diff --git a/assets/openapi.json b/assets/openapi.json index 9bcb54a5..5cf31327 100644 Binary files a/assets/openapi.json and b/assets/openapi.json differ diff --git a/assets/schemas.json b/assets/schemas.json index bfc7550c..cd3a018f 100644 Binary files a/assets/schemas.json and b/assets/schemas.json differ diff --git a/src/api/routes/webhooks/#webhook_id/#token/index.ts b/src/api/routes/webhooks/#webhook_id/#token/index.ts index 49c47cca..6d1449eb 100644 --- a/src/api/routes/webhooks/#webhook_id/#token/index.ts +++ b/src/api/routes/webhooks/#webhook_id/#token/index.ts @@ -20,7 +20,7 @@ const router = Router(); router.get( "/", route({ - description: "Returns a webhook object for the given id.", + description: "Returns a webhook object for the given id and token.", responses: { 200: { body: "APIWebhook", @@ -45,7 +45,12 @@ router.get( throw DiscordApiErrors.INVALID_WEBHOOK_TOKEN_PROVIDED; } - return res.json(webhook); + const instanceUrl = + Config.get().api.endpointPublic || "http://localhost:3001"; + return res.json({ + ...webhook, + url: instanceUrl + "/webhooks/" + webhook.id + "/" + webhook.token, + }); }, ); diff --git a/src/api/routes/webhooks/#webhook_id/index.ts b/src/api/routes/webhooks/#webhook_id/index.ts index 7d528dbf..98faaac1 100644 --- a/src/api/routes/webhooks/#webhook_id/index.ts +++ b/src/api/routes/webhooks/#webhook_id/index.ts @@ -1,5 +1,10 @@ import { route } from "@spacebar/api"; -import { Webhook } from "@spacebar/util"; +import { + Config, + DiscordApiErrors, + getPermission, + Webhook, +} from "@spacebar/util"; import { Request, Response, Router } from "express"; const router = Router(); @@ -15,18 +20,29 @@ router.get( }, }), async (req: Request, res: Response) => { - // TODO: Permission check const { webhook_id } = req.params; const webhook = await Webhook.findOneOrFail({ where: { id: webhook_id }, - relations: [ - "user", - "guild", - "source_guild", - "application" /*"source_channel"*/, - ], + relations: ["channel", "guild", "application", "user"], + }); + + if (webhook.guild_id) { + const permission = await getPermission( + req.user_id, + webhook.guild_id, + ); + + if (!permission.has("MANAGE_WEBHOOKS")) + throw DiscordApiErrors.UNKNOWN_WEBHOOK; + } else if (webhook.user_id != req.user_id) + throw DiscordApiErrors.UNKNOWN_WEBHOOK; + + const instanceUrl = + Config.get().api.endpointPublic || "http://localhost:3001"; + return res.json({ + ...webhook, + url: instanceUrl + "/webhooks/" + webhook.id + "/" + webhook.token, }); - return res.json(webhook); }, ); diff --git a/src/api/util/handlers/Message.ts b/src/api/util/handlers/Message.ts index 461cddb4..f037417a 100644 --- a/src/api/util/handlers/Message.ts +++ b/src/api/util/handlers/Message.ts @@ -149,7 +149,6 @@ export async function handleMessage(opts: MessageOptions): Promise { `/avatars/${opts.webhook_id}`, dataUri as string, ); - console.log(message.avatar); message.author.avatar = message.avatar; } } else { diff --git a/src/util/entities/Webhook.ts b/src/util/entities/Webhook.ts index b7fba53a..8b1585ad 100644 --- a/src/util/entities/Webhook.ts +++ b/src/util/entities/Webhook.ts @@ -38,20 +38,20 @@ export class Webhook extends BaseClass { name: string; @Column({ nullable: true }) - avatar?: string; + avatar: string; @Column({ nullable: true }) token?: string; @Column({ nullable: true }) @RelationId((webhook: Webhook) => webhook.guild) - guild_id: string; + guild_id?: string; @JoinColumn({ name: "guild_id" }) @ManyToOne(() => Guild, { onDelete: "CASCADE", }) - guild: Guild; + guild?: Guild; @Column({ nullable: true }) @RelationId((webhook: Webhook) => webhook.channel) @@ -92,4 +92,6 @@ export class Webhook extends BaseClass { onDelete: "CASCADE", }) source_guild: Guild; + + url?: string; }