1
0
mirror of https://github.com/spacebarchat/server.git synced 2024-11-06 10:52:31 +01:00

fix(api): don't send @everyone in route response

The response of `PATCH /guilds/{guild.id}/members/{user.id}` should not include "@everyone" role
This commit is contained in:
Nobody 2022-03-08 09:36:21 -03:00 committed by Erkin Alp Güney
parent d46fe195d0
commit a3091e9d1a

View File

@ -25,16 +25,19 @@ router.patch("/", route({ body: "MemberChangeSchema" }), async (req: Request, re
const member = await Member.findOneOrFail({ where: { id: member_id, guild_id }, relations: ["roles", "user"] });
const permission = await getPermission(req.user_id, guild_id);
const everyone = await Role.findOneOrFail({ guild_id: guild_id, name: "@everyone", position: 0 });
if (body.roles) {
permission.hasThrow("MANAGE_ROLES");
const everyone = await Role.findOneOrFail({ guild_id: guild_id, name: "@everyone", position: 0 });
if (body.roles.indexOf(everyone.id) === -1) body.roles.push(everyone.id);
member.roles = body.roles.map((x) => new Role({ id: x })); // foreign key constraint will fail if role doesn't exist
}
await member.save();
member.roles = member.roles.filter((x) => x.id !== everyone.id);
// do not use promise.all as we have to first write to db before emitting the event to catch errors
await emitEvent({
event: "GUILD_MEMBER_UPDATE",