Merge branch 'master' of https://github.com/bloomsirenix/fosscord-api

2026-06-06 04:01:42 +00:00 · 2021-05-22 22:36:59 +02:00
parent 58b7ebdd5a 71c0050a54
commit b45e372b6e
26 changed files with 605 additions and 184929 deletions
@@ -37,13 +37,17 @@ export class FosscordServer extends Server {
 	}

 	async setupSchema() {
-		await db.collection("users").createIndex({ id: 1 }, { unique: true });
-		await db.collection("messages").createIndex({ id: 1 }, { unique: true });
-		await db.collection("channels").createIndex({ id: 1 }, { unique: true });
-		await db.collection("guilds").createIndex({ id: 1 }, { unique: true });
-		await db.collection("members").createIndex({ id: 1, guild_id: 1 }, { unique: true });
-		await db.collection("roles").createIndex({ id: 1 }, { unique: true });
-		await db.collection("emojis").createIndex({ id: 1 }, { unique: true });
+		return Promise.all([
+			db.collection("users").createIndex({ id: 1 }, { unique: true }),
+			db.collection("messages").createIndex({ id: 1 }, { unique: true }),
+			db.collection("channels").createIndex({ id: 1 }, { unique: true }),
+			db.collection("guilds").createIndex({ id: 1 }, { unique: true }),
+			db.collection("members").createIndex({ id: 1, guild_id: 1 }, { unique: true }),
+			db.collection("roles").createIndex({ id: 1 }, { unique: true }),
+			db.collection("emojis").createIndex({ id: 1 }, { unique: true }),
+			db.collection("invites").createIndex({ code: 1 }, { unique: true }),
+			db.collection("invites").createIndex({ expires_at: 1 }, { expireAfterSeconds: 0 }) // after 0 seconds of expires_at the invite will get delete
+		]);
 	}

 	async start() {
@@ -70,9 +74,9 @@ export class FosscordServer extends Server {
 				fallbackLng: "en",
 				ns,
 				backend: {
-					loadPath: __dirname + "/../locales/{{lng}}/{{ns}}.json",
+					loadPath: __dirname + "/../locales/{{lng}}/{{ns}}.json"
 				},
-				load: "all",
+				load: "all"
 			});
 		this.app.use(i18nextMiddleware.handle(i18next, {}));

@@ -92,8 +96,8 @@ export class FosscordServer extends Server {
 			const response = await fetch(`https://discord.com/assets/${req.params.file}`, {
 				// @ts-ignore
 				headers: {
-					...req.headers,
-				},
+					...req.headers
+				}
 			});
 			const buffer = await response.buffer();

@@ -107,7 +111,7 @@ export class FosscordServer extends Server {
 						"transfer-encoding",
 						"expect-ct",
 						"access-control-allow-origin",
-						"content-encoding",
+						"content-encoding"
 					].includes(name.toLowerCase())
 				) {
 					return;
@@ -24,16 +24,19 @@ router.post("/", check(InviteCreateSchema), async (req: Request, res: Response)
 	const permission = await getPermission(user_id, guild_id);
 	permission.hasThrow("CREATE_INSTANT_INVITE");

+	const expires_at = new Date(req.body.max_age * 1000 + Date.now());
+
 	const invite = {
 		code: random(),
 		temporary: req.body.temporary,
 		uses: 0,
 		max_uses: req.body.max_uses,
 		max_age: req.body.max_age,
+		expires_at,
 		created_at: new Date(),
 		guild_id,
 		channel_id: channel_id,
-		inviter_id: user_id,
+		inviter_id: user_id
 	};

