1
0
mirror of https://github.com/spacebarchat/server.git synced 2024-11-09 20:22:47 +01:00

Don't allow message types to be edited

This commit is contained in:
Madeline 2023-02-03 14:39:42 +11:00
parent df199227f8
commit 583b271ba2
No known key found for this signature in database
GPG Key ID: 1958E017C36F2E47
4 changed files with 723 additions and 6 deletions

View File

@ -29808,6 +29808,704 @@
},
"$schema": "http://json-schema.org/draft-07/schema#"
},
"MessageEditSchema": {
"type": "object",
"properties": {
"file": {
"type": "object",
"properties": {
"filename": {
"type": "string"
}
},
"additionalProperties": false,
"required": [
"filename"
]
},
"embed": {
"$ref": "#/definitions/Embed"
},
"flags": {
"type": "string"
},
"content": {
"type": "string"
},
"nonce": {
"type": "string"
},
"channel_id": {
"type": "string"
},
"tts": {
"type": "boolean"
},
"embeds": {
"type": "array",
"items": {
"$ref": "#/definitions/Embed"
}
},
"allowed_mentions": {
"type": "object",
"properties": {
"parse": {
"type": "array",
"items": {
"type": "string"
}
},
"roles": {
"type": "array",
"items": {
"type": "string"
}
},
"users": {
"type": "array",
"items": {
"type": "string"
}
},
"replied_user": {
"type": "boolean"
}
},
"additionalProperties": false
},
"message_reference": {
"type": "object",
"properties": {
"message_id": {
"type": "string"
},
"channel_id": {
"type": "string"
},
"guild_id": {
"type": "string"
},
"fail_if_not_exists": {
"type": "boolean"
}
},
"additionalProperties": false,
"required": [
"channel_id",
"message_id"
]
},
"payload_json": {
"type": "string"
},
"attachments": {
"description": "TODO: we should create an interface for attachments\nTODO: OpenWAAO<-->attachment-style metadata conversion",
"type": "array",
"items": {
"type": "object",
"properties": {
"id": {
"type": "string"
},
"filename": {
"type": "string"
}
},
"additionalProperties": false,
"required": [
"filename",
"id"
]
}
},
"sticker_ids": {
"type": "array",
"items": {
"type": "string"
}
}
},
"additionalProperties": false,
"definitions": {
"ChannelPermissionOverwriteType": {
"enum": [
0,
1,
2
],
"type": "number"
},
"ChannelModifySchema": {
"type": "object",
"properties": {
"name": {
"maxLength": 100,
"type": "string"
},
"type": {
"enum": [
0,
1,
10,
11,
12,
13,
14,
15,
2,
255,
3,
33,
34,
35,
4,
5,
6,
64,
7,
8,
9
],
"type": "number"
},
"topic": {
"type": "string"
},
"icon": {
"type": [
"null",
"string"
]
},
"bitrate": {
"type": "integer"
},
"user_limit": {
"type": "integer"
},
"rate_limit_per_user": {
"type": "integer"
},
"position": {
"type": "integer"
},
"permission_overwrites": {
"type": "array",
"items": {
"type": "object",
"properties": {
"id": {
"type": "string"
},
"type": {
"$ref": "#/definitions/ChannelPermissionOverwriteType"
},
"allow": {
"type": "string"
},
"deny": {
"type": "string"
}
},
"additionalProperties": false,
"required": [
"allow",
"deny",
"id",
"type"
]
}
},
"parent_id": {
"type": "string"
},
"id": {
"type": "string"
},
"nsfw": {
"type": "boolean"
},
"rtc_region": {
"type": "string"
},
"default_auto_archive_duration": {
"type": "integer"
},
"default_reaction_emoji": {
"type": [
"null",
"string"
]
},
"flags": {
"type": "integer"
},
"default_thread_rate_limit_per_user": {
"type": "integer"
},
"video_quality_mode": {
"type": "integer"
}
},
"additionalProperties": false
},
"ActivitySchema": {
"type": "object",
"properties": {
"afk": {
"type": "boolean"
},
"status": {
"$ref": "#/definitions/Status"
},
"activities": {
"type": "array",
"items": {
"$ref": "#/definitions/Activity"
}
},
"since": {
"type": "integer"
}
},
"additionalProperties": false,
"required": [
"status"
]
},
"Status": {
"enum": [
"dnd",
"idle",
"invisible",
"offline",
"online"
],
"type": "string"
},
"Activity": {
"type": "object",
"properties": {
"name": {
"type": "string"
},
"type": {
"$ref": "#/definitions/ActivityType"
},
"url": {
"type": "string"
},
"created_at": {
"type": "integer"
},
"timestamps": {
"type": "object",
"properties": {
"start": {
"type": "integer"
},
"end": {
"type": "integer"
}
},
"additionalProperties": false,
"required": [
"end",
"start"
]
},
"application_id": {
"type": "string"
},
"details": {
"type": "string"
},
"state": {
"type": "string"
},
"emoji": {
"type": "object",
"properties": {
"name": {
"type": "string"
},
"id": {
"type": "string"
},
"animated": {
"type": "boolean"
}
},
"additionalProperties": false,
"required": [
"animated",
"name"
]
},
"party": {
"type": "object",
"properties": {
