From c534248e0fc48e732fe3cb90f95396e1194c1277 Mon Sep 17 00:00:00 2001 From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> Date: Sun, 30 May 2021 17:16:14 +0200 Subject: [PATCH] :sparkles: Channel permission overwrites --- .../channels/#channel_id/permissions.ts | 45 ++++++++++++++++--- 1 file changed, 38 insertions(+), 7 deletions(-) diff --git a/src/routes/channels/#channel_id/permissions.ts b/src/routes/channels/#channel_id/permissions.ts index 1a0ec6af..1ee35149 100644 --- a/src/routes/channels/#channel_id/permissions.ts +++ b/src/routes/channels/#channel_id/permissions.ts @@ -1,16 +1,17 @@ -import { ChannelModel, ChannelPermissionOverwrite, getPermission, MemberModel, RoleModel } from "@fosscord/server-util"; +import { ChannelModel, ChannelPermissionOverwrite, ChannelUpdateEvent, getPermission, MemberModel, RoleModel } from "@fosscord/server-util"; import { Router } from "express"; import { HTTPError } from "lambert-server"; +import { emitEvent } from "../../../util/Event"; import { check } from "../../../util/instanceOf"; const router: Router = Router(); // TODO: Only permissions your bot has in the guild or channel can be allowed/denied (unless your bot has a MANAGE_ROLES overwrite in the channel) -router.put("/:overwrite_id", check({ allow: BigInt, deny: BigInt, type: Number }), async (req, res) => { +router.put("/:overwrite_id", check({ allow: String, deny: String, type: Number, id: String }), async (req, res) => { const { channel_id, overwrite_id } = req.params; - const body = req.body as { allow: bigint; deny: bigint; type: number }; + const body = req.body as { allow: bigint; deny: bigint; type: number; id: string }; - const channel = await ChannelModel.findOne({ id: channel_id }).exec(); + var channel = await ChannelModel.findOne({ id: channel_id }, { guild_id: true, permission_overwrites: true }).exec(); if (!channel || !channel.guild_id) throw new HTTPError("Channel not found", 404); const permissions = await getPermission(req.user_id, channel.guild_id, channel_id); @@ -19,7 +20,7 @@ router.put("/:overwrite_id", check({ allow: BigInt, deny: BigInt, type: Number } if (body.type === 0) { if (!(await RoleModel.exists({ id: overwrite_id }))) throw new HTTPError("role not found", 404); } else if (body.type === 1) { - if (await MemberModel.exists({ id: overwrite_id })) throw new HTTPError("user not found", 404); + if (!(await MemberModel.exists({ id: overwrite_id }))) throw new HTTPError("user not found", 404); } else throw new HTTPError("type not supported"); // @ts-ignore @@ -28,14 +29,44 @@ router.put("/:overwrite_id", check({ allow: BigInt, deny: BigInt, type: Number } // @ts-ignore overwrite = { id: overwrite_id, - type: body.type + type: body.type, + allow: body.allow, + deny: body.deny }; channel.permission_overwrites.push(overwrite); } overwrite.allow = body.allow; overwrite.deny = body.deny; - await ChannelModel.updateOne({ id: channel_id }, channel).exec(); + channel = await ChannelModel.findOneAndUpdate({ id: channel_id }, channel).exec(); + if (!channel) throw new HTTPError("Channel not found", 404); + + await emitEvent({ + event: "CHANNEL_UPDATE", + channel_id, + guild_id: channel.guild_id, + data: channel + } as ChannelUpdateEvent); + + return res.sendStatus(204); +}); + +// TODO: check permission hierarchy +router.delete("/:overwrite_id", async (req, res) => { + const { channel_id, overwrite_id } = req.params; + + const permissions = await getPermission(req.user_id, undefined, channel_id); + permissions.hasThrow("MANAGE_ROLES"); + + const channel = await ChannelModel.findOneAndUpdate({ id: channel_id }, { $pull: { permission_overwrites: { id: overwrite_id } } }); + if (!channel || !channel.guild_id) throw new HTTPError("Channel not found", 404); + + await emitEvent({ + event: "CHANNEL_UPDATE", + channel_id, + guild_id: channel.guild_id, + data: channel + } as ChannelUpdateEvent); return res.sendStatus(204); });