 	await new InviteModel(invite).save();
@@ -1,11 +1,47 @@
-import { ChannelModel, getPermission, MessageDeleteEvent, MessageModel } from "@fosscord/server-util";
+import { ChannelModel, getPermission, MessageDeleteEvent, MessageModel, MessageUpdateEvent, toObject } from "@fosscord/server-util";
 import { Router } from "express";
 import { HTTPError } from "lambert-server";
+import { MessageCreateSchema } from "../../../../../schema/Message";
 import { emitEvent } from "../../../../../util/Event";
 import { check } from "../../../../../util/instanceOf";
+import { handleMessage } from "../../../../../util/Message";

 const router = Router();
-// TODO:
+
+router.patch("/", check(MessageCreateSchema), async (req, res) => {
+	const { message_id, channel_id } = req.params;
+	var body = req.body as MessageCreateSchema;
+
+	var message = await MessageModel.findOne({ id: message_id, channel_id }, { author_id: true }).exec();
+	if (!message) throw new HTTPError("Message not found", 404);
+
+	const permissions = await getPermission(req.user_id, undefined, channel_id);
+
+	if (req.user_id !== message.author_id) {
+		permissions.hasThrow("MANAGE_MESSAGES");
+		body = { flags: body.flags };
+	}
+
+	const opts = await handleMessage({
+		...body,
+		author_id: message.author_id,
+		channel_id,
+		id: message_id,
+		edited_timestamp: new Date()
+	});
+
+	message = await MessageModel.findOneAndUpdate({ id: message_id }, opts).populate("author").exec();
+	if (!message) throw new HTTPError("Message not found", 404);
+
+	await emitEvent({
+		event: "MESSAGE_UPDATE",
+		channel_id,
+		guild_id: message.guild_id,
+		data: { ...toObject(message), nonce: undefined }
+	} as MessageUpdateEvent);
+
+	return res.json(toObject(message));
+});

 router.delete("/", async (req, res) => {
 	const { message_id, channel_id } = req.params;
@@ -1,6 +1,206 @@
+import {
+	ChannelModel,
+	EmojiModel,
+	getPermission,
+	MemberModel,
+	MessageModel,
+	MessageReactionAddEvent,
+	MessageReactionRemoveAllEvent,
+	MessageReactionRemoveEmojiEvent,
+	MessageReactionRemoveEvent,
+	PartialEmoji,
+	PublicUserProjection,
+	toObject,
+	UserModel
+} from "@fosscord/server-util";
 import { Router } from "express";
+import { HTTPError } from "lambert-server";
+import { emitEvent } from "../../../../../util/Event";

