mirror of https://gitlab.com/litecord/litecord.git
guild.mod: add permission checks
This commit is contained in:
Luna Mendes
parent
7421c26e6c
commit
d613c23962
|
|
@ -1,7 +1,7 @@
|
||||||
from quart import Blueprint, request, current_app as app, jsonify
|
from quart import Blueprint, request, current_app as app, jsonify
|
||||||
|
|
||||||
from litecord.blueprints.auth import token_check
|
from litecord.blueprints.auth import token_check
|
||||||
from litecord.blueprints.checks import guild_owner_check
|
from litecord.blueprints.checks import guild_perm_check, guild_owner_check
|
||||||
|
|
||||||
from litecord.schemas import validate, GUILD_PRUNE
|
from litecord.schemas import validate, GUILD_PRUNE
|
||||||
|
|
||||||
|
|
@ -45,8 +45,7 @@ async def kick_guild_member(guild_id, member_id):
|
||||||
"""Remove a member from a guild."""
|
"""Remove a member from a guild."""
|
||||||
user_id = await token_check()
|
user_id = await token_check()
|
||||||
|
|
||||||
# TODO: check KICK_MEMBERS permission
|
await guild_perm_check(user_id, guild_id, 'kick_members')
|
||||||
await guild_owner_check(user_id, guild_id)
|
|
||||||
await remove_member(guild_id, member_id)
|
await remove_member(guild_id, member_id)
|
||||||
return '', 204
|
return '', 204
|
||||||
|
|
||||||
|
|
@ -55,8 +54,7 @@ async def kick_guild_member(guild_id, member_id):
|
||||||
async def get_bans(guild_id):
|
async def get_bans(guild_id):
|
||||||
user_id = await token_check()
|
user_id = await token_check()
|
||||||
|
|
||||||
# TODO: check BAN_MEMBERS permission
|
await guild_perm_check(user_id, guild_id, 'ban_members')
|
||||||
await guild_owner_check(user_id, guild_id)
|
|
||||||
|
|
||||||
bans = await app.db.fetch("""
|
bans = await app.db.fetch("""
|
||||||
SELECT user_id, reason
|
SELECT user_id, reason
|
||||||
|
|
@ -79,8 +77,7 @@ async def get_bans(guild_id):
|
||||||
async def create_ban(guild_id, member_id):
|
async def create_ban(guild_id, member_id):
|
||||||
user_id = await token_check()
|
user_id = await token_check()
|
||||||
|
|
||||||
# TODO: check BAN_MEMBERS permission
|
await guild_perm_check(user_id, guild_id, 'ban_members')
|
||||||
await guild_owner_check(user_id, guild_id)
|
|
||||||
|
|
||||||
j = await request.get_json()
|
j = await request.get_json()
|
||||||
|
|
||||||
|
|
@ -103,8 +100,7 @@ async def create_ban(guild_id, member_id):
|
||||||
async def remove_ban(guild_id, banned_id):
|
async def remove_ban(guild_id, banned_id):
|
||||||
user_id = await token_check()
|
user_id = await token_check()
|
||||||
|
|
||||||
# TODO: check BAN_MEMBERS permission
|
await guild_perm_check(user_id, guild_id, 'ban_members')
|
||||||
await guild_owner_check(guild_id, user_id)
|
|
||||||
|
|
||||||
res = await app.db.execute("""
|
res = await app.db.execute("""
|
||||||
DELETE FROM bans
|
DELETE FROM bans
|
||||||
|
|
@ -159,8 +155,7 @@ async def get_prune(guild_id: int, days: int) -> list:
|
||||||
async def get_guild_prune_count(guild_id):
|
async def get_guild_prune_count(guild_id):
|
||||||
user_id = await token_check()
|
user_id = await token_check()
|
||||||
|
|
||||||
# TODO: check KICK_MEMBERS
|
await guild_perm_check(user_id, guild_id, 'kick_members')
|
||||||
await guild_owner_check(user_id, guild_id)
|
|
||||||
|
|
||||||
j = validate(await request.get_json(), GUILD_PRUNE)
|
j = validate(await request.get_json(), GUILD_PRUNE)
|
||||||
days = j['days']
|
days = j['days']
|
||||||
|
|
@ -175,8 +170,7 @@ async def get_guild_prune_count(guild_id):
|
||||||
async def begin_guild_prune(guild_id):
|
async def begin_guild_prune(guild_id):
|
||||||
user_id = await token_check()
|
user_id = await token_check()
|
||||||
|
|
||||||
# TODO: check KICK_MEMBERS
|
await guild_perm_check(user_id, guild_id, 'kick_members')
|
||||||
await guild_owner_check(user_id, guild_id)
|
|
||||||
|
|
||||||
j = validate(await request.get_json(), GUILD_PRUNE)
|
j = validate(await request.get_json(), GUILD_PRUNE)
|
||||||
days = j['days']
|
days = j['days']
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue