RSCord/ServerSpacebarOld
Archived
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #1357 from CyberL1/fix/delete-application-user

Browse Source 
fix: delete bot user when application is deleted
This commit is contained in:
Cyber 2025-10-22 07:45:30 +02:00 committed by GitHub
commit 933073cc52
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 14 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
src/api/routes/applications/#application_id/index.ts
View File

@ -17,16 +17,11 @@
*/
import { route } from "@spacebar/api";
import {
Application,
DiscordApiErrors,
Guild,
handleFile,
} from "@spacebar/util";
import { Application, DiscordApiErrors, Guild, handleFile, User } from "@spacebar/util";
import { Request, Response, Router } from "express";
import { HTTPError } from "lambert-server";
import { verifyToken } from "node-2fa";
import { ApplicationModifySchema } from "@spacebar/schemas"
import { ApplicationModifySchema } from "@spacebar/schemas";
const router: Router = Router({ mergeParams: true });
@ -47,8 +42,7 @@ router.get(
where: { id: req.params.application_id },
relations: ["owner", "bot"],
});
if (app.owner.id != req.user_id)
throw DiscordApiErrors.ACTION_NOT_AUTHORIZED_ON_APPLICATION;
if (app.owner.id != req.user_id) throw DiscordApiErrors.ACTION_NOT_AUTHORIZED_ON_APPLICATION;
return res.json(app);
},
@ -75,27 +69,15 @@ router.patch(
relations: ["owner", "bot"],
});
if (app.owner.id != req.user_id)
throw DiscordApiErrors.ACTION_NOT_AUTHORIZED_ON_APPLICATION;
if (app.owner.id != req.user_id) throw DiscordApiErrors.ACTION_NOT_AUTHORIZED_ON_APPLICATION;
if (
app.owner.totp_secret &&
(!req.body.code ||
verifyToken(app.owner.totp_secret, req.body.code))
)
throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008);
if (app.owner.totp_secret && (!req.body.code || verifyToken(app.owner.totp_secret, req.body.code))) throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008);
if (body.icon) {
body.icon = await handleFile(
`/app-icons/${app.id}`,
body.icon as string,
);
body.icon = await handleFile(`/app-icons/${app.id}`, body.icon as string);
}
if (body.cover_image) {
body.cover_image = await handleFile(
`/app-icons/${app.id}`,
body.cover_image as string,
);
body.cover_image = await handleFile(`/app-icons/${app.id}`, body.cover_image as string);
}
if (body.guild_id) {
@ -103,11 +85,7 @@ router.patch(
where: { id: body.guild_id },
select: ["owner_id"],
});
if (guild.owner_id != req.user_id)
throw new HTTPError(
"You must be the owner of the guild to link it to an application",
400,
);
if (guild.owner_id != req.user_id) throw new HTTPError("You must be the owner of the guild to link it to an application", 400);
}
if (app.bot) {
@ -138,18 +116,16 @@ router.post(
where: { id: req.params.application_id },
relations: ["bot", "owner"],
});
if (app.owner.id != req.user_id)
throw DiscordApiErrors.ACTION_NOT_AUTHORIZED_ON_APPLICATION;
if (app.owner.id != req.user_id) throw DiscordApiErrors.ACTION_NOT_AUTHORIZED_ON_APPLICATION;
if (
app.owner.totp_secret &&
(!req.body.code ||
verifyToken(app.owner.totp_secret, req.body.code))
)
throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008);
if (app.owner.totp_secret && (!req.body.code || verifyToken(app.owner.totp_secret, req.body.code))) throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008);
await Application.delete({ id: app.id });
if (app.bot) {
await User.delete({ id: app.id });
}
res.send().status(200);
},
);