 const router = Router();
-// TODO:
+// TODO: check if emoji is really an unicode emoji or a prperly encoded external emoji
+
+function getEmoji(emoji: string): PartialEmoji {
+	emoji = decodeURIComponent(emoji);
+	const parts = emoji.includes(":") && emoji.split(":");
+	if (parts)
+		return {
+			name: parts[0],
+			id: parts[1]
+		};
+
+	return {
+		id: undefined,
+		name: emoji
+	};
+}
+
+router.delete("/", async (req, res) => {
+	const { message_id, channel_id } = req.params;
+
+	const channel = await ChannelModel.findOne({ id: channel_id }, { guild_id: true }).exec();
+	if (!channel) throw new HTTPError("Channel not found", 404);
+
+	const permissions = await getPermission(req.user_id, undefined, channel_id);
+	permissions.hasThrow("MANAGE_MESSAGES");
+
+	const message = await MessageModel.findOneAndUpdate({ id: message_id, channel_id }, { reactions: [] }).exec();
+	if (!message) throw new HTTPError("Message not found", 404);
+
+	await emitEvent({
+		event: "MESSAGE_REACTION_REMOVE_ALL",
+		channel_id,
+		guild_id: channel.guild_id,
+		data: {
+			channel_id,
+			message_id,
+			guild_id: channel.guild_id
+		}
+	} as MessageReactionRemoveAllEvent);
+
+	res.sendStatus(204);
+});
+
+router.delete("/:emoji", async (req, res) => {
+	const { message_id, channel_id } = req.params;
+	const emoji = getEmoji(req.params.emoji);
+
+	const channel = await ChannelModel.findOne({ id: channel_id }, { guild_id: true }).exec();
+	if (!channel) throw new HTTPError("Channel not found", 404);
+
+	const permissions = await getPermission(req.user_id, undefined, channel_id);
+	permissions.hasThrow("MANAGE_MESSAGES");
+
+	const message = await MessageModel.findOne({ id: message_id, channel_id }).exec();
+	if (!message) throw new HTTPError("Message not found", 404);
+
+	const already_added = message.reactions.find((x) => (x.emoji.id === emoji.id && emoji.id) || x.emoji.name === emoji.name);
+	if (!already_added) throw new HTTPError("Reaction not found", 404);
+	message.reactions.remove(already_added);
+
+	await MessageModel.updateOne({ id: message_id, channel_id }, message).exec();
+
+	await emitEvent({
+		event: "MESSAGE_REACTION_REMOVE_EMOJI",
+		channel_id,
+		guild_id: channel.guild_id,
+		data: {
+			channel_id,
+			message_id,
+			guild_id: channel.guild_id,
+			emoji
+		}
+	} as MessageReactionRemoveEmojiEvent);
+
+	res.sendStatus(204);
+});
+
+router.get("/:emoji", async (req, res) => {
+	const { message_id, channel_id } = req.params;
+	const emoji = getEmoji(req.params.emoji);
+
+	const message = await MessageModel.findOne({ id: message_id, channel_id }).exec();
+	if (!message) throw new HTTPError("Message not found", 404);
+	const reaction = message.reactions.find((x) => (x.emoji.id === emoji.id && emoji.id) || x.emoji.name === emoji.name);
+	if (!reaction) throw new HTTPError("Reaction not found", 404);
+
+	const permissions = await getPermission(req.user_id, undefined, channel_id);
+	permissions.hasThrow("VIEW_CHANNEL");
+
+	const users = await UserModel.find({ id: { $in: reaction.user_ids } }, PublicUserProjection).exec();
+
+	res.json(toObject(users));
+});
+
+router.put("/:emoji/:user_id", async (req, res) => {
+	const { message_id, channel_id, user_id } = req.params;
+	if (user_id !== "@me") throw new HTTPError("Invalid user");
+	const emoji = getEmoji(req.params.emoji);
+
+	const channel = await ChannelModel.findOne({ id: channel_id }, { guild_id: true }).exec();
+	if (!channel) throw new HTTPError("Channel not found", 404);
+
+	const message = await MessageModel.findOne({ id: message_id, channel_id }).exec();
+	if (!message) throw new HTTPError("Message not found", 404);
+	const already_added = message.reactions.find((x) => (x.emoji.id === emoji.id && emoji.id) || x.emoji.name === emoji.name);
+
+	const permissions = await getPermission(req.user_id, undefined, channel_id);
+	permissions.hasThrow("READ_MESSAGE_HISTORY");
+	if (!already_added) permissions.hasThrow("ADD_REACTIONS");
+
+	if (emoji.id) {
+		const external_emoji = await EmojiModel.findOne({ id: emoji.id }).exec();
+		if (!external_emoji) throw new HTTPError("Emoji not found", 404);
+		if (!already_added) permissions.hasThrow("USE_EXTERNAL_EMOJIS");
+		emoji.animated = external_emoji.animated;
+		emoji.name = external_emoji.name;
+	}
+
+	if (already_added) {
+		if (already_added.user_ids.includes(req.user_id)) return res.sendStatus(204); // Do not throw an error ¯\_(ツ)_/¯ as discord also doesn't throw any error
+		already_added.count++;
+	} else message.reactions.push({ count: 1, emoji, user_ids: [req.user_id] });
+
+	await MessageModel.updateOne({ id: message_id, channel_id }, message).exec();
+
+	const member = channel.guild_id && (await MemberModel.findOne({ id: req.user_id }).exec());
+
+	await emitEvent({
+		event: "MESSAGE_REACTION_ADD",
+		channel_id,
+		guild_id: channel.guild_id,
+		data: {
+			user_id: req.user_id,
+			channel_id,
+			message_id,
+			guild_id: channel.guild_id,
+			emoji,
+			member
+		}
+	} as MessageReactionAddEvent);
+
+	res.sendStatus(204);
+});
+
+router.delete("/:emoji/:user_id", async (req, res) => {
+	var { message_id, channel_id, user_id } = req.params;
+
+	const emoji = getEmoji(req.params.emoji);
+
+	const channel = await ChannelModel.findOne({ id: channel_id }, { guild_id: true }).exec();
+	if (!channel) throw new HTTPError("Channel not found", 404);
+
+	const message = await MessageModel.findOne({ id: message_id, channel_id }).exec();
+	if (!message) throw new HTTPError("Message not found", 404);
+
+	const permissions = await getPermission(req.user_id, undefined, channel_id);
+
+	if (user_id === "@me") user_id = req.user_id;
+	else permissions.hasThrow("MANAGE_MESSAGES");
+
+	const already_added = message.reactions.find((x) => (x.emoji.id === emoji.id && emoji.id) || x.emoji.name === emoji.name);
+	if (!already_added || !already_added.user_ids.includes(user_id)) throw new HTTPError("Reaction not found", 404);
+
+	already_added.count--;
+
+	if (already_added.count <= 0) message.reactions.remove(already_added);
+
+	await MessageModel.updateOne({ id: message_id, channel_id }, message).exec();
+
+	await emitEvent({
+		event: "MESSAGE_REACTION_REMOVE",
+		channel_id,
+		guild_id: channel.guild_id,
+		data: {
+			user_id: req.user_id,
+			channel_id,
+			message_id,
+			guild_id: channel.guild_id,
+			emoji
+		}
+	} as MessageReactionRemoveEvent);
+
+	res.sendStatus(204);
+});

