Dekescordes/spacebar
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Extend the pretense of non-existence of self-bans to API view route too

Browse Source
This commit is contained in:
Erkin Alp Güney 2022-02-02 23:27:54 +03:00 committed by GitHub
parent 8b641d099a
commit 3e0f568ba4
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
api/src/routes/guilds/#guild_id/bans.ts
View File

@ -27,6 +27,8 @@ router.get("/", route({ permission: "BAN_MEMBERS" }), async (req: Request, res:
let bans = await Ban.find({ guild_id: guild_id }); let bans = await Ban.find({ guild_id: guild_id });
/* Filter secret from database registry.*/ /* Filter secret from database registry.*/
if (banned_user.user_id === banned_user.executor_id) throw DiscordApiErrors.UNKNOWN_BAN;
// hide self-bans from view to prevent victim chasing
bans.forEach((registry: BanRegistrySchema) => { bans.forEach((registry: BanRegistrySchema) => {
delete registry.ip; delete registry.ip;