From 0e70e2590b61fa010b939c4d8abed24c275cec9d Mon Sep 17 00:00:00 2001 From: Katalina Date: Sun, 2 Feb 2020 16:10:53 -0500 Subject: [PATCH] fix(DiscordService): getPermissions heeds owner powers --- Server/api/servers.js | 3 ++- Server/services/discord.js | 4 ++-- Server/services/presentation.js | 2 +- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/Server/api/servers.js b/Server/api/servers.js index 1128e63..8c7d5bb 100644 --- a/Server/api/servers.js +++ b/Server/api/servers.js @@ -71,10 +71,11 @@ module.exports = (R, $) => { return } + const guild = await $.discord.getServer(id) const guildRoles = await $.discord.getRoles(id) // check perms - if (!$.discord.getPermissions(gm, guildRoles).canManageRoles) { + if (!$.discord.getPermissions(gm, guildRoles, guild).canManageRoles) { ctx.status = 403 ctx.body = { err: 'cannot_manage_roles' } return diff --git a/Server/services/discord.js b/Server/services/discord.js index 5923165..8341c92 100644 --- a/Server/services/discord.js +++ b/Server/services/discord.js @@ -116,7 +116,7 @@ class DiscordService extends Service { }) } - getPermissions(gm, guildRoles) { + getPermissions(gm, guildRoles, guild) { if (this.isRoot(gm.user.id)) { return { isAdmin: true, @@ -130,7 +130,7 @@ class DiscordService extends Service { .filter(x => !!x) .find(role => (role.permissions & permissionInt) === permissionInt) - const isAdmin = matchFor(0x00000008) + const isAdmin = guild.ownerid === gm.user.id || matchFor(0x00000008) const canManageRoles = isAdmin || matchFor(0x10000000) return { diff --git a/Server/services/presentation.js b/Server/services/presentation.js index 7a49324..40f5b56 100644 --- a/Server/services/presentation.js +++ b/Server/services/presentation.js @@ -58,7 +58,7 @@ class PresentationService extends Service { roles: serverRoles, message: serverData.message, categories: serverData.categories, - perms: this.discord.getPermissions(member, serverRoles), + perms: this.discord.getPermissions(member, serverRoles, server), } }) }