Merge pull request #1357 from CyberL1/fix/delete-application-user

fix: delete bot user when application is deleted

src/api/routes/applications/#application_id/index.ts

@@ -17,16 +17,11 @@
 */
 
 import { route } from "@spacebar/api";
-import {
+import { Application, DiscordApiErrors, Guild, handleFile, User } from "@spacebar/util";
-	Application,
-	DiscordApiErrors,
-	Guild,
-	handleFile,
-} from "@spacebar/util";
 import { Request, Response, Router } from "express";
 import { HTTPError } from "lambert-server";
 import { verifyToken } from "node-2fa";
-import { ApplicationModifySchema } from "@spacebar/schemas"
+import { ApplicationModifySchema } from "@spacebar/schemas";
 
 const router: Router = Router({ mergeParams: true });
 
@@ -47,8 +42,7 @@ router.get(
 			where: { id: req.params.application_id },
 			relations: ["owner", "bot"],
 		});
-		if (app.owner.id != req.user_id)
+		if (app.owner.id != req.user_id) throw DiscordApiErrors.ACTION_NOT_AUTHORIZED_ON_APPLICATION;
-			throw DiscordApiErrors.ACTION_NOT_AUTHORIZED_ON_APPLICATION;
 
 		return res.json(app);
 	},
@@ -75,27 +69,15 @@ router.patch(
 			relations: ["owner", "bot"],
 		});
 
-		if (app.owner.id != req.user_id)
+		if (app.owner.id != req.user_id) throw DiscordApiErrors.ACTION_NOT_AUTHORIZED_ON_APPLICATION;
-			throw DiscordApiErrors.ACTION_NOT_AUTHORIZED_ON_APPLICATION;
 
-		if (
+		if (app.owner.totp_secret && (!req.body.code || verifyToken(app.owner.totp_secret, req.body.code))) throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008);
-			app.owner.totp_secret &&
-			(!req.body.code ||
-				verifyToken(app.owner.totp_secret, req.body.code))
-		)
-			throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008);
 
 		if (body.icon) {
-			body.icon = await handleFile(
+			body.icon = await handleFile(`/app-icons/${app.id}`, body.icon as string);
-				`/app-icons/${app.id}`,
-				body.icon as string,
-			);
 		}
 		if (body.cover_image) {
-			body.cover_image = await handleFile(
+			body.cover_image = await handleFile(`/app-icons/${app.id}`, body.cover_image as string);
-				`/app-icons/${app.id}`,
-				body.cover_image as string,
-			);
 		}
 
 		if (body.guild_id) {
@@ -103,11 +85,7 @@ router.patch(
 				where: { id: body.guild_id },
 				select: ["owner_id"],
 			});
-			if (guild.owner_id != req.user_id)
+			if (guild.owner_id != req.user_id) throw new HTTPError("You must be the owner of the guild to link it to an application", 400);
-				throw new HTTPError(
-					"You must be the owner of the guild to link it to an application",
-					400,
-				);
 		}
 
 		if (app.bot) {
@@ -138,18 +116,16 @@ router.post(
 			where: { id: req.params.application_id },
 			relations: ["bot", "owner"],
 		});
-		if (app.owner.id != req.user_id)
+		if (app.owner.id != req.user_id) throw DiscordApiErrors.ACTION_NOT_AUTHORIZED_ON_APPLICATION;
-			throw DiscordApiErrors.ACTION_NOT_AUTHORIZED_ON_APPLICATION;
 
-		if (
+		if (app.owner.totp_secret && (!req.body.code || verifyToken(app.owner.totp_secret, req.body.code))) throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008);
-			app.owner.totp_secret &&
-			(!req.body.code ||
-				verifyToken(app.owner.totp_secret, req.body.code))
-		)
-			throw new HTTPError(req.t("auth:login.INVALID_TOTP_CODE"), 60008);
 
 		await Application.delete({ id: app.id });
 
+		if (app.bot) {
+			await User.delete({ id: app.id });
+		}
+
 		res.send().status(200);
 	},
 );