Drift/delete-your-element
1
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
Files
4287a329f511fba40727606ea60d266303e0fc83
delete-your-element/src/web/routes/guild-settings.js
Cadence Ember 086e8cdc25 Add privacy level controls on web
2024-10-03 03:26:49 +13:00

46 lines
2.0 KiB
JavaScript
Raw Blame History

// @ts-check
const assert = require("assert/strict")
const {z} = require("zod")
const {defineEventHandler, sendRedirect, useSession, createError, readValidatedBody} = require("h3")
const {as, db, sync} = require("../../passthrough")
const {reg} = require("../../matrix/read-registration")
/** @type {import("../../d2m/actions/create-space")} */
const createSpace = sync.require("../../d2m/actions/create-space")
/** @type {["invite", "link", "directory"]} */
const levels = ["invite", "link", "directory"]
const schema = {
autocreate: z.object({
guild_id: z.string(),
autocreate: z.string().optional()
}),
privacyLevel: z.object({
guild_id: z.string(),
level: z.enum(levels)
})
}
as.router.post("/api/autocreate", defineEventHandler(async event => {
const parsedBody = await readValidatedBody(event, schema.autocreate.parse)
const session = await useSession(event, {password: reg.as_token})
if (!(session.data.managedGuilds || []).includes(parsedBody.guild_id)) throw createError({status: 403, message: "Forbidden", data: "Can't change settings for a guild you don't have Manage Server permissions in"})
db.prepare("UPDATE guild_active SET autocreate = ? WHERE guild_id = ?").run(+!!parsedBody.autocreate, parsedBody.guild_id)
return null // 204
}))
as.router.post("/api/privacy-level", defineEventHandler(async event => {
const parsedBody = await readValidatedBody(event, schema.privacyLevel.parse)
const session = await useSession(event, {password: reg.as_token})
if (!(session.data.managedGuilds || []).includes(parsedBody.guild_id)) throw createError({status: 403, message: "Forbidden", data: "Can't change settings for a guild you don't have Manage Server permissions in"})
const i = levels.indexOf(parsedBody.level)
assert.notEqual(i, -1)
db.prepare("UPDATE guild_space SET privacy_level = ? WHERE guild_id = ?").run(i, parsedBody.guild_id)
await createSpace.syncSpaceFully(parsedBody.guild_id) // this is inefficient but OK to call infrequently on user request
return null // 204
}))
Reference in New Issue View Git Blame Copy Permalink