diff --git a/crates/core/result/src/lib.rs b/crates/core/result/src/lib.rs index 84eaaaa1..2a302255 100644 --- a/crates/core/result/src/lib.rs +++ b/crates/core/result/src/lib.rs @@ -117,6 +117,7 @@ pub enum ErrorType { max: usize, }, AlreadyInServer, + CannotTimeoutYourself, // ? Bot related errors ReachedMaximumBots, diff --git a/crates/delta/src/routes/servers/member_edit.rs b/crates/delta/src/routes/servers/member_edit.rs index b6e205b7..89a74b0e 100644 --- a/crates/delta/src/routes/servers/member_edit.rs +++ b/crates/delta/src/routes/servers/member_edit.rs @@ -21,13 +21,13 @@ use validator::Validate; /// /// Edit a member by their id. #[openapi(tag = "Server Members")] -#[patch("//members/", data = "")] +#[patch("//members/", data = "")] pub async fn edit( db: &State, voice_client: &State, user: User, server: Reference, - target: Reference, + member: Reference, data: Json, ) -> Result> { let data = data.into_inner(); @@ -37,10 +37,10 @@ pub async fn edit( }) })?; - // Fetch server and target member + // Fetch server and member let mut server = server.as_server(db).await?; - let mut member = target.as_member(db, &server.id).await?; - let target_user = target.as_user(&db).await?; + let target_user = member.as_user(&db).await?; + let mut member = member.as_member(db, &server.id).await?; // Fetch our currrent permissions let mut query = DatabasePermissionQuery::new(db, &user).server(&server); @@ -92,6 +92,10 @@ pub async fn edit( .map(|x| x.contains(&v0::FieldsMember::Timeout)) .unwrap_or_default() { + if data.timeout.is_some() && member.id.user == user.id { + return Err(create_error!(CannotTimeoutYourself)); + } + permissions.throw_if_lacking_channel_permission(ChannelPermission::TimeoutMembers)?; }