Dekescordes/spacebar
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #536 from Thesourtimes/master

Browse Source
This commit is contained in:
Samuel 2021-12-05 20:13:40 +01:00 committed by GitHub
commit 0a26b7baf2
3 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
api/src/middlewares/Authentication.ts
View File

@ -3,17 +3,25 @@ import { HTTPError } from "lambert-server";
import { checkToken, Config, Rights } from "@fosscord/util"; import { checkToken, Config, Rights } from "@fosscord/util";
export const NO_AUTHORIZATION_ROUTES = [ export const NO_AUTHORIZATION_ROUTES = [
//Authentication routes
"/auth/login", "/auth/login",
"/auth/register", "/auth/register",
"/auth/location-metadata",
//Routes with a seperate auth system
"/webhooks/", "/webhooks/",
//Public information endpoints
"/ping", "/ping",
"/gateway", "/gateway",
"/experiments", "/experiments",
//Public kubernetes integration
"/-/readyz", "/-/readyz",
"/-/healthz", "/-/healthz",
//Client nalytics
"/science", "/science",
"/track", "/track",
//Public policy pages
"/policies/instance", "/policies/instance",
//Asset delivery
/\/guilds\/\d+\/widget\.(json|png)/ /\/guilds\/\d+\/widget\.(json|png)/
]; ];

7
api/src/routes/invites/index.ts
View File

@ -1,5 +1,5 @@
import { Router, Request, Response } from "express"; import { Router, Request, Response } from "express";
import { emitEvent, getPermission, Guild, Invite, InviteDeleteEvent, Member, PublicInviteRelation } from "@fosscord/util"; import { emitEvent, getPermission, Guild, Invite, InviteDeleteEvent, User, PublicInviteRelation } from "@fosscord/util";
import { route } from "@fosscord/api"; import { route } from "@fosscord/api";
import { HTTPError } from "lambert-server"; import { HTTPError } from "lambert-server";
@ -15,6 +15,11 @@ router.get("/:code", route({}), async (req: Request, res: Response) => {
router.post("/:code", route({}), async (req: Request, res: Response) => { router.post("/:code", route({}), async (req: Request, res: Response) => {
const { code } = req.params; const { code } = req.params;
const { features } = await Guild.findOneOrFail({where: { code }});
const { public_flags } = await User.findOneOrFail({ id: req.user_id });
if(features.includes("INTERNAL_EMPLOYEE_ONLY") && (public_flags & 1) !== 1) throw new HTTPError("You are not allowed to join this guild.", 401)
const invite = await Invite.joinGuild(req.user_id, code); const invite = await Invite.joinGuild(req.user_id, code);
res.json(invite); res.json(invite);

4
bundle/scripts/build.js
View File

@ -26,9 +26,9 @@ dirs.forEach((a) => {
if (verbose) console.log(`Copied ${"../" + a + "/dist"} -> ${"dist/" + a + "/src"}!`); if (verbose) console.log(`Copied ${"../" + a + "/dist"} -> ${"dist/" + a + "/src"}!`);
}); });
console.log("Copying src files done"); console.log("[1/2] Copying src files done");
if (!argv.includes("copyonly")) { if (!argv.includes("copyonly")) {
console.log("Compiling src files ..."); console.log("[2/2] Compiling src files ...");
console.log( console.log(
execSync( execSync(