"id": {
"type": "string"
},
"size": {
"type": "array",
"items": [
{
"type": "integer"
}
],
"minItems": 1,
"maxItems": 1
}
},
"additionalProperties": false
},
"assets": {
"type": "object",
"properties": {
"large_image": {
"type": "string"
},
"large_text": {
"type": "string"
},
"small_image": {
"type": "string"
},
"small_text": {
"type": "string"
}
},
"additionalProperties": false
},
"secrets": {
"type": "object",
"properties": {
"join": {
"type": "string"
},
"spectate": {
"type": "string"
},
"match": {
"type": "string"
}
},
"additionalProperties": false
},
"instance": {
"type": "boolean"
},
"flags": {
"type": "string"
},
"id": {
"type": "string"
},
"sync_id": {
"type": "string"
},
"metadata": {
"type": "object",
"properties": {
"context_uri": {
"type": "string"
},
"album_id": {
"type": "string"
},
"artist_ids": {
"type": "array",
"items": {
"type": "string"
}
}
},
"additionalProperties": false,
"required": [
"album_id",
"artist_ids"
]
},
"session_id": {
"type": "string"
}
},
"additionalProperties": false,
"required": [
"flags",
"name",
"session_id",
"type"
]
},
"ActivityType": {
"enum": [
0,
1,
2,
4,
5
],
"type": "number"
},
"Record<string,[number,number][]>": {
"type": "object",
"additionalProperties": false
},
"Embed": {
"type": "object",
"properties": {
"title": {
"type": "string"
},
"type": {
"enum": [
"article",
"gifv",
"image",
"link",
"rich",
"video"
],
"type": "string"
},
"description": {
"type": "string"
},
"url": {
"type": "string"
},
"timestamp": {
"type": "string",
"format": "date-time"
},
"color": {
"type": "integer"
},
"footer": {
"type": "object",
"properties": {
"text": {
"type": "string"
},
"icon_url": {
"type": "string"
},
"proxy_icon_url": {
"type": "string"
}
},
"additionalProperties": false,
"required": [
"text"
]
},
"image": {
"$ref": "#/definitions/EmbedImage"
},
"thumbnail": {
"$ref": "#/definitions/EmbedImage"
},
"video": {
"$ref": "#/definitions/EmbedImage"
},
"provider": {
"type": "object",
"properties": {
"name": {
"type": "string"
},
"url": {
"type": "string"
}
},
"additionalProperties": false
},
"author": {
"type": "object",
"properties": {
"name": {
"type": "string"
},
"url": {
"type": "string"
},
"icon_url": {
"type": "string"
},
"proxy_icon_url": {
"type": "string"
}
},
"additionalProperties": false
},
"fields": {
"type": "array",
"items": {
"type": "object",
"properties": {
"name": {
"type": "string"
},
"value": {
"type": "string"
},
"inline": {
"type": "boolean"
}
},
"additionalProperties": false,
"required": [
"name",
"value"
]
}
}
},
"additionalProperties": false
},
"EmbedImage": {
"type": "object",
"properties": {
"url": {
"type": "string"
},
"proxy_url": {
"type": "string"
},
"height": {
"type": "integer"
},
"width": {
"type": "integer"
}
},
"additionalProperties": false
},
"Partial<ChannelOverride>": {
"type": "object",
"properties": {
"message_notifications": {
"type": "integer"
},
"mute_config": {
"$ref": "#/definitions/MuteConfig"
},
"muted": {
"type": "boolean"
},
"channel_id": {
"type": [
"null",
"string"
]
}
},
"additionalProperties": false
},
"MuteConfig": {
"type": "object",
"properties": {
"end_time": {
"type": "integer"
},
"selected_time_window": {
"type": "integer"
}
},
"additionalProperties": false,
"required": [
"end_time",
"selected_time_window"
]
},
"CustomStatus": {
"type": "object",
"properties": {
"emoji_id": {
"type": "string"
},
"emoji_name": {
"type": "string"
},
"expires_at": {
"type": "integer"
},
"text": {
"type": "string"
}
},
"additionalProperties": false
},
"FriendSourceFlags": {
"type": "object",
"properties": {
"all": {
"type": "boolean"
}
},
"additionalProperties": false,
"required": [
"all"
]
},
"GuildFolder": {
"type": "object",
"properties": {
"color": {
"type": "integer"
},
"guild_ids": {
"type": "array",
"items": {
"type": "string"
}
},
"id": {
"type": "integer"
},
"name": {
"type": "string"
}
},
"additionalProperties": false,
"required": [
"color",
"guild_ids",
"id",
"name"
]
},
"Partial<GenerateWebAuthnCredentialsSchema>": {
"type": "object",
"properties": {
"password": {
"type": "string"
}
},
"additionalProperties": false
},
"Partial<CreateWebAuthnCredentialSchema>": {
"type": "object",
"properties": {
"credential": {
"type": "string"
},
"name": {
"type": "string"
},
"ticket": {
"type": "string"
}
},
"additionalProperties": false
}
},
"$schema": "http://json-schema.org/draft-07/schema#"
},
"ActivitySchema": {
"$ref": "#/definitions/ActivitySchema",
"definitions": {

