/src/routes/auth/register.ts b/src/routes/auth/register.ts index 9543e814..5fbe610e 100644 --- a/src/routes/auth/register.ts +++ b/src/routes/auth/register.ts @@ -166,10 +166,9 @@ router.post( } // TODO: save date_of_birth + // appearently discord doesn't save the date of birth and just calculate if nsfw is allowed + // if nsfw_allowed is null/undefined it'll require date_of_birth to set it to true/false - // constructing final user object - // TODO fix: - // @ts-ignore const user: User = { id: Snowflake.generate(), created_at: new Date(), @@ -178,10 +177,25 @@ router.post( avatar: null, bot: false, system: false, + desktop: false, + mobile: false, + premium: false, + premium_type: 0, + phone: undefined, mfa_enabled: false, verified: false, + presence: { + activities: [], + client_status: { + desktop: undefined, + mobile: undefined, + web: undefined, + }, + status: "offline", + }, email: adjusted_email, nsfw_allowed: true, // TODO: depending on age + public_flags: 0n, flags: 0n, // TODO: generate default flags guilds: [], user_data: { @@ -233,7 +247,7 @@ router.post( }; // insert user into database - await new UserModel(user).save({}); + await new UserModel(user).save(); return res.json({ token: await generateToken(user.id) }); } diff --git a/src/routes/channels/#channel_id/invites.ts b/src/routes/channels/#channel_id/invites.ts index c9910ae2..adfb0688 100644 --- a/src/routes/channels/#channel_id/invites.ts +++ b/src/routes/channels/#channel_id/invites.ts @@ -13,7 +13,7 @@ const router: Router = Router(); router.post("/", check(InviteCreateSchema), async (req: Request, res: Response) => { const usID = req.user_id; - const chID = BigInt(req.params.channel_id); + const chID = req.params.channel_id; const channel = await ChannelModel.findOne({ id: chID }).exec(); if (!channel || !channel.guild_id) { @@ -47,7 +47,7 @@ router.post("/", check(InviteCreateSchema), async (req: Request, res: Response) router.get("/", async (req: Request, res: Response) => { const usID = req.user_id; - const chID = BigInt(req.params.channel_id); + const chID = req.params.channel_id; const channel = await ChannelModel.findOne({ id: chID }).exec(); if (!channel || !channel.guild_id) { diff --git a/src/routes/channels/#channel_id/messages/bulk-delete.ts b/src/routes/channels/#channel_id/messages/bulk-delete.ts index f5c9afc7..89e9d720 100644 --- a/src/routes/channels/#channel_id/messages/bulk-delete.ts +++ b/src/routes/channels/#channel_id/messages/bulk-delete.ts @@ -12,8 +12,8 @@ export default router; // TODO: should users be able to bulk delete messages or only bots? // TODO: should this request fail, if you provide messages older than 14 days/invalid ids? // https://discord.com/developers/docs/resources/channel#bulk-delete-messages -router.post("/", check({ messages: [BigInt] }), async (req, res) => { - const channel_id = BigInt(req.params.channel_id); +router.post("/", check({ messages: [String] }), async (req, res) => { + const channel_id = req.params.channel_id const channel = await ChannelModel.findOne({ id: channel_id }, { permission_overwrites: true, guild_id: true }).exec(); if (!channel?.guild_id) throw new HTTPError("Can't bulk delete dm channel messages", 400); @@ -22,7 +22,7 @@ router.post("/", check({ messages: [BigInt] }), async (req, res) => { const { maxBulkDelete } = Config.get().limits.message; - const { messages } = req.body as { messages: bigint[] }; + const { messages } = req.body as { messages: string[] }; if (messages.length < 2) throw new HTTPError("You must at least specify 2 messages to bulk delete"); if (messages.length > maxBulkDelete) throw new HTTPError(`You cannot delete more than ${maxBulkDelete} messages`); diff --git a/src/routes/channels/#channel_id/messages/index.ts b/src/routes/channels/#channel_id/messages/index.ts index 13c819b4..0b91a977 100644 --- a/src/routes/channels/#channel_id/messages/index.ts +++ b/src/routes/channels/#channel_id/messages/index.ts @@ -27,23 +27,23 @@ function isTextChannel(type: ChannelType): boolean { // https://discord.com/developers/docs/resources/channel#create-message // get messages router.get("/", async (req, res) => { - const channel_id = BigInt(req.params.channel_id); + const channel_id = req.params.channel_id; const channel = await ChannelModel.findOne({ id: channel_id }, { guild_id: true, type: true, permission_overwrites: true }).exec(); if (!channel) throw new HTTPError("Channel not found", 404); isTextChannel(channel.type); try { - instanceOf({ $around: BigInt, $after: BigInt, $before: BigInt, $limit: new Length(Number, 1, 100) }, req.query, { + instanceOf({ $around: String, $after: String, $before: String, $limit: new Length(Number, 1, 100) }, req.query, { path: "query", req, }); } catch (error) { return res.status(400).json({ code: 50035, message: "Invalid Query", success: false, errors: error }); } - var { around, after, before, limit }: { around?: bigint; after?: bigint; before?: bigint; limit?: number } = req.query; + var { around, after, before, limit }: { around?: string; after?: string; before?: string; limit?: number } = req.query; if (!limit) limit = 50; - var halfLimit = BigInt(Math.floor(limit / 2)); + var halfLimit = Math.floor(limit / 2); if ([ChannelType.GUILD_VOICE, ChannelType.GUILD_CATEGORY, ChannelType.GUILD_STORE].includes(channel.type)) throw new HTTPError("Not a text channel"); @@ -89,7 +89,7 @@ const messageUpload = multer({ limits: { fieldSize: 1024 * 1024 * 1024 * 50 } }) // TODO: trim and replace message content and every embed field // Send message router.post("/", check(MessageCreateSchema), async (req, res) => { - const channel_id = BigInt(req.params.channel_id); + const channel_id = req.params.channel_id; const body = req.body as MessageCreateSchema; const channel = await ChannelModel.findOne({ id: channel_id }, { guild_id: true, type: true, permission_overwrites: true }).exec(); diff --git a/src/routes/guilds/#id/bans.ts b/src/routes/guilds/#id/bans.ts index ba062a44..e66ae3d4 100644 --- a/src/routes/guilds/#id/bans.ts +++ b/src/routes/guilds/#id/bans.ts @@ -11,7 +11,7 @@ import { getPublicUser } from "../../../util/User"; const router: Router = Router(); router.get("/", async (req: Request, res: Response) => { - const guild_id = BigInt(req.params.id); + const guild_id = req.params.id; const guild = await GuildModel.findOne({ id: guild_id }).exec(); if (!guild) throw new HTTPError("Guild not found", 404); @@ -21,8 +21,8 @@ router.get("/", async (req: Request, res: Response) => { }); router.get("/:user", async (req: Request, res: Response) => { - const guild_id = BigInt(req.params.id); - const user_id = BigInt(req.params.ban); + const guild_id = req.params.id; + const user_id = req.params.ban; var ban = await BanModel.findOne({ guild_id: guild_id, user_id: user_id }).exec(); if (!ban) throw new HTTPError("Ban not found", 404); @@ -30,8 +30,8 @@ router.get("/:user", async (req: Request, res: Response) => { }); router.post("/:user_id", check(BanCreateSchema), async (req: Request, res: Response) => { - const guild_id = BigInt(req.params.id); - const banned_user_id = BigInt(req.params.user_id); + const guild_id = req.params.id; + const banned_user_id = req.params.user_id; const banned_user = await getPublicUser(banned_user_id); const perms = await getPermission(req.user_id, guild_id); @@ -61,8 +61,8 @@ router.post("/:user_id", check(BanCreateSchema), async (req: Request, res: Respo }); router.delete("/:user_id", async (req: Request, res: Response) => { - var guild_id = BigInt(req.params.id); - var banned_user_id = BigInt(req.params.user_id); + var guild_id = req.params.id; + var banned_user_id = req.params.user_id; const banned_user = await getPublicUser(banned_user_id); const guild = await GuildModel.findOne({ id: guild_id }, { id: true }).exec(); diff --git a/src/routes/guilds/#id/channels.ts b/src/routes/guilds/#id/channels.ts index df41ec41..cd03fdbb 100644 --- a/src/routes/guilds/#id/channels.ts +++ b/src/routes/guilds/#id/channels.ts @@ -6,14 +6,14 @@ import { check } from "../../../util/instanceOf"; const router = Router(); router.get("/", async (req, res) => { - const guild_id = BigInt(req.params.id); + const guild_id = (req.params.id); const channels = await ChannelModel.find({ guild_id }).lean().exec(); res.json(channels); }); router.post("/", check(ChannelModifySchema), async (req, res) => { - const guild_id = BigInt(req.params.id); + const guild_id = (req.params.id); const body = req.body as ChannelModifySchema; if (!body.permission_overwrites) body.permission_overwrites = []; if (!body.topic) body.topic = ""; diff --git a/src/routes/guilds/#id/index.ts b/src/routes/guilds/#id/index.ts index 9b5ce313..385904f6 100644 --- a/src/routes/guilds/#id/index.ts +++ b/src/routes/guilds/#id/index.ts @@ -19,7 +19,7 @@ import { check } from "../../../util/instanceOf"; const router = Router(); router.get("/", async (req: Request, res: Response) => { - const guild_id = BigInt(req.params.id); + const guild_id = req.params.id; const guild = await GuildModel.findOne({ id: guild_id }).exec(); if (!guild) throw new HTTPError("Guild does not exist", 404); @@ -32,7 +32,7 @@ router.get("/", async (req: Request, res: Response) => { router.patch("/", check(GuildUpdateSchema), async (req: Request, res: Response) => { const body = req.body as GuildUpdateSchema; - const guild_id = BigInt(req.params.id); + const guild_id = req.params.id; const guild = await GuildModel.findOne({ id: guild_id }).exec(); if (!guild) throw new HTTPError("This guild does not exist", 404); @@ -45,7 +45,7 @@ router.patch("/", check(GuildUpdateSchema), async (req: Request, res: Response) }); router.delete("/", async (req: Request, res: Response) => { - var guild_id = BigInt(req.params.id); + var guild_id = req.params.id; const guild = await GuildModel.findOne({ id: guild_id }, "owner_id").exec(); if (!guild) throw new HTTPError("This guild does not exist", 404); diff --git a/src/routes/guilds/#id/members.ts b/src/routes/guilds/#id/members.ts index 25889e2e..f95bd313 100644 --- a/src/routes/guilds/#id/members.ts +++ b/src/routes/guilds/#id/members.ts @@ -10,12 +10,12 @@ const router = Router(); // TODO: not allowed for user -> only allowed for bots with privileged intents // TODO: send over websocket router.get("/", async (req: Request, res: Response) => { - const guild_id = BigInt(req.params.id); + const guild_id = req.params.id; const guild = await GuildModel.findOne({ id: guild_id }).exec(); if (!guild) throw new HTTPError("Guild not found", 404); try { - instanceOf({ $limit: new Length(Number, 1, 1000), $after: BigInt }, req.query, { + instanceOf({ $limit: new Length(Number, 1, 1000), $after: String }, req.query, { path: "query", req, ref: { obj: null, key: "" }, @@ -26,7 +26,7 @@ router.get("/", async (req: Request, res: Response) => { // @ts-ignore if (!req.query.limit) req.query.limit = 1; - const { limit, after } = (req.query) as { limit: number; after: bigint }; + const { limit, after } = (req.query) as { limit: number; after: string }; const query = after ? { id: { $gt: after } } : {}; var members = await MemberModel.find({ guild_id, ...query }, PublicMemberProjection) @@ -39,8 +39,8 @@ router.get("/", async (req: Request, res: Response) => { }); router.get("/:member", async (req: Request, res: Response) => { - const guild_id = BigInt(req.params.id); - const user_id = BigInt(req.params.member); + const guild_id = req.params.id; + const user_id = req.params.member; const member = await MemberModel.findOne({ id: user_id, guild_id }).populate({ path: "user", select: PublicUserProjection }).exec(); if (!member) throw new HTTPError("Member not found", 404); diff --git a/src/routes/users/@me/guilds.ts b/src/routes/users/@me/guilds.ts index 1b87b51d..6b9243ac 100644 --- a/src/routes/users/@me/guilds.ts +++ b/src/routes/users/@me/guilds.ts @@ -19,7 +19,7 @@ router.get("/", async (req: Request, res: Response) => { // user send to leave a certain guild router.delete("/:id", async (req: Request, res: Response) => { - const guildID = BigInt(req.params.id); + const guildID = (req.params.id); const guild = await GuildModel.findOne({ id: guildID }).exec(); if (!guild) throw new HTTPError("Guild doesn't exist", 404); diff --git a/src/schema/Channel.ts b/src/schema/Channel.ts index 2e7d1214..0fafc54d 100644 --- a/src/schema/Channel.ts +++ b/src/schema/Channel.ts @@ -10,7 +10,7 @@ export const ChannelModifySchema = { $position: Number, $permission_overwrites: [ { - id: BigInt, + id: String, type: new Length(Number, 0, 1), // either 0 (role) or 1 (member) allow: BigInt, deny: BigInt, @@ -29,23 +29,23 @@ export interface ChannelModifySchema { rate_limit_per_user?: Number; position?: number; permission_overwrites?: { - id: bigint; + id: string; type: number; allow: bigint; deny: bigint; }[]; - parent_id?: bigint; + parent_id?: string; nsfw?: boolean; } export const ChannelGuildPositionUpdateSchema = [ { - id: BigInt, + id: String, $position: Number, }, ]; export type ChannelGuildPositionUpdateSchema = { - id: bigint; + id: string; position?: number; }[]; diff --git a/src/schema/Guild.ts b/src/schema/Guild.ts index d8c3431d..6527f35d 100644 --- a/src/schema/Guild.ts +++ b/src/schema/Guild.ts @@ -7,7 +7,7 @@ export const GuildCreateSchema = { $icon: String, $channels: [Object], $guild_template_code: String, - $system_channel_id: BigInt, + $system_channel_id: String, }; export interface GuildCreateSchema { @@ -16,7 +16,7 @@ export interface GuildCreateSchema { icon?: string; channels?: GuildChannel[]; guild_template_code?: string; - system_channel_id?: bigint; + system_channel_id?: string; } export const GuildUpdateSchema = { @@ -29,11 +29,11 @@ export const GuildUpdateSchema = { $verification_level: Number, $default_message_notifications: Number, $system_channel_flags: Number, - $system_channel_id: BigInt, + $system_channel_id: String, $explicit_content_filter: Number, - $public_updates_channel_id: BigInt, + $public_updates_channel_id: String, $afk_timeout: Number, - $afk_channel_id: BigInt, + $afk_channel_id: String, }; // @ts-ignore delete GuildUpdateSchema.$channels; @@ -47,9 +47,9 @@ export interface GuildUpdateSchema extends Omit { default_message_notifications?: number; system_channel_flags?: number; explicit_content_filter?: number; - public_updates_channel_id?: bigint; + public_updates_channel_id?: string; afk_timeout?: number; - afk_channel_id?: bigint; + afk_channel_id?: string; } export const GuildGetSchema = { diff --git a/src/schema/Message.ts b/src/schema/Message.ts index 4ae6c136..0c682a00 100644 --- a/src/schema/Message.ts +++ b/src/schema/Message.ts @@ -44,9 +44,9 @@ export const MessageCreateSchema = { }, $allowed_mentions: [], $message_reference: { - message_id: BigInt, - channel_id: BigInt, - $guild_id: BigInt, + message_id: String, + channel_id: String, + $guild_id: String, $fail_if_not_exists: Boolean, }, $payload_json: String, @@ -60,9 +60,9 @@ export interface MessageCreateSchema { embed?: Embed & { timestamp: string }; allowed_mentions?: []; message_reference?: { - message_id: bigint; - channel_id: bigint; - guild_id?: bigint; + message_id: string; + channel_id: string; + guild_id?: string; fail_if_not_exists: boolean; }; payload_json?: string; diff --git a/src/test/mongo_test.ts b/src/test/mongo_test.ts index f1a7f3f6..44b04c5b 100644 --- a/src/test/mongo_test.ts +++ b/src/test/mongo_test.ts @@ -1,13 +1,12 @@ import mongoose, { Schema, Types } from "mongoose"; -import { Long as MongoTypeLong } from "mongodb"; require("mongoose-long")(mongoose); const userSchema = new Schema({ - id: MongoTypeLong, + id: String, }); const messageSchema = new Schema({ - id: MongoTypeLong, + id: String, content: String, }); const message = mongoose.model("message", messageSchema, "messages"); diff --git a/src/util/Config.ts b/src/util/Config.ts index a9cbddde..60d83e1a 100644 --- a/src/util/Config.ts +++ b/src/util/Config.ts @@ -23,7 +23,7 @@ export interface RateLimit { export interface DefaultOptions { general: { - instance_id: bigint; + instance_id: string; }; permissions: { user: { diff --git a/src/util/Member.ts b/src/util/Member.ts index 2b268597..3ce06962 100644 --- a/src/util/Member.ts +++ b/src/util/Member.ts @@ -25,7 +25,7 @@ export const PublicMemberProjection = { premium_since: true, }; -export async function addMember(user_id: bigint, guild_id: bigint, cache?: { guild?: Guild }) { +export async function addMember(user_id: string, guild_id: string, cache?: { guild?: Guild }) { const user = await getPublicUser(user_id, { guilds: true }); const guildSize = user.guilds.length; @@ -83,7 +83,7 @@ export async function addMember(user_id: bigint, guild_id: bigint, cache?: { gui ]); } -export async function removeMember(user_id: bigint, guild_id: bigint) { +export async function removeMember(user_id: string, guild_id: string) { const user = await getPublicUser(user_id); const guild = await GuildModel.findOne({ id: guild_id }, { owner_id: true }).exec(); diff --git a/src/util/User.ts b/src/util/User.ts index 3658e46d..70098bb5 