fix: permit empty remove array in edit requests

This commit is contained in:
izzy
2025-08-07 12:57:33 +02:00
parent 947eb15771
commit 6ad3da5f35
11 changed files with 62 additions and 115 deletions

View File

@@ -39,13 +39,7 @@ pub async fn edit(
let permissions = calculate_server_permissions(&mut query).await;
// Check permissions in server
if data.nickname.is_some()
|| data
.remove
.as_ref()
.map(|x| x.contains(&v0::FieldsMember::Nickname))
.unwrap_or_default()
{
if data.nickname.is_some() || data.remove.contains(&v0::FieldsMember::Nickname) {
if user.id == member.id.user {
permissions.throw_if_lacking_channel_permission(ChannelPermission::ChangeNickname)?;
} else {
@@ -53,13 +47,7 @@ pub async fn edit(
}
}
if data.avatar.is_some()
|| data
.remove
.as_ref()
.map(|x| x.contains(&v0::FieldsMember::Avatar))
.unwrap_or_default()
{
if data.avatar.is_some() || data.remove.contains(&v0::FieldsMember::Avatar) {
if user.id == member.id.user {
permissions.throw_if_lacking_channel_permission(ChannelPermission::ChangeAvatar)?;
} else {
@@ -67,23 +55,11 @@ pub async fn edit(
}
}
if data.roles.is_some()
|| data
.remove
.as_ref()
.map(|x| x.contains(&v0::FieldsMember::Roles))
.unwrap_or_default()
{
if data.roles.is_some() || data.remove.contains(&v0::FieldsMember::Roles) {
permissions.throw_if_lacking_channel_permission(ChannelPermission::AssignRoles)?;
}
if data.timeout.is_some()
|| data
.remove
.as_ref()
.map(|x| x.contains(&v0::FieldsMember::Timeout))
.unwrap_or_default()
{
if data.timeout.is_some() || data.remove.contains(&v0::FieldsMember::Timeout) {
if data.timeout.is_some() && member.id.user == user.id {
return Err(create_error!(CannotTimeoutYourself));
}
@@ -136,11 +112,9 @@ pub async fn edit(
};
// 1. Remove fields from object
if let Some(fields) = &remove {
if fields.contains(&v0::FieldsMember::Avatar) {
if let Some(avatar) = &member.avatar {
db.mark_attachment_as_deleted(&avatar.id).await?;
}
if remove.contains(&v0::FieldsMember::Avatar) {
if let Some(avatar) = &member.avatar {
db.mark_attachment_as_deleted(&avatar.id).await?;
}
}
@@ -150,13 +124,7 @@ pub async fn edit(
}
member
.update(
db,
partial,
remove
.map(|v| v.into_iter().map(Into::into).collect())
.unwrap_or_default(),
)
.update(db, partial, remove.into_iter().map(Into::into).collect())
.await?;
Ok(Json(member.into()))

View File

@@ -61,9 +61,7 @@ pub async fn edit(
&server.id,
&role_id,
partial,
remove
.map(|v| v.into_iter().map(Into::into).collect())
.unwrap_or_default(),
remove.into_iter().map(Into::into).collect(),
)
.await?;

View File

@@ -43,7 +43,7 @@ pub async fn edit(
&& data.flags.is_none()
&& data.analytics.is_none()
&& data.discoverable.is_none()
&& data.remove.is_none()
&& data.remove.is_empty()
{
return Ok(Json(server.into()));
} else if data.name.is_some()
@@ -52,7 +52,7 @@ pub async fn edit(
|| data.banner.is_some()
|| data.system_messages.is_some()
|| data.analytics.is_some()
|| data.remove.is_some()
|| !data.remove.is_empty()
{
permissions.throw_if_lacking_channel_permission(ChannelPermission::ManageServer)?;
}
@@ -96,17 +96,15 @@ pub async fn edit(
};
// 1. Remove fields from object
if let Some(fields) = &remove {
if fields.contains(&v0::FieldsServer::Banner) {
if let Some(banner) = &server.banner {
db.mark_attachment_as_deleted(&banner.id).await?;
}
if remove.contains(&v0::FieldsServer::Banner) {
if let Some(banner) = &server.banner {
db.mark_attachment_as_deleted(&banner.id).await?;
}
}
if fields.contains(&v0::FieldsServer::Icon) {
if let Some(icon) = &server.icon {
db.mark_attachment_as_deleted(&icon.id).await?;
}
if remove.contains(&v0::FieldsServer::Icon) {
if let Some(icon) = &server.icon {
db.mark_attachment_as_deleted(&icon.id).await?;
}
}
@@ -149,13 +147,7 @@ pub async fn edit(
}
server
.update(
db,
partial,
remove
.map(|v| v.into_iter().map(Into::into).collect())
.unwrap_or_default(),
)
.update(db, partial, remove.into_iter().map(Into::into).collect())
.await?;
Ok(Json(server.into()))