feat(permissions): handle rankings on kick / ban
This commit is contained in:
@@ -26,13 +26,28 @@ pub async fn req(
|
|||||||
.map_err(|error| Error::FailedValidation { error })?;
|
.map_err(|error| Error::FailedValidation { error })?;
|
||||||
|
|
||||||
let server = server.as_server(db).await?;
|
let server = server.as_server(db).await?;
|
||||||
perms(&user)
|
|
||||||
.server(&server)
|
if target.id == user.id {
|
||||||
|
return Err(Error::CannotRemoveYourself);
|
||||||
|
}
|
||||||
|
|
||||||
|
if target.id == server.owner {
|
||||||
|
return Err(Error::InvalidOperation);
|
||||||
|
}
|
||||||
|
|
||||||
|
let mut permissions = perms(&user).server(&server);
|
||||||
|
|
||||||
|
permissions
|
||||||
.throw_permission(db, Permission::BanMembers)
|
.throw_permission(db, Permission::BanMembers)
|
||||||
.await?;
|
.await?;
|
||||||
|
|
||||||
let member = target.as_member(db, &server.id).await?;
|
let member = target.as_member(db, &server.id).await?;
|
||||||
// ! FIXME_PERMISSIONS
|
|
||||||
|
if member.get_ranking(permissions.server.get().unwrap())
|
||||||
|
<= permissions.get_member_rank().unwrap_or(i64::MIN)
|
||||||
|
{
|
||||||
|
return Err(Error::NotElevated);
|
||||||
|
}
|
||||||
|
|
||||||
member.ban(db, data.reason).await.map(Json)
|
member.ban(db, data.reason).await.map(Json)
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,15 +1,30 @@
|
|||||||
use revolt_quark::{models::User, perms, Db, EmptyResponse, Permission, Ref, Result};
|
use revolt_quark::{models::User, perms, Db, EmptyResponse, Error, Permission, Ref, Result};
|
||||||
|
|
||||||
#[delete("/<target>/members/<member>")]
|
#[delete("/<target>/members/<member>")]
|
||||||
pub async fn req(db: &Db, user: User, target: Ref, member: Ref) -> Result<EmptyResponse> {
|
pub async fn req(db: &Db, user: User, target: Ref, member: Ref) -> Result<EmptyResponse> {
|
||||||
let server = target.as_server(db).await?;
|
let server = target.as_server(db).await?;
|
||||||
perms(&user)
|
|
||||||
.server(&server)
|
if member.id == user.id {
|
||||||
|
return Err(Error::CannotRemoveYourself);
|
||||||
|
}
|
||||||
|
|
||||||
|
if member.id == server.owner {
|
||||||
|
return Err(Error::InvalidOperation);
|
||||||
|
}
|
||||||
|
|
||||||
|
let mut permissions = perms(&user).server(&server);
|
||||||
|
|
||||||
|
permissions
|
||||||
.throw_permission(db, Permission::KickMembers)
|
.throw_permission(db, Permission::KickMembers)
|
||||||
.await?;
|
.await?;
|
||||||
|
|
||||||
let member = member.as_member(db, &server.id).await?;
|
let member = member.as_member(db, &server.id).await?;
|
||||||
// ! FIXME_PERMISSIONS
|
|
||||||
|
if member.get_ranking(permissions.server.get().unwrap())
|
||||||
|
<= permissions.get_member_rank().unwrap_or(i64::MIN)
|
||||||
|
{
|
||||||
|
return Err(Error::NotElevated);
|
||||||
|
}
|
||||||
|
|
||||||
member.delete(db).await.map(|_| EmptyResponse)
|
member.delete(db).await.map(|_| EmptyResponse)
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user