100644 --- a/src/util/User.ts +++ b/src/util/User.ts @@ -9,7 +9,7 @@ export const PublicUserProjection = { avatar: true, }; -export async function getPublicUser(user_id: bigint, additional_fields?: any) { +export async function getPublicUser(user_id: string, additional_fields?: any) { const user = await UserModel.findOne( { id: user_id }, { -- cgit 1.5.1 From fbeb7ce8f83624a4f2edfe2eb1a6bf76e593fc7d Mon Sep 17 00:00:00 2001 From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> Date: Tue, 6 Apr 2021 18:07:18 +0200 Subject: :bug: fix bigint id in message route --- package-lock.json | 4 ++-- src/routes/channels/#channel_id/messages/index.ts | 6 +++++- 2 files changed, 7 insertions(+), 3 deletions(-) (limited to 'src/routes') diff --git a/package-lock.json b/package-lock.json index ba585fb6..f17afe1c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -4614,7 +4614,7 @@ }, "node_modules/fosscord-server-util": { "version": "1.0.0", - "resolved": "git+ssh://git@github.com/fosscord/fosscord-server-util.git#770b07400e282c5e06fe0638d791139e3984f50f", + "resolved": "git+ssh://git@github.com/fosscord/fosscord-server-util.git#3205dc6f6080422b8d2f727fe9e4573b493ffbb1", "license": "ISC", "dependencies": { "jsonwebtoken": "^8.5.1", @@ -16151,7 +16151,7 @@ "integrity": "sha1-mMI9qxF1ZXuMBXPozszZGw/xjIQ=" }, "fosscord-server-util": { - "version": "git+ssh://git@github.com/fosscord/fosscord-server-util.git#770b07400e282c5e06fe0638d791139e3984f50f", + "version": "git+ssh://git@github.com/fosscord/fosscord-server-util.git#3205dc6f6080422b8d2f727fe9e4573b493ffbb1", "from": "fosscord-server-util@github:fosscord/fosscord-server-util", "requires": { "jsonwebtoken": "^8.5.1", diff --git a/src/routes/channels/#channel_id/messages/index.ts b/src/routes/channels/#channel_id/messages/index.ts index 0b91a977..4b9d96a1 100644 --- a/src/routes/channels/#channel_id/messages/index.ts +++ b/src/routes/channels/#channel_id/messages/index.ts @@ -60,7 +60,11 @@ router.get("/", async (req, res) => { var query: any; if (after) query = MessageModel.find({ channel_id, id: { $gt: after } }); else if (before) query = MessageModel.find({ channel_id, id: { $lt: before } }); - else if (around) query = MessageModel.find({ channel_id, id: { $gt: around - halfLimit, $lt: around + halfLimit } }); + else if (around) + query = MessageModel.find({ + channel_id, + id: { $gt: (BigInt(around) - BigInt(halfLimit)).toString(), $lt: (BigInt(around) + BigInt(halfLimit)).toString() }, + }); else { query = MessageModel.find({ channel_id }).sort({ id: -1 }); } -- cgit 1.5.1 From b4655503c8aa06bda7dc7680d96626447f88c0d2 Mon Sep 17 00:00:00 2001 From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> Date: Tue, 6 Apr 2021 20:51:14 +0200 Subject: :bug: revert login --- src/routes/auth/login.ts | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) (limited to 'src/routes') diff --git a/src/routes/auth/login.ts b/src/routes/auth/login.ts index 3c279319..cc2b6202 100644 --- a/src/routes/auth/login.ts +++ b/src/routes/auth/login.ts @@ -29,16 +29,7 @@ router.post( { $or: query, }, - { - id: true, - user_settings: { - locale: true, - theme: true, - }, - user_data: { - hash: true, - }, - } + `user_data.hash id user_settings.locale user_settings.theme` ).exec(); if (!user) { -- cgit 1.5.1 From f1a52912bd890868ac110389b7d4ddf0cb76d1b9 Mon Sep 17 00:00:00 2001 From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> Date: Tue, 6 Apr 2021 20:51:26 +0200 Subject: :bug: fix message --- package-lock.json | 8 ++++---- package.json | 2 +- src/routes/channels/#channel_id/messages/index.ts | 6 ++++-- 3 files changed, 9 insertions(+), 7 deletions(-) (limited to 'src/routes') diff --git a/package-lock.json b/package-lock.json index 2ea05fa2..d6182d2b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16,7 +16,7 @@ "dotenv": "^8.2.0", "express": "^4.17.1", "express-validator": "^6.9.2", - "fosscord-server-util": "github:fosscord/fosscord-server-util#35da56a", + "fosscord-server-util": "github:fosscord/fosscord-server-util", "i18next": "^19.8.5", "i18next-http-middleware": "^3.1.0", "i18next-node-fs-backend": "^2.1.3", @@ -4614,7 +4614,7 @@ }, "node_modules/fosscord-server-util": { "version": "1.0.0", - "resolved": "git+ssh://git@github.com/fosscord/fosscord-server-util.git#35da56a905da28d8114225f2cec2b2c7a4166de6", + "resolved": "git+ssh://git@github.com/fosscord/fosscord-server-util.git#41e72689476c639aa686074c9bb22d1cb04a6fc4", "license": "ISC", "dependencies": { "jsonwebtoken": "^8.5.1", @@ -16151,8 +16151,8 @@ "integrity": "sha1-mMI9qxF1ZXuMBXPozszZGw/xjIQ=" }, "fosscord-server-util": { - "version": "git+ssh://git@github.com/fosscord/fosscord-server-util.git#35da56a905da28d8114225f2cec2b2c7a4166de6", - "from": "fosscord-server-util@github:fosscord/fosscord-server-util#35da56a", + "version": "git+ssh://git@github.com/fosscord/fosscord-server-util.git#41e72689476c639aa686074c9bb22d1cb04a6fc4", + "from": "fosscord-server-util@github:fosscord/fosscord-server-util", "requires": { "jsonwebtoken": "^8.5.1", "lambert-db": "^1.1.7", diff --git a/package.json b/package.json index 52cb5222..f0b540e7 100644 --- a/package.json +++ b/package.json @@ -28,7 +28,7 @@ "dotenv": "^8.2.0", "express": "^4.17.1", "express-validator": "^6.9.2", - "fosscord-server-util": "github:fosscord/fosscord-server-util#35da56a", + "fosscord-server-util": "github:fosscord/fosscord-server-util", "i18next": "^19.8.5", "i18next-http-middleware": "^3.1.0", "i18next-node-fs-backend": "^2.1.3", diff --git a/src/routes/channels/#channel_id/messages/index.ts b/src/routes/channels/#channel_id/messages/index.ts index 4b9d96a1..7b4b3ec0 100644 --- a/src/routes/channels/#channel_id/messages/index.ts +++ b/src/routes/channels/#channel_id/messages/index.ts @@ -98,6 +98,7 @@ router.post("/", check(MessageCreateSchema), async (req, res) => { const channel = await ChannelModel.findOne({ id: channel_id }, { guild_id: true, type: true, permission_overwrites: true }).exec(); if (!channel) throw new HTTPError("Channel not found", 404); + // TODO: are tts messages allowed in dm channels? should permission be checked? if (channel.guild_id) { const permissions = await getPermission(req.user_id, channel.guild_id, channel_id, { channel }); @@ -113,7 +114,7 @@ router.post("/", check(MessageCreateSchema), async (req, res) => { if (body.message_reference) { if (body.message_reference.channel_id !== channel_id) throw new HTTPError("You can only reference messages from this channel"); - // TODO: should it be checked if the message exists? + // TODO: should be checked if the referenced message exists? } const embeds = []; @@ -124,7 +125,7 @@ router.post("/", check(MessageCreateSchema), async (req, res) => { channel_id, guild_id: channel.guild_id, author_id: req.user_id, - content: req.body, + content: body.content, timestamp: new Date(), mention_channels_ids: [], mention_role_ids: [], @@ -133,6 +134,7 @@ router.post("/", check(MessageCreateSchema), async (req, res) => { embeds: [], reactions: [], type: 0, + tts: body.tts, }; await new MessageModel(message).save(); -- cgit 1.5.1 From b32beb0b9c9f19a3444d87aa7369912e54befa90 Mon Sep 17 00:00:00 2001 From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> Date: Wed, 7 Apr 2021 03:03:27 +0200 Subject: :bug: fix lean not working with virtuals --- src/routes/channels/#channel_id/invites.ts | 35 ++++++++++++----------- src/routes/channels/#channel_id/messages/index.ts | 18 +++++++++--- src/routes/guilds/#id/bans.ts | 6 ++-- src/routes/guilds/#id/channels.ts | 13 +++++---- src/routes/guilds/#id/members.ts | 5 ++-- src/routes/users/@me/guilds.ts | 10 +++---- src/util/User.ts | 8 ++---- 7 files changed, 52 insertions(+), 43 deletions(-) (limited to 'src/routes') diff --git a/src/routes/channels/#channel_id/invites.ts b/src/routes/channels/#channel_id/invites.ts index adfb0688..da802800 100644 --- a/src/routes/channels/#channel_id/invites.ts +++ b/src/routes/channels/#channel_id/invites.ts @@ -7,21 +7,21 @@ import { emitEvent } from "../../../util/Event"; import { InviteCreateSchema } from "../../../schema/Invite"; -import { getPermission, ChannelModel, InviteModel, InviteCreateEvent } from "fosscord-server-util"; +import { getPermission, ChannelModel, InviteModel, InviteCreateEvent, toObject } from "fosscord-server-util"; const router: Router = Router(); router.post("/", check(InviteCreateSchema), async (req: Request, res: Response) => { - const usID = req.user_id; - const chID = req.params.channel_id; - const channel = await ChannelModel.findOne({ id: chID }).exec(); + const { user_id } = req; + const { channel_id } = req.params; + const channel = await ChannelModel.findOne({ id: channel_id }).exec(); if (!channel || !channel.guild_id) { throw new HTTPError("This channel doesn't exist", 404); } - const { guild_id: guID } = channel; + const { guild_id } = channel; - const permission = await getPermission(usID, guID); + const permission = await getPermission(user_id, guild_id); if (!permission.has("CREATE_INSTANT_INVITE")) { throw new HTTPError("You aren't authorised to access this endpoint", 401); @@ -34,34 +34,35 @@ router.post("/", check(InviteCreateSchema), async (req: Request, res: Response) max_uses: req.body.max_uses, max_age: req.body.max_age, created_at: new Date(), - guild_id: guID, - channel_id: chID, - inviter_id: usID, + guild_id, + channel_id: channel_id, + inviter_id: user_id, }; await new InviteModel(invite).save(); - await emitEvent({ event: "INVITE_CREATE", data: invite } as InviteCreateEvent); + await emitEvent({ event: "INVITE_CREATE", data: invite, guild_id } as InviteCreateEvent); res.status(201).send(invite); }); router.get("/", async (req: Request, res: Response) => { - const usID = req.user_id; - const chID = req.params.channel_id; - const channel = await ChannelModel.findOne({ id: chID }).exec(); + const { user_id } = req; + const { channel_id } = req.params; + const channel = await ChannelModel.findOne({ id: channel_id }).exec(); if (!channel || !channel.guild_id) { throw new HTTPError("This channel doesn't exist", 404); } - const { guild_id: guID } = channel; - const permission = await getPermission(usID, guID); + const { guild_id } = channel; + const permission = await getPermission(user_id, guild_id); if (!permission.has("MANAGE_CHANNELS")) { throw new HTTPError("You aren't authorised to access this endpoint", 401); } - const invites = await InviteModel.find({ guild_id: guID }).lean().exec(); - res.status(200).send(invites); + const invites = await InviteModel.find({ guild_id }).exec(); + + res.status(200).send(toObject(invites)); }); export default router; diff --git a/src/routes/channels/#channel_id/messages/index.ts b/src/routes/channels/#channel_id/messages/index.ts index 7b4b3ec0..cba1d7f0 100644 --- a/src/routes/channels/#channel_id/messages/index.ts +++ b/src/routes/channels/#channel_id/messages/index.ts @@ -1,11 +1,22 @@ import { Router } from "express"; -import { ChannelModel, ChannelType, getPermission, Message, MessageCreateEvent, MessageModel, Snowflake } from "fosscord-server-util"; +import { + ChannelModel, + ChannelType, + getPermission, + Message, + MessageCreateEvent, + MessageDocument, + MessageModel, + Snowflake, + toObject, +} from "fosscord-server-util"; import { HTTPError } from "lambert-server"; import { MessageCreateSchema } from "../../../../schema/Message"; import { check, instanceOf, Length } from "../../../../util/instanceOf"; import { PublicUserProjection } from "../../../../util/User"; import multer from "multer"; import { emitEvent } from "../../../../util/Event"; +import { Query } from "mongoose"; const router: Router = Router(); export default router; @@ -57,7 +68,7 @@ router.get("/", async (req, res) => { if (!channel.recipients.includes(req.user_id)) throw new HTTPError("You don't have permission to view this channel", 401); } - var query: any; + var query: Query; if (after) query = MessageModel.find({ channel_id, id: { $gt: after } }); else if (before) query = MessageModel.find({ channel_id, id: { $lt: before } }); else if (around) @@ -76,10 +87,9 @@ router.get("/", async (req, res) => { .populate({ path: "mention_channels", select: { id: true, guild_id: true, type: true, name: true } }) .populate("mention_roles") // .populate({ path: "member", select: PublicMemberProjection }) - .lean() .exec(); - return res.json(messages); + return res.json(toObject(messages)); }); // TODO: config max upload size diff --git a/src/routes/guilds/#id/bans.ts b/src/routes/guilds/#id/bans.ts index e66ae3d4..5ac92154 100644 --- a/src/routes/guilds/#id/bans.ts +++ b/src/routes/guilds/#id/bans.ts @@ -1,5 +1,5 @@ import { Request, Response, Router } from "express"; -import { BanModel, getPermission, GuildBanAddEvent, GuildBanRemoveEvent, GuildModel } from "fosscord-server-util"; +import { BanModel, getPermission, GuildBanAddEvent, GuildBanRemoveEvent, GuildModel, toObject } from "fosscord-server-util"; import { HTTPError } from "lambert-server"; import { getIpAdress } from "../../../middlewares/GlobalRateLimit"; import { BanCreateSchema } from "../../../schema/Ban"; @@ -16,8 +16,8 @@ router.get("/", async (req: Request, res: Response) => { const guild = await GuildModel.findOne({ id: guild_id }).exec(); if (!guild) throw new HTTPError("Guild not found", 404); - var bans = await BanModel.find({ guild_id: guild_id }).lean().exec(); - return res.json(bans); + var bans = await BanModel.find({ guild_id: guild_id }).exec(); + return res.json(toObject(bans)); }); router.get("/:user", async (req: Request, res: Response) => { diff --git a/src/routes/guilds/#id/channels.ts b/src/routes/guilds/#id/channels.ts index cd03fdbb..b949def0 100644 --- a/src/routes/guilds/#id/channels.ts +++ b/src/routes/guilds/#id/channels.ts @@ -1,19 +1,20 @@ import { Router } from "express"; -import { ChannelModel, ChannelType, GuildModel, Snowflake } from "fosscord-server-util"; +import { ChannelCreateEvent, ChannelModel, ChannelType, GuildModel, Snowflake, toObject } from "fosscord-server-util"; import { HTTPError } from "lambert-server"; import { ChannelModifySchema } from "../../../schema/Channel"; +import { emitEvent } from "../../../util/Event"; import { check } from "../../../util/instanceOf"; const router = Router(); router.get("/", async (req, res) => { - const guild_id = (req.params.id); - const channels = await ChannelModel.find({ guild_id }).lean().exec(); + const guild_id = req.params.id; + const channels = await ChannelModel.find({ guild_id }).exec(); - res.json(channels); + res.json(toObject(channels)); }); router.post("/", check(ChannelModifySchema), async (req, res) => { - const guild_id = (req.params.id); + const guild_id = req.params.id; const body = req.body as ChannelModifySchema; if (!body.permission_overwrites) body.permission_overwrites = []; if (!body.topic) body.topic = ""; @@ -45,6 +46,8 @@ router.post("/", check(ChannelModifySchema), async (req, res) => { }; await new ChannelModel(channel).save(); + await emitEvent({ event: "CHANNEL_CREATE", data: channel, guild_id } as ChannelCreateEvent); + res.json(channel); }); diff --git a/src/routes/guilds/#id/members.ts b/src/routes/guilds/#id/members.ts index f95bd313..1c3cb33d 100644 --- a/src/routes/guilds/#id/members.ts +++ b/src/routes/guilds/#id/members.ts @@ -1,5 +1,5 @@ import { Request, Response, Router } from "express"; -import { GuildModel, MemberModel } from "fosscord-server-util"; +import { GuildModel, MemberModel, toObject } from "fosscord-server-util"; import { HTTPError } from "lambert-server"; import { instanceOf, Length } from "../../../util/instanceOf"; import { PublicMemberProjection } from "../../../util/Member"; @@ -32,10 +32,9 @@ router.get("/", async (req: Request, res: Response) => { var members = await MemberModel.find({ guild_id, ...query }, PublicMemberProjection) .limit(limit) .populate({ path: "user", select: PublicUserProjection }) - .lean() .exec(); - return res.json(members); + return res.json(toObject(members)); }); router.get("/:member", async (req: Request, res: Response) => { diff --git a/src/routes/users/@me/guilds.ts b/src/routes/users/@me/guilds.ts index 6b9243ac..e04107ac 100644 --- a/src/routes/users/@me/guilds.ts +++ b/src/routes/users/@me/guilds.ts @@ -1,5 +1,5 @@ import { Router, Request, Response } from "express"; -import { GuildModel, MemberModel, UserModel, GuildDeleteEvent, GuildMemberRemoveEvent } from "fosscord-server-util"; +import { GuildModel, MemberModel, UserModel, GuildDeleteEvent, GuildMemberRemoveEvent, toObject } from "fosscord-server-util"; import { HTTPError } from "lambert-server"; import { emitEvent } from "../../../util/Event"; import { getPublicUser } from "../../../util/User"; @@ -11,15 +11,13 @@ router.get("/", async (req: Request, res: Response) => { if (!user) throw new HTTPError("User not found", 404); var guildIDs = user.guilds || []; - var guild = await GuildModel.find({ id: { $in: guildIDs } }) - .lean() - .exec(); - res.json(guild); + var guild = await GuildModel.find({ id: { $in: guildIDs } }).exec(); + res.json(toObject(guild)); }); // user send to leave a certain guild router.delete("/:id", async (req: Request, res: Response) => { - const guildID = (req.params.id); + const guildID = req.params.id; const guild = await GuildModel.findOne({ id: guildID }).exec(); if (!guild) throw new HTTPError("Guild doesn't exist", 404); diff --git a/src/util/User.ts b/src/util/User.ts index 70098bb5..05213642 100644 --- a/src/util/User.ts +++ b/src/util/User.ts @@ -1,4 +1,4 @@ -import { UserModel } from "fosscord-server-util"; +import { toObject, UserModel } from "fosscord-server-util"; import { HTTPError } from "lambert-server"; export const PublicUserProjection = { @@ -16,9 +16,7 @@ export async function getPublicUser(user_id: string, additional_fields?: any) { ...PublicUserProjection, ...additional_fields, } - ) - .lean() - .exec(); + ).exec(); if (!user) throw new HTTPError("User not found", 404); - return user; + return toObject(user); } -- cgit 1.5.1 From 5540d7a9de1623d63fccc4486b2c0388c9cf7327 Mon Sep 17 00:00:00 2001 From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> Date: Wed, 7 Apr 2021 04:00:54 +0200 Subject: :bug: fix message route --- src/routes/channels/#channel_id/messages/index.ts | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'src/routes') diff --git a/src/routes/channels/#channel_id/messages/index.ts b/src/routes/channels/#channel_id/messages/index.ts index cba1d7f0..99f5fdcd 100644 --- a/src/routes/channels/#channel_id/messages/index.ts +++ b/src/routes/channels/#channel_id/messages/index.ts @@ -130,6 +130,7 @@ router.post("/", check(MessageCreateSchema), async (req, res) => { const embeds = []; if (body.embed) embeds.push(body.embed); + // TODO: check and put all in body in it const message: Message = { id: Snowflake.generate(), channel_id, @@ -145,9 +146,22 @@ router.post("/", check(MessageCreateSchema), async (req, res) => { reactions: [], type: 0, tts: body.tts, + nonce: body.nonce, }; - await new MessageModel(message).save(); + const doc = new MessageModel(message); + await doc.save(); - await emitEvent({ event: "MESSAGE_CREATE", channel_id, data: {} } as MessageCreateEvent); + const data = toObject( + await MessageModel.populate(doc, [ + { path: "author", select: PublicUserProjection }, + { path: "mentions", select: PublicUserProjection }, + { path: "mention_roles" }, + { path: "mention_channels", select: { id: true, guild_id: true, type: true, name: true } }, + ]) + ); + + await emitEvent({ event: "MESSAGE_CREATE", channel_id, data, guild_id: channel.guild_id } as MessageCreateEvent); + + return res.send(data); }); -- cgit 1.5.1 From cb499f0e98f40a1cbda0252280128c432788f63a Mon Sep 17 00:00:00 2001 From: Rafael Oliveira <52896767+notsapinho@users.noreply.github.com> Date: Wed, 7 Apr 2021 07:22:09 -0300 Subject: 🖥️ /science route MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/routes/science.ts | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 src/routes/science.ts (limited to 'src/routes') diff --git a/src/routes/science.ts b/src/routes/science.ts new file mode 100644 index 00000000..ab3ce58c --- /dev/null +++ b/src/routes/science.ts @@ -0,0 +1,10 @@ +import { Router } from "express"; + +const router = Router(); + +router.post("/", (req, res) => { + // TODO: + res.sendStatus(204); +}); + +export default router; -- cgit 1.5.1 From 3807648cdcd4004b04dedbb1204c4874b8ff3bda Mon Sep 17 00:00:00 2001 From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> Date: Wed, 7 Apr 2021 15:54:00 +0200 Subject: :bug: fix register route captcha required --- src/routes/auth/register.ts | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'src/routes') diff --git a/src/routes/auth/register.ts b/src/routes/auth/register.ts index 5fbe610e..5501203d 100644 --- a/src/routes/auth/register.ts +++ b/src/routes/auth/register.ts @@ -52,7 +52,7 @@ router.post( let discriminator = ""; // get register Config - const { register } = Config.get(); + const { register, security } = Config.get(); // check if registration is allowed if (!register.allowNewRegistration) { @@ -129,9 +129,9 @@ router.post( } } - if (register.requireCaptcha) { + if (register.requireCaptcha && security.captcha.enabled) { if (!captcha_key) { - const { sitekey, service } = Config.get().security.captcha; + const { sitekey, service } = security.captcha; return res.status(400).json({ captcha_key: ["captcha-required"], captcha_sitekey: sitekey, -- cgit 1.5.1 From 2a952755028789506f35e33a9f7477e8531c5382 Mon Sep 17 00:00:00 2001 From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> Date: Wed, 7 Apr 2021 20:25:37 +0200 Subject: :zap: use mongoose autopopulate --- src/routes/channels/#channel_id/messages/index.ts | 24 ++---- src/routes/guilds/#guild_id/bans.ts | 93 +++++++++++++++++++++++ src/routes/guilds/#guild_id/channels.ts | 54 +++++++++++++ src/routes/guilds/#guild_id/index.ts | 85 +++++++++++++++++++++ src/routes/guilds/#guild_id/members.ts | 53 +++++++++++++ src/routes/guilds/#id/bans.ts | 93 ----------------------- src/routes/guilds/#id/channels.ts | 54 ------------- src/routes/guilds/#id/index.ts | 73 ------------------ src/routes/guilds/#id/members.ts | 54 ------------- src/routes/users/@me/guilds.ts | 35 +++++---- src/util/Event.ts | 1 + src/util/Member.ts | 1 + 12 files changed, 312 insertions(+), 308 deletions(-) create mode 100644 src/routes/guilds/#guild_id/bans.ts create mode 100644 src/routes/guilds/#guild_id/channels.ts create mode 100644 src/routes/guilds/#guild_id/index.ts create mode 100644 src/routes/guilds/#guild_id/members.ts delete mode 100644 src/routes/guilds/#id/bans.ts delete mode 100644 src/routes/guilds/#id/channels.ts delete mode 100644 src/routes/guilds/#id/index.ts delete mode 100644 src/routes/guilds/#id/members.ts (limited to 'src/routes') diff --git a/src/routes/channels/#channel_id/messages/index.ts b/src/routes/channels/#channel_id/messages/index.ts index 99f5fdcd..4978b98a 100644 --- a/src/routes/channels/#channel_id/messages/index.ts +++ b/src/routes/channels/#channel_id/messages/index.ts @@ -17,6 +17,7 @@ import { PublicUserProjection } from "../../../../util/User"; import multer from "multer"; import { emitEvent } from "../../../../util/Event"; import { Query } from "mongoose"; +import { PublicMemberProjection } from "../../../../util/Member"; const router: Router = Router(); export default router; @@ -80,14 +81,7 @@ router.get("/", async (req, res) => { query = MessageModel.find({ channel_id }).sort({ id: -1 }); } - const messages = await query - .limit(limit) - .populate({ path: "author", select: PublicUserProjection }) - .populate({ path: "mentions", select: PublicUserProjection }) - .populate({ path: "mention_channels", select: { id: true, guild_id: true, type: true, name: true } }) - .populate("mention_roles") - // .populate({ path: "member", select: PublicMemberProjection }) - .exec(); + const messages = await query.limit(limit).exec(); return res.json(toObject(messages)); }); @@ -147,19 +141,11 @@ router.post("/", check(MessageCreateSchema), async (req, res) => { type: 0, tts: body.tts, nonce: body.nonce, + pinned: false, }; - const doc = new MessageModel(message); - await doc.save(); - - const data = toObject( - await MessageModel.populate(doc, [ - { path: "author", select: PublicUserProjection }, - { path: "mentions", select: PublicUserProjection }, - { path: "mention_roles" }, - { path: "mention_channels", select: { id: true, guild_id: true, type: true, name: true } }, - ]) - ); + const doc = await new MessageModel(message).populate({ path: "member", select: PublicMemberProjection }).save(); + const data = toObject(doc); await emitEvent({ event: "MESSAGE_CREATE", channel_id, data, guild_id: channel.guild_id } as MessageCreateEvent); diff --git a/src/routes/guilds/#guild_id/bans.ts b/src/routes/guilds/#guild_id/bans.ts new file mode 100644 index 00000000..3de80a32 --- /dev/null +++ b/src/routes/guilds/#guild_id/bans.ts @@ -0,0 +1,93 @@ +import { Request, Response, Router } from "express"; +import { BanModel, getPermission, GuildBanAddEvent, GuildBanRemoveEvent, GuildModel, toObject } from "fosscord-server-util"; +import { HTTPError } from "lambert-server"; +import { getIpAdress } from "../../../middlewares/GlobalRateLimit"; +import { BanCreateSchema } from "../../../schema/Ban"; +import { emitEvent } from "../../../util/Event"; +import { check } from "../../../util/instanceOf"; +import { removeMember } from "../../../util/Member"; +import { getPublicUser } from "../../../util/User"; + +const