feat(permissions): handle rankings on kick / ban

This commit is contained in:
Paul Makles
2022-02-23 18:08:25 +00:00
parent 0553ce5587
commit a495a8dfd7
2 changed files with 37 additions and 7 deletions

View File

@@ -26,13 +26,28 @@ pub async fn req(
.map_err(|error| Error::FailedValidation { error })?;
let server = server.as_server(db).await?;
perms(&user)
.server(&server)
if target.id == user.id {
return Err(Error::CannotRemoveYourself);
}
if target.id == server.owner {
return Err(Error::InvalidOperation);
}
let mut permissions = perms(&user).server(&server);
permissions
.throw_permission(db, Permission::BanMembers)
.await?;
let member = target.as_member(db, &server.id).await?;
// ! FIXME_PERMISSIONS
if member.get_ranking(permissions.server.get().unwrap())
<= permissions.get_member_rank().unwrap_or(i64::MIN)
{
return Err(Error::NotElevated);
}
member.ban(db, data.reason).await.map(Json)
}

View File

@@ -1,15 +1,30 @@
use revolt_quark::{models::User, perms, Db, EmptyResponse, Permission, Ref, Result};
use revolt_quark::{models::User, perms, Db, EmptyResponse, Error, Permission, Ref, Result};
#[delete("/<target>/members/<member>")]
pub async fn req(db: &Db, user: User, target: Ref, member: Ref) -> Result<EmptyResponse> {
let server = target.as_server(db).await?;
perms(&user)
.server(&server)
if member.id == user.id {
return Err(Error::CannotRemoveYourself);
}
if member.id == server.owner {
return Err(Error::InvalidOperation);
}
let mut permissions = perms(&user).server(&server);
permissions
.throw_permission(db, Permission::KickMembers)
.await?;
let member = member.as_member(db, &server.id).await?;
// ! FIXME_PERMISSIONS
if member.get_ranking(permissions.server.get().unwrap())
<= permissions.get_member_rank().unwrap_or(i64::MIN)
{
return Err(Error::NotElevated);
}
member.delete(db).await.map(|_| EmptyResponse)
}