From 16a5cbac87cf2391d08521fc25738f18dcb6d01e Mon Sep 17 00:00:00 2001
From: Madeline <46743919+MaddyUnderStars@users.noreply.github.com>
Date: Fri, 3 Feb 2023 14:39:42 +1100
Subject: Don't allow message types to be edited
---
.../#channel_id/messages/#message_id/index.ts | 9 +++------
src/util/schemas/MessageEditSchema.ts | 21 +++++++++++++++++++++
src/util/schemas/index.ts | 1 +
3 files changed, 25 insertions(+), 6 deletions(-)
create mode 100644 src/util/schemas/MessageEditSchema.ts
(limited to 'src')
diff --git a/src/api/routes/channels/#channel_id/messages/#message_id/index.ts b/src/api/routes/channels/#channel_id/messages/#message_id/index.ts
index 95230478..400b8f3a 100644
--- a/src/api/routes/channels/#channel_id/messages/#message_id/index.ts
+++ b/src/api/routes/channels/#channel_id/messages/#message_id/index.ts
@@ -30,6 +30,7 @@ import {
Snowflake,
uploadFile,
MessageCreateSchema,
+ MessageEditSchema,
} from "@fosscord/util";
import { Router, Response, Request } from "express";
import multer from "multer";
@@ -52,13 +53,13 @@ const messageUpload = multer({
router.patch(
"/",
route({
- body: "MessageCreateSchema",
+ body: "MessageEditSchema",
permission: "SEND_MESSAGES",
right: "SEND_MESSAGES",
}),
async (req: Request, res: Response) => {
const { message_id, channel_id } = req.params;
- let body = req.body as MessageCreateSchema;
+ let body = req.body as MessageEditSchema;
const message = await Message.findOneOrFail({
where: { id: message_id, channel_id },
@@ -81,10 +82,6 @@ router.patch(
}
} else rights.hasThrow("SELF_EDIT_MESSAGES");
- // The permision should obviously not allow editing the message type
- // But for people with the right, does this make sense?
- if (body.type) rights.hasThrow("MANAGE_MESSAGES");
-
const new_message = await handleMessage({
...message,
// TODO: should message_reference be overridable?
diff --git a/src/util/schemas/MessageEditSchema.ts b/src/util/schemas/MessageEditSchema.ts
new file mode 100644
index 00000000..6f241402
--- /dev/null
+++ b/src/util/schemas/MessageEditSchema.ts
@@ -0,0 +1,21 @@
+/*
+ Fosscord: A FOSS re-implementation and extension of the Discord.com backend.
+ Copyright (C) 2023 Fosscord and Fosscord Contributors
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see .
+*/
+
+import { MessageCreateSchema } from "./MessageCreateSchema";
+
+export type MessageEditSchema = Omit;
diff --git a/src/util/schemas/index.ts b/src/util/schemas/index.ts
index 603141b5..194d8571 100644
--- a/src/util/schemas/index.ts
+++ b/src/util/schemas/index.ts
@@ -87,3 +87,4 @@ export * from "./AckBulkSchema";
export * from "./WebAuthnSchema";
export * from "./WebhookCreateSchema";
export * from "./WidgetModifySchema";
+export * from "./MessageEditSchema";
--
cgit 1.5.1