feat: add admin account email change route

Signed-off-by: İspik <ispik@ispik.dev>
This commit is contained in:
İspik
2026-06-28 17:49:45 +03:00
parent 0e8f220dfb
commit f10aaa5bbe
3 changed files with 69 additions and 0 deletions

View File

@@ -325,6 +325,7 @@ auto_derived! {
// Accounts
DeleteAccount,
DisableAccount,
EmailChange,
// Channels
DeleteChannel,
@@ -379,6 +380,7 @@ impl AdminAuditItemActions {
AdminAuditItemActions::ServerFetchMembers => false,
AdminAuditItemActions::DeleteAccount => true,
AdminAuditItemActions::DisableAccount => true,
AdminAuditItemActions::EmailChange => true,
AdminAuditItemActions::DeleteChannel => true,
AdminAuditItemActions::EditChannel => true,
AdminAuditItemActions::WipeChannel => true,

View File

@@ -0,0 +1,66 @@
use crate::routes::admin::util::{
create_audit_action, flatten_authorized_user, user_has_permission,
};
use revolt_database::util::reference::Reference;
use revolt_database::{AdminAuthorization, Database};
use revolt_models::v0::{self};
use revolt_result::{create_error, Result};
use rocket::serde::json::Json;
use rocket::State;
use rocket_empty::EmptyResponse;
use revolt_database::util::email::{normalise_email, validate_email};
/// Change the email of an account. Requires ManageAccounts permissions
#[openapi(tag = "Admin")]
#[patch("/accounts/email/<target>?<case>", data = "<data>")]
pub async fn admin_account_email_change(
db: &State<Database>,
auth: AdminAuthorization,
target: Reference<'_>,
case: Option<&str>,
data: Json<v0::DataChangeEmail>,
) -> Result<EmptyResponse> {
let data = data.into_inner();
validate_email(&data.email)?;
let user = flatten_authorized_user(&auth);
if !user_has_permission(user, v0::AdminUserPermissionFlags::ManageAccounts) {
return Err(create_error!(MissingPermission {
permission: "ManageAccounts".to_string()
}));
}
let target = target.as_user(db).await?;
if target.privileged {
return Err(create_error!(PrivilegedAccount));
}
let admin = db.admin_user_fetch(&target.id).await.ok();
if let Some(admin) = admin {
if user_has_permission(&admin, v0::AdminUserPermissionFlags::ManageAccounts) {
return Err(create_error!(PrivilegedAccount));
}
}
let mut account = db.fetch_account(&target.id).await?;
account.email_normalised = normalise_email(data.email.clone());
account.email = data.email;
account.save(db).await?;
create_audit_action(
db,
&user.id,
v0::AdminAuditItemActions::EmailChange,
case,
Some(&target.id),
None,
)
.await?;
Ok(EmptyResponse)
}

View File

@@ -40,6 +40,7 @@ pub fn routes() -> (Vec<Route>, OpenApi) {
servers::actions::server_remove_members::admin_server_remove_members,
accounts::account_delete::admin_account_delete,
accounts::account_disable::admin_account_disable,
accounts::account_email_change::admin_account_email_change,
channels::actions::channel_delete::admin_delete_channel,
channels::actions::channel_edit::admin_channel_edit,
channels::actions::channel_wipe::admin_channel_wipe,