Dekescordes/spacebar
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed ability for user to edit any property of themselves, including rights, flags. Note to self: schemas.json is a GENERATED file. npm run generate:schema in api/

Browse Source
This commit is contained in:
Madeline 2022-04-23 01:07:59 +10:00
parent 266e9c4739
commit 7e7a2d3619
3 changed files with 12479 additions and 8151 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5336
api/assets/schemas.json
View File

File diff suppressed because it is too large Load Diff

1
api/scripts/generate_schema.js
View File

@ -31,7 +31,6 @@ const Excluded = [
]; ];
function modify(obj) { function modify(obj) {
delete obj.additionalProperties;
for (var k in obj) { for (var k in obj) {
if (typeof obj[k] === "object" && obj[k] !== null) { if (typeof obj[k] === "object" && obj[k] !== null) {
modify(obj[k]); modify(obj[k]);

3
api/src/routes/users/@me/index.ts
View File

@ -34,6 +34,7 @@ router.patch("/", route({ body: "UserModifySchema" }), async (req: Request, res:
if (body.banner) body.banner = await handleFile(`/banners/${req.user_id}`, body.banner as string); if (body.banner) body.banner = await handleFile(`/banners/${req.user_id}`, body.banner as string);
const user = await User.findOneOrFail({ where: { id: req.user_id }, select: [...PrivateUserProjection, "data"] }); const user = await User.findOneOrFail({ where: { id: req.user_id }, select: [...PrivateUserProjection, "data"] });
user.assign(body);
if (body.password) { if (body.password) {
if (user.data?.hash) { if (user.data?.hash) {
@ -46,8 +47,6 @@ router.patch("/", route({ body: "UserModifySchema" }), async (req: Request, res:
} }
} }
user.assign(body);
if (body.new_password) { if (body.new_password) {
if (!body.password && !user.email) { if (!body.password && !user.email) {
throw FieldErrors({ throw FieldErrors({