router: Router = Router(); + +router.get("/", async (req: Request, res: Response) => { + const guild_id = req.params.id; + + const guild = await GuildModel.exists({ id: guild_id }); + if (!guild) throw new HTTPError("Guild not found", 404); + + var bans = await BanModel.find({ guild_id: guild_id }).exec(); + return res.json(toObject(bans)); +}); + +router.get("/:user", async (req: Request, res: Response) => { + const guild_id = req.params.id; + const user_id = req.params.ban; + + var ban = await BanModel.findOne({ guild_id: guild_id, user_id: user_id }).exec(); + if (!ban) throw new HTTPError("Ban not found", 404); + return res.json(ban); +}); + +router.post("/:user_id", check(BanCreateSchema), async (req: Request, res: Response) => { + const guild_id = req.params.id; + const banned_user_id = req.params.user_id; + + const banned_user = await getPublicUser(banned_user_id); + const perms = await getPermission(req.user_id, guild_id); + if (!perms.has("BAN_MEMBERS")) throw new HTTPError("You don't have the permission to ban members", 403); + if (req.user_id === banned_user_id) throw new HTTPError("You can't ban yourself", 400); + + await removeMember(banned_user_id, guild_id); + + const ban = await new BanModel({ + user_id: banned_user_id, + guild_id: guild_id, + ip: getIpAdress(req), + executor_id: req.user_id, + reason: req.body.reason, // || otherwise empty + }).save(); + + await emitEvent({ + event: "GUILD_BAN_ADD", + data: { + guild_id: guild_id, + user: banned_user, + }, + guild_id: guild_id, + } as GuildBanAddEvent); + + return res.json(ban).send(); +}); + +router.delete("/:user_id", async (req: Request, res: Response) => { + var { guild_id } = req.params; + var banned_user_id = req.params.user_id; + + const banned_user = await getPublicUser(banned_user_id); + const guild = await GuildModel.exists({ id: guild_id }); + if (!guild) throw new HTTPError("Guild not found", 404); + + const perms = await getPermission(req.user_id, guild_id); + if (!perms.has("BAN_MEMBERS")) { + throw new HTTPError("No permissions", 403); + } + + await BanModel.deleteOne({ + user_id: banned_user_id, + guild_id, + }).exec(); + + await emitEvent({ + event: "GUILD_BAN_REMOVE", + data: { + guild_id, + user: banned_user, + }, + guild_id, + } as GuildBanRemoveEvent); + + return res.status(204).send(); +}); + +export default router; diff --git a/src/routes/guilds/#guild_id/channels.ts b/src/routes/guilds/#guild_id/channels.ts new file mode 100644 index 00000000..e0d8f3ac --- /dev/null +++ b/src/routes/guilds/#guild_id/channels.ts @@ -0,0 +1,54 @@ +import { Router } from "express"; +import { ChannelCreateEvent, ChannelModel, ChannelType, GuildModel, Snowflake, toObject } from "fosscord-server-util"; +import { HTTPError } from "lambert-server"; +import { ChannelModifySchema } from "../../../schema/Channel"; +import { emitEvent } from "../../../util/Event"; +import { check } from "../../../util/instanceOf"; +const router = Router(); + +router.get("/", async (req, res) => { + const { guild_id } = req.params; + const channels = await ChannelModel.find({ guild_id }).exec(); + + res.json(toObject(channels)); +}); + +router.post("/", check(ChannelModifySchema), async (req, res) => { + const { guild_id } = req.params; + const body = req.body as ChannelModifySchema; + if (!body.permission_overwrites) body.permission_overwrites = []; + if (!body.topic) body.topic = ""; + if (!body.rate_limit_per_user) body.rate_limit_per_user = 0; + switch (body.type) { + case ChannelType.DM: + case ChannelType.GROUP_DM: + throw new HTTPError("You can't create a dm channel in a guild"); + // TODO: + case ChannelType.GUILD_STORE: + throw new HTTPError("Not yet supported"); + case ChannelType.GUILD_NEWS: + // TODO: check if guild is community server + } + + if (body.parent_id) { + const exists = ChannelModel.findOne({ channel_id: body.parent_id }).exec(); + if (!exists) throw new HTTPError("Parent id channel doesn't exist", 400); + } + + const guild = await GuildModel.findOne({ id: guild_id }, { id: true }).exec(); + if (!guild) throw new HTTPError("Guild not found", 4040); + + const channel = { + ...body, + id: Snowflake.generate(), + created_at: new Date(), + guild_id, + }; + await new ChannelModel(channel).save(); + + await emitEvent({ event: "CHANNEL_CREATE", data: channel, guild_id } as ChannelCreateEvent); + + res.json(channel); +}); + +export default router; diff --git a/src/routes/guilds/#guild_id/index.ts b/src/routes/guilds/#guild_id/index.ts new file mode 100644 index 00000000..7e5f49d3 --- /dev/null +++ b/src/routes/guilds/#guild_id/index.ts @@ -0,0 +1,85 @@ +import { Request, Response, Router } from "express"; +import { + ChannelModel, + EmojiModel, + getPermission, + GuildDeleteEvent, + GuildModel, + GuildUpdateEvent, + InviteModel, + MemberModel, + MessageModel, + RoleModel, + toObject, + UserModel, +} from "fosscord-server-util"; +import { HTTPError } from "lambert-server"; +import { GuildUpdateSchema } from "../../../schema/Guild"; +import { emitEvent } from "../../../util/Event"; +import { check } from "../../../util/instanceOf"; +import "missing-native-js-functions"; + +const router = Router(); + +router.get("/", async (req: Request, res: Response) => { + const { guild_id } = req.params; + + const guild = await GuildModel.findOne({ id: guild_id }) + .populate({ path: "joined_at", match: { id: req.user_id } }) + .exec(); + if (!guild) throw new HTTPError("Guild does not exist", 404); + + const member = await MemberModel.exists({ guild_id: guild_id, id: req.user_id }); + if (!member) throw new HTTPError("You are not a member of the guild you are trying to access", 401); + + return res.json(guild); +}); + +router.patch("/", check(GuildUpdateSchema), async (req: Request, res: Response) => { + const body = req.body as GuildUpdateSchema; + const { guild_id } = req.params; + // TODO: guild update check image + + const perms = await getPermission(req.user_id, guild_id); + if (!perms.has("MANAGE_GUILD")) throw new HTTPError("You do not have the MANAGE_GUILD permission", 401); + + const guild = await GuildModel.findOneAndUpdate({ id: guild_id }, body) + .populate({ path: "joined_at", match: { id: req.user_id } }) + .exec(); + + const data = toObject(guild); + + emitEvent({ event: "GUILD_UPDATE", data: data, guild_id } as GuildUpdateEvent); + + return res.send(data); +}); + +// discord prefixes this route with /delete instead of using the delete method +// docs are wrong https://discord.com/developers/docs/resources/guild#delete-guild +router.post("/delete", async (req: Request, res: Response) => { + var { guild_id } = req.params; + + const guild = await GuildModel.findOne({ id: guild_id }, "owner_id").exec(); + if (!guild) throw new HTTPError("This guild does not exist", 404); + if (guild.owner_id !== req.user_id) throw new HTTPError("You are not the owner of this guild", 401); + + await emitEvent({ + event: "GUILD_DELETE", + data: { + id: guild_id, + }, + guild_id: guild_id, + } as GuildDeleteEvent); + + await GuildModel.deleteOne({ id: guild_id }).exec(); + await UserModel.updateMany({ guilds: guild_id }, { $pull: { guilds: guild_id } }).exec(); + await RoleModel.deleteMany({ guild_id }).exec(); + await ChannelModel.deleteMany({ guild_id }).exec(); + await EmojiModel.deleteMany({ guild_id }).exec(); + await InviteModel.deleteMany({ guild_id }).exec(); + await MessageModel.deleteMany({ guild_id }).exec(); + + return res.sendStatus(204); +}); + +export default router; diff --git a/src/routes/guilds/#guild_id/members.ts b/src/routes/guilds/#guild_id/members.ts new file mode 100644 index 00000000..f4e6d4e8 --- /dev/null +++ b/src/routes/guilds/#guild_id/members.ts @@ -0,0 +1,53 @@ +import { Request, Response, Router } from "express"; +import { GuildModel, MemberModel, toObject } from "fosscord-server-util"; +import { HTTPError } from "lambert-server"; +import { instanceOf, Length } from "../../../util/instanceOf"; +import { PublicMemberProjection } from "../../../util/Member"; +import { PublicUserProjection } from "../../../util/User"; + +const router = Router(); + +// TODO: not allowed for user -> only allowed for bots with privileged intents +// TODO: send over websocket +router.get("/", async (req: Request, res: Response) => { + const { guild_id } = req.params; + const guild = await GuildModel.findOne({ id: guild_id }).exec(); + if (!guild) throw new HTTPError("Guild not found", 404); + + try { + instanceOf({ $limit: new Length(Number, 1, 1000), $after: String }, req.query, { + path: "query", + req, + ref: { obj: null, key: "" }, + }); + } catch (error) { + return res.status(400).json({ code: 50035, message: "Invalid Query", success: false, errors: error }); + } + + // @ts-ignore + if (!req.query.limit) req.query.limit = 1; + const { limit, after } = (req.query) as { limit: number; after: string }; + const query = after ? { id: { $gt: after } } : {}; + + var members = await MemberModel.find({ guild_id, ...query }, PublicMemberProjection) + .limit(limit) + .exec(); + + return res.json(toObject(members)); +}); + +router.get("/:member", async (req: Request, res: Response) => { + const { guild_id } = req.params; + const user_id = req.params.member; + + const member = await MemberModel.findOne({ id: user_id, guild_id }).exec(); + if (!member) throw new HTTPError("Member not found", 404); + + return res.json(member); +}); + +router.put("/:member", async (req: Request, res: Response) => { + // https://discord.com/developers/docs/resources/guild#add-guild-member +}); + +export default router; diff --git a/src/routes/guilds/#id/bans.ts b/src/routes/guilds/#id/bans.ts deleted file mode 100644 index 5ac92154..00000000 --- a/src/routes/guilds/#id/bans.ts +++ /dev/null @@ -1,93 +0,0 @@ -import { Request, Response, Router } from "express"; -import { BanModel, getPermission, GuildBanAddEvent, GuildBanRemoveEvent, GuildModel, toObject } from "fosscord-server-util"; -import { HTTPError } from "lambert-server"; -import { getIpAdress } from "../../../middlewares/GlobalRateLimit"; -import { BanCreateSchema } from "../../../schema/Ban"; -import { emitEvent } from "../../../util/Event"; -import { check } from "../../../util/instanceOf"; -import { removeMember } from "../../../util/Member"; -import { getPublicUser } from "../../../util/User"; - -const router: Router = Router(); - -router.get("/", async (req: Request, res: Response) => { - const guild_id = req.params.id; - - const guild = await GuildModel.findOne({ id: guild_id }).exec(); - if (!guild) throw new HTTPError("Guild not found", 404); - - var bans = await BanModel.find({ guild_id: guild_id }).exec(); - return res.json(toObject(bans)); -}); - -router.get("/:user", async (req: Request, res: Response) => { - const guild_id = req.params.id; - const user_id = req.params.ban; - - var ban = await BanModel.findOne({ guild_id: guild_id, user_id: user_id }).exec(); - if (!ban) throw new HTTPError("Ban not found", 404); - return res.json(ban); -}); - -router.post("/:user_id", check(BanCreateSchema), async (req: Request, res: Response) => { - const guild_id = req.params.id; - const banned_user_id = req.params.user_id; - - const banned_user = await getPublicUser(banned_user_id); - const perms = await getPermission(req.user_id, guild_id); - if (!perms.has("BAN_MEMBERS")) throw new HTTPError("You don't have the permission to ban members", 403); - if (req.user_id === banned_user_id) throw new HTTPError("You can't ban yourself", 400); - - await removeMember(banned_user_id, guild_id); - - const ban = await new BanModel({ - user_id: banned_user_id, - guild_id: guild_id, - ip: getIpAdress(req), - executor_id: req.user_id, - reason: req.body.reason, // || otherwise empty - }).save(); - - await emitEvent({ - event: "GUILD_BAN_ADD", - data: { - guild_id: guild_id, - user: banned_user, - }, - guild_id: guild_id, - } as GuildBanAddEvent); - - return res.json(ban).send(); -}); - -router.delete("/:user_id", async (req: Request, res: Response) => { - var guild_id = req.params.id; - var banned_user_id = req.params.user_id; - - const banned_user = await getPublicUser(banned_user_id); - const guild = await GuildModel.findOne({ id: guild_id }, { id: true }).exec(); - if (!guild) throw new HTTPError("Guild not found", 404); - - const perms = await getPermission(req.user_id, guild.id); - if (!perms.has("BAN_MEMBERS")) { - throw new HTTPError("No permissions", 403); - } - - await BanModel.deleteOne({ - user_id: banned_user_id, - guild_id: guild.id, - }).exec(); - - await emitEvent({ - event: "GUILD_BAN_REMOVE", - data: { - guild_id: guild.id, - user: banned_user, - }, - guild_id: guild.id, - } as GuildBanRemoveEvent); - - return res.status(204).send(); -}); - -export default router; diff --git a/src/routes/guilds/#id/channels.ts b/src/routes/guilds/#id/channels.ts deleted file mode 100644 index b949def0..00000000 --- a/src/routes/guilds/#id/channels.ts +++ /dev/null @@ -1,54 +0,0 @@ -import { Router } from "express"; -import { ChannelCreateEvent, ChannelModel, ChannelType, GuildModel, Snowflake, toObject } from "fosscord-server-util"; -import { HTTPError } from "lambert-server"; -import { ChannelModifySchema } from "../../../schema/Channel"; -import { emitEvent } from "../../../util/Event"; -import { check } from "../../../util/instanceOf"; -const router = Router(); - -router.get("/", async (req, res) => { - const guild_id = req.params.id; - const channels = await ChannelModel.find({ guild_id }).exec(); - - res.json(toObject(channels)); -}); - -router.post("/", check(ChannelModifySchema), async (req, res) => { - const guild_id = req.params.id; - const body = req.body as ChannelModifySchema; - if (!body.permission_overwrites) body.permission_overwrites = []; - if (!body.topic) body.topic = ""; - if (!body.rate_limit_per_user) body.rate_limit_per_user = 0; - switch (body.type) { - case ChannelType.DM: - case ChannelType.GROUP_DM: - throw new HTTPError("You can't create a dm channel in a guild"); - // TODO: - case ChannelType.GUILD_STORE: - throw new HTTPError("Not yet supported"); - case ChannelType.GUILD_NEWS: - // TODO: check if guild is community server - } - - if (body.parent_id) { - const exists = ChannelModel.findOne({ channel_id: body.parent_id }).exec(); - if (!exists) throw new HTTPError("Parent id channel doesn't exist", 400); - } - - const guild = await GuildModel.findOne({ id: guild_id }, { id: true }).exec(); - if (!guild) throw new HTTPError("Guild not found", 4040); - - const channel = { - ...body, - id: Snowflake.generate(), - created_at: new Date(), - guild_id, - }; - await new ChannelModel(channel).save(); - - await emitEvent({ event: "CHANNEL_CREATE", data: channel, guild_id } as ChannelCreateEvent); - - res.json(channel); -}); - -export default router; diff --git a/src/routes/guilds/#id/index.ts b/src/routes/guilds/#id/index.ts deleted file mode 100644 index 385904f6..00000000 --- a/src/routes/guilds/#id/index.ts +++ /dev/null @@ -1,73 +0,0 @@ -import { Request, Response, Router } from "express"; -import { - ChannelModel, - EmojiModel, - getPermission, - GuildDeleteEvent, - GuildModel, - InviteModel, - MemberModel, - MessageModel, - RoleModel, - UserModel, -} from "fosscord-server-util"; -import { HTTPError } from "lambert-server"; -import { GuildUpdateSchema } from "../../../schema/Guild"; -import { emitEvent } from "../../../util/Event"; -import { check } from "../../../util/instanceOf"; - -const router = Router(); - -router.get("/", async (req: Request, res: Response) => { - const guild_id = req.params.id; - - const guild = await GuildModel.findOne({ id: guild_id }).exec(); - if (!guild) throw new HTTPError("Guild does not exist", 404); - - const member = await MemberModel.findOne({ guild_id: guild_id, id: req.user_id }, "id").exec(); - if (!member) throw new HTTPError("You are not a member of the guild you are trying to access", 401); - - return res.json(guild); -}); - -router.patch("/", check(GuildUpdateSchema), async (req: Request, res: Response) => { - const body = req.body as GuildUpdateSchema; - const guild_id = req.params.id; - - const guild = await GuildModel.findOne({ id: guild_id }).exec(); - if (!guild) throw new HTTPError("This guild does not exist", 404); - - const perms = await getPermission(req.user_id, guild_id); - if (!perms.has("MANAGE_GUILD")) throw new HTTPError("You do not have the MANAGE_GUILD permission", 401); - - await GuildModel.updateOne({ id: guild_id }, body).exec(); - return res.status(204); -}); - -router.delete("/", async (req: Request, res: Response) => { - var guild_id = req.params.id; - - const guild = await GuildModel.findOne({ id: guild_id }, "owner_id").exec(); - if (!guild) throw new HTTPError("This guild does not exist", 404); - if (guild.owner_id !