 export default router;
@@ -76,7 +76,18 @@ router.get("/", async (req, res) => {

 	const messages = await query.limit(limit).exec();

-	return res.json(toObject(messages));
+	return res.json(
+		toObject(messages).map((x) => {
+			(x.reactions || []).forEach((x) => {
+				// @ts-ignore
+				if ((x.user_ids || []).includes(req.user_id)) x.me = true;
+				// @ts-ignore
+				delete x.user_ids;
+			});
+
+			return x;
+		})
+	);
 });

 // TODO: config max upload size
@@ -13,6 +13,7 @@ import { HTTPError } from "lambert-server";
 import { ChannelModifySchema } from "../../../schema/Channel";
 import { emitEvent } from "../../../util/Event";
 import { check } from "../../../util/instanceOf";
+import { createChannel } from "../../../util/Channel";
 const router = Router();

 router.get("/", async (req, res) => {
@@ -26,41 +27,7 @@ router.post("/", check(ChannelModifySchema), async (req, res) => {
 	const { guild_id } = req.params;
 	const body = req.body as ChannelModifySchema;

-	if (!body.permission_overwrites) body.permission_overwrites = [];
-	if (!body.topic) body.topic = "";
-	if (!body.rate_limit_per_user) body.rate_limit_per_user = 0;
-
-	switch (body.type) {
-		case ChannelType.DM:
-		case ChannelType.GROUP_DM:
-			throw new HTTPError("You can't create a dm channel in a guild");
-		// TODO:
-		case ChannelType.GUILD_STORE:
-			throw new HTTPError("Not yet supported");
-		case ChannelType.GUILD_NEWS:
-		// TODO: check if guild is community server
-	}
-
-	if (body.parent_id) {
-		const exists = await ChannelModel.findOne({ id: body.parent_id }, { guild_id: true }).exec();
-		if (!exists) throw new HTTPError("Parent id channel doesn't exist", 400);
-		if (exists.guild_id !== