Fix a funny security vuln

2023-01-18 12:26:08 -07:00 · 2023-01-18 12:26:08 -07:00 · 70475d8397
commit 70475d8397
parent fbac5c7cd7
1 changed files with 1 additions and 1 deletions
--- a/src/api/routes/guilds/#guild_id/index.ts
+++ b/src/api/routes/guilds/#guild_id/index.ts
@ -55,7 +55,7 @@ router.get("/", route({}), async (req: Request, res: Response) => {

 router.patch(
 	"/",
-	route({ body: "GuildUpdateSchema" }),
+	route({ body: "GuildUpdateSchema", permission: "MANAGE_GUILD" }),
 	async (req: Request, res: Response) => {
 		const body = req.body as GuildUpdateSchema;
 		const { guild_id } = req.params;