== req.user_id) throw new HTTPError("You are not the owner of this guild", 401); - - await emitEvent({ - event: "GUILD_DELETE", - data: { - id: guild_id, - }, - guild_id: guild_id, - } as GuildDeleteEvent); - - await GuildModel.deleteOne({ id: guild_id }).exec(); - await UserModel.updateMany({ guilds: guild_id }, { $pull: { guilds: guild_id } }).exec(); - await RoleModel.deleteMany({ guild_id }).exec(); - await ChannelModel.deleteMany({ guild_id }).exec(); - await EmojiModel.deleteMany({ guild_id }).exec(); - await InviteModel.deleteMany({ guild_id }).exec(); - await MessageModel.deleteMany({ guild_id }).exec(); - - return res.status(204).send(); -}); - -export default router; diff --git a/src/routes/guilds/#id/members.ts b/src/routes/guilds/#id/members.ts deleted file mode 100644 index 1c3cb33d..00000000 --- a/src/routes/guilds/#id/members.ts +++ /dev/null @@ -1,54 +0,0 @@ -import { Request, Response, Router } from "express"; -import { GuildModel, MemberModel, toObject } from "fosscord-server-util"; -import { HTTPError } from "lambert-server"; -import { instanceOf, Length } from "../../../util/instanceOf"; -import { PublicMemberProjection } from "../../../util/Member"; -import { PublicUserProjection } from "../../../util/User"; - -const router = Router(); - -// TODO: not allowed for user -> only allowed for bots with privileged intents -// TODO: send over websocket -router.get("/", async (req: Request, res: Response) => { - const guild_id = req.params.id; - const guild = await GuildModel.findOne({ id: guild_id }).exec(); - if (!guild) throw new HTTPError("Guild not found", 404); - - try { - instanceOf({ $limit: new Length(Number, 1, 1000), $after: String }, req.query, { - path: "query", - req, - ref: { obj: null, key: "" }, - }); - } catch (error) { - return res.status(400).json({ code: 50035, message: "Invalid Query", success: false, errors: error }); - } - - // @ts-ignore - if (!req.query.limit) req.query.limit = 1; - const { limit, after } = (req.query) as { limit: number; after: string }; - const query = after ? { id: { $gt: after } } : {}; - - var members = await MemberModel.find({ guild_id, ...query }, PublicMemberProjection) - .limit(limit) - .populate({ path: "user", select: PublicUserProjection }) - .exec(); - - return res.json(toObject(members)); -}); - -router.get("/:member", async (req: Request, res: Response) => { - const guild_id = req.params.id; - const user_id = req.params.member; - - const member = await MemberModel.findOne({ id: user_id, guild_id }).populate({ path: "user", select: PublicUserProjection }).exec(); - if (!member) throw new HTTPError("Member not found", 404); - - return res.json(member); -}); - -router.put("/:member", async (req: Request, res: Response) => { - // https://discord.com/developers/docs/resources/guild#add-guild-member -}); - -export default router; diff --git a/src/routes/users/@me/guilds.ts b/src/routes/users/@me/guilds.ts index e04107ac..d0fbaa3e 100644 --- a/src/routes/users/@me/guilds.ts +++ b/src/routes/users/@me/guilds.ts @@ -11,37 +11,42 @@ router.get("/", async (req: Request, res: Response) => { if (!user) throw new HTTPError("User not found", 404); var guildIDs = user.guilds || []; - var guild = await GuildModel.find({ id: { $in: guildIDs } }).exec(); + var guild = await GuildModel.find({ id: { $in: guildIDs } }) + .populate({ path: "joined_at", match: { id: req.user_id } }) + .exec(); + res.json(toObject(guild)); }); // user send to leave a certain guild router.delete("/:id", async (req: Request, res: Response) => { - const guildID = req.params.id; - const guild = await GuildModel.findOne({ id: guildID }).exec(); + const guild_id = req.params.id; + const guild = await GuildModel.findOne({ id: guild_id }, { guild_id: true }).exec(); if (!guild) throw new HTTPError("Guild doesn't exist", 404); if (guild.owner_id === req.user_id) throw new HTTPError("You can't leave your own guild", 400); - await MemberModel.deleteOne({ id: req.user_id, guild_id: guildID }).exec(); - await UserModel.updateOne({ id: req.user_id }, { $pull: { guilds: guildID } }).exec(); - const user = await getPublicUser(req.user_id); + await Promise.all([ + MemberModel.deleteOne({ id: req.user_id, guild_id: guild_id }).exec(), + UserModel.updateOne({ id: req.user_id }, { $pull: { guilds: guild_id } }).exec(), + emitEvent({ + event: "GUILD_DELETE", + data: { + id: guild_id, + }, + user_id: req.user_id, + } as GuildDeleteEvent), + ]); - await emitEvent({ - event: "GUILD_DELETE", - data: { - id: guildID, - }, - user_id: req.user_id, - } as GuildDeleteEvent); + const user = await getPublicUser(req.user_id); await emitEvent({ event: "GUILD_MEMBER_REMOVE", data: { - guild_id: guildID, + guild_id: guild_id, user: user, }, - guild_id: guildID, + guild_id: guild_id, } as GuildMemberRemoveEvent); return res.status(204).send(); diff --git a/src/util/Event.ts b/src/util/Event.ts index 43c51d5c..8a24e4bb 100644 --- a/src/util/Event.ts +++ b/src/util/Event.ts @@ -5,6 +5,7 @@ export async function emitEvent(payload: Omit) { created_at: new Date(), // in seconds ...payload, }; + // TODO: bigint isn't working return await new EventModel(obj).save(); } diff --git a/src/util/Member.ts b/src/util/Member.ts index 3ce06962..4d1b8ac5 100644 --- a/src/util/Member.ts +++ b/src/util/Member.ts @@ -75,6 +75,7 @@ export async function addMember(user_id: string, guild_id: string, cache?: { gui }, guild_id: guild_id, } as GuildMemberAddEvent), + emitEvent({ event: "GUILD_CREATE", data: guild, -- cgit 1.5.1 From 5a0351aa05d141261459f54fcd3c03c3d139db4b Mon Sep 17 00:00:00 2001 From: xnacly Date: Thu, 8 Apr 2021 17:53:57 +0200 Subject: finished /invite route #21 --- src/routes/invites/index.ts | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) (limited to 'src/routes') diff --git a/src/routes/invites/index.ts b/src/routes/invites/index.ts index 9a4e81fa..c40fb0af 100644 --- a/src/routes/invites/index.ts +++ b/src/routes/invites/index.ts @@ -1,4 +1,28 @@ -import { Router } from "express"; +import { Router, Request, Response } from "express"; +import { getPermission, InviteModel, toObject } from "fosscord-server-util"; +import { HTTPError } from "lambert-server"; const router: Router = Router(); +router.get("/:invite_code", async (req: Request, res: Response) => { + const { invite_code: code } = req.params; + + const invite = await InviteModel.findOne({ code }).exec(); + + if (!invite) throw new HTTPError("Unknown Invite", 404); + res.status(200).send({ invite: toObject(invite) }); +}); + +router.delete("/:invite_code", async (req: Request, res: Response) => { + const { invite_code: code } = req.params; + const invite = await InviteModel.findOne({ code }).exec(); + + if (!invite) throw new HTTPError("Unknown Invite", 404); + + const { guild_id, channel_id } = invite; + const perms = await getPermission(req.user_id, guild_id, channel_id); + + if (!perms.has("MANAGE_GUILD") || !perms.has("MANAGE_CHANNELS")) throw new HTTPError("You aren't allow", 401); + res.status(200).send({ invite: toObject(invite) }); +}); + export default router; -- cgit 1.5.1 From cf9007ddce29c2c090ead36605b82f8aedb8c6f4 Mon Sep 17 00:00:00 2001 From: xnacly Date: Thu, 8 Apr 2021 17:54:43 +0200 Subject: dummy routes (prevent errors in client) --- src/routes/users/@me/affinities/guilds.ts | 10 ++++++++++ src/routes/users/@me/library.ts | 10 ++++++++++ src/routes/users/@me/settings.ts | 10 ++++++++++ 3 files changed, 30 insertions(+) create mode 100644 src/routes/users/@me/affinities/guilds.ts create mode 100644 src/routes/users/@me/library.ts create mode 100644 src/routes/users/@me/settings.ts (limited to 'src/routes') diff --git a/src/routes/users/@me/affinities/guilds.ts b/src/routes/users/@me/affinities/guilds.ts new file mode 100644 index 00000000..ea0fe59d --- /dev/null +++ b/src/routes/users/@me/affinities/guilds.ts @@ -0,0 +1,10 @@ +import { Router } from "express"; + +const router = Router(); + +router.get("/", (req, res) => { + // TODO: + res.status(200).send({ guild_affinities: [] }); +}); + +export default router; diff --git a/src/routes/users/@me/library.ts b/src/routes/users/@me/library.ts new file mode 100644 index 00000000..2ffff851 --- /dev/null +++ b/src/routes/users/@me/library.ts @@ -0,0 +1,10 @@ +import { Router } from "express"; + +const router = Router(); + +router.get("/", (req, res) => { + // TODO: + res.status(200).send([]); +}); + +export default router; diff --git a/src/routes/users/@me/settings.ts b/src/routes/users/@me/settings.ts new file mode 100644 index 00000000..f1d95caf --- /dev/null +++ b/src/routes/users/@me/settings.ts @@ -0,0 +1,10 @@ +import { Router } from "express"; + +const router = Router(); + +router.patch("/", (req, res) => { + // TODO: + res.sendStatus(204); +}); + +export default router; -- cgit 1.5.1