fix(delta): add check to roles_fetch route

This commit is contained in:
Paul Makles
2024-07-28 17:33:59 +01:00
parent b8fdc07508
commit f8ec6ba5ff

View File

@@ -1,5 +1,9 @@
use revolt_database::{util::reference::Reference, Database};
use revolt_database::{
util::{permissions::DatabasePermissionQuery, reference::Reference},
Database, User,
};
use revolt_models::v0;
use revolt_permissions::PermissionQuery;
use revolt_result::{create_error, Result};
use rocket::{serde::json::Json, State};
@@ -10,10 +14,16 @@ use rocket::{serde::json::Json, State};
#[get("/<target>/roles/<role_id>")]
pub async fn fetch(
db: &State<Database>,
user: User,
target: Reference,
role_id: String,
) -> Result<Json<v0::Role>> {
let mut server = target.as_server(db).await?;
let mut query = DatabasePermissionQuery::new(db, &user).server(&server);
if !query.are_we_a_member().await {
return Err(create_error!(NotFound));
}
let role = server.roles.remove(&role_id);
if let Some(role) = role {