Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement admin api #1106

Closed
wants to merge 14 commits into from
Closed

Implement admin api #1106

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
b148b23
admin api: RUD users
Puyodead1 Dec 2, 2023
4bbbb28
admin api: guild RUD and user changes
Puyodead1 Dec 3, 2023
f1431ef
admin api: list guild bans
Puyodead1 Dec 3, 2023
8bca14d
Update index.ts
Puyodead1 Dec 3, 2023
e45857b
admin api: new admin crud rights, and admin guild create route
Puyodead1 Dec 3, 2023
8ed831c
emit gateway events
Puyodead1 Dec 17, 2023
2555f61
implement admin guild member delete
Puyodead1 Dec 17, 2023
b8bba0b
implement admin get/put/delete guild bans
Puyodead1 Dec 17, 2023
67c21d1
implement admin patch/delete guild members
Puyodead1 Dec 17, 2023
6b115aa
update get guild member route to allow admin bypass
Puyodead1 Dec 17, 2023
7fca94b
implement admin guild member get and put
Puyodead1 Dec 17, 2023
1f7a07c
guild member admin schema
Puyodead1 Dec 17, 2023
e375bf5
fix admin readonly properties being writable
Puyodead1 Dec 17, 2023
4a00b7b
Update Member.ts
Puyodead1 Dec 18, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
90,556 changes: 83,043 additions & 7,513 deletions assets/schemas.json
View file
Open in desktop

Large diffs are not rendered by default.

202 changes: 202 additions & 0 deletions src/api/routes/admin/guilds/#guild_id/bans/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,202 @@
/*
Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
Copyright (C) 2023 Spacebar and Spacebar Contributors

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.

You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
*/

import { getIpAdress, route } from "@spacebar/api";
import {
Ban,
GuildBanAddEvent,
GuildBanRemoveEvent,
Member,
User,
emitEvent,
} from "@spacebar/util";
import { Request, Response, Router } from "express";
import { HTTPError } from "lambert-server";
import { MoreThan } from "typeorm";
const router = Router();

router.get(
"/",
route({
description: "Get bans of a guild",
right: "ADMIN_READ_GUILD_BANS",
query: {
limit: {
type: "number",
description:
"max number of bans to return (1-1000). default 100",
},
after: {
type: "string",
},
},
responses: {
200: {
body: "GuildBansResponse",
},
400: {
body: "APIErrorResponse",
},
404: {
body: "APIErrorResponse",
},
},
}),
async (req: Request, res: Response) => {
const { guild_id } = req.params;
const { after } = req.query as {
after?: string;
};
const limit = Number(req.query.limit) || 100;
if (limit > 1000 || limit < 1)
throw new HTTPError("Limit must be between 1 and 1000");

const bans = await Ban.find({
where: { guild_id, ...(after ? { id: MoreThan(after) } : {}) },
order: { id: "ASC" },
take: limit,
});

return res.json(bans);
},
);

router.get(
"/:user",
route({
description: "Get ban of a user from a guild",
right: "ADMIN_READ_GUILD_BANS",
responses: {
200: {
body: "GuildBansResponse",
},
400: {
body: "APIErrorResponse",
},
404: {
body: "APIErrorResponse",
},
},
}),
async (req: Request, res: Response) => {
const { guild_id, user_id } = req.params;

const ban = await Ban.findOneOrFail({
where: { guild_id, user_id },
});

return res.json(ban);
},
);

router.put(
"/:user_id",
route({
description: "Ban a user from a guild",
right: "ADMIN_CREATE_GUILD_BANS",
requestBody: "BanCreateSchema",
responses: {
200: {
body: "Ban",
},
400: {
body: "APIErrorResponse",
},
403: {
body: "APIErrorResponse",
},
},
}),
async (req: Request, res: Response) => {
const { guild_id } = req.params;
const banned_user_id = req.params.user_id;

if (req.permission?.cache.guild?.owner_id === banned_user_id)
throw new HTTPError("You can't ban the owner", 400);

const banned_user = await User.getPublicUser(banned_user_id);

const ban = Ban.create({
user_id: banned_user_id,
guild_id: guild_id,
ip: getIpAdress(req),
executor_id: req.user_id,
reason: req.body.reason, // || otherwise empty
});

await Promise.all([
Member.removeFromGuild(banned_user_id, guild_id),
ban.save(),
emitEvent({
event: "GUILD_BAN_ADD",
data: {
guild_id: guild_id,
user: banned_user,
},
guild_id: guild_id,
} as GuildBanAddEvent),
]);

return res.json(ban);
},
);

router.delete(
"/:user_id",
route({
description: "Unban a user from a guild",
right: "ADMIN_DELETE_GUILD_BANS",
responses: {
204: {},
403: {
body: "APIErrorResponse",
},
404: {
body: "APIErrorResponse",
},
},
}),
async (req: Request, res: Response) => {
const { guild_id, user_id } = req.params;

const banned_user = await User.getPublicUser(user_id);

await Promise.all([
await Ban.findOneOrFail({
where: { guild_id: guild_id, user_id: user_id },
}),
Ban.delete({
user_id: user_id,
guild_id,
}),

emitEvent({
event: "GUILD_BAN_REMOVE",
data: {
guild_id,
user: banned_user,
},
guild_id,
} as GuildBanRemoveEvent),
]);

return res.sendStatus(204);
},
);

export default router;
Loading
Loading