View File

@ -30,6 +30,7 @@ import {
Snowflake,
uploadFile,
MessageCreateSchema,
MessageEditSchema,
} from "@fosscord/util";
import { Router, Response, Request } from "express";
import multer from "multer";
@ -52,13 +53,13 @@ const messageUpload = multer({
router.patch(
"/",
route({
body: "MessageCreateSchema",
body: "MessageEditSchema",
permission: "SEND_MESSAGES",
right: "SEND_MESSAGES",
}),
async (req: Request, res: Response) => {
const { message_id, channel_id } = req.params;
let body = req.body as MessageCreateSchema;
let body = req.body as MessageEditSchema;
const message = await Message.findOneOrFail({
where: { id: message_id, channel_id },
@ -81,10 +82,6 @@ router.patch(
}
} else rights.hasThrow("SELF_EDIT_MESSAGES");
// The permision should obviously not allow editing the message type
// But for people with the right, does this make sense?
if (body.type) rights.hasThrow("MANAGE_MESSAGES");
const new_message = await handleMessage({
...message,
// TODO: should message_reference be overridable?

View File

@ -0,0 +1,21 @@
/*
Fosscord: A FOSS re-implementation and extension of the Discord.com backend.
Copyright (C) 2023 Fosscord and Fosscord Contributors
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
import { MessageCreateSchema } from "./MessageCreateSchema";
export type MessageEditSchema = Omit<MessageCreateSchema, "type">;

View File

@ -87,3 +87,4 @@ export * from "./AckBulkSchema";
export * from "./WebAuthnSchema";
export * from "./WebhookCreateSchema";
export * from "./WidgetModifySchema";
export * from "./MessageEditSchema";