correct authentication

This commit is contained in:
jude 2023-06-16 10:20:42 +01:00
parent 976fb91ecc
commit 96bc09e8b5
3 changed files with 50 additions and 14 deletions

View File

@ -56,14 +56,28 @@ macro_rules! check_authorization {
Some(user_id) => {
match GuildId($guild).to_guild_cached($ctx) {
Some(guild) => {
let member = guild.member($ctx, UserId(user_id)).await;
let member_res = guild.member($ctx, UserId(user_id)).await;
match member {
match member_res {
Err(_) => {
return Err(json!({"error": "User not in guild"}));
}
Ok(_) => {}
Ok(member) => {
let permissions_res = member.permissions($ctx);
match permissions_res {
Err(_) => {
return Err(json!({"error": "Couldn't fetch permissions"}));
}
Ok(permissions) => {
if !(permissions.manage_messages() || permissions.manage_guild() || permissions.administrator()) {
return Err(json!({"error": "Incorrect permissions"}));
}
}
}
}
}
}

View File

@ -139,12 +139,18 @@ async function fetch_channels(guild_id) {
const event = new Event("channelsLoading");
document.dispatchEvent(event);
let hasError = false;
await fetch(`/dashboard/api/guild/${guild_id}/channels`)
.then((response) => response.json())
.then((data) => {
if (data.error) {
if (data.error === "Bot not in guild") {
switch_pane("guild-error");
hasError = true;
} else if (data.error === "Incorrect permissions") {
switch_pane("user-error");
hasError = true;
} else {
show_error(data.error);
}
@ -156,6 +162,8 @@ async function fetch_channels(guild_id) {
const event = new Event("channelsLoaded");
document.dispatchEvent(event);
});
return hasError;
}
async function fetch_reminders(guild_id) {
@ -416,9 +424,10 @@ document.addEventListener("guildSwitched", async (e) => {
.forEach((el) => el.classList.remove("is-locked"));
}
let hasError = await fetch_channels(e.detail.guild_id);
if (!hasError) {
fetch_roles(e.detail.guild_id);
fetch_templates(e.detail.guild_id);
await fetch_channels(e.detail.guild_id);
fetch_reminders(e.detail.guild_id);
document.querySelectorAll("p.pageTitle").forEach((el) => {
@ -429,6 +438,7 @@ document.addEventListener("guildSwitched", async (e) => {
update_select(e.target);
});
});
}
$loader.classList.add("is-hidden");
});

View File

@ -334,6 +334,18 @@
</div>
</div>
</section>
<section id="user-error" class="is-hidden hero is-fullheight">
<div class="hero-body">
<div class="container has-text-centered">
<p class="title">
You do not have permissions for this server
</p>
<p class="subtitle">
Ask an admin to grant you the "Manage Messages" permission.
</p>
</div>
</div>
</section>
</div>
<!-- /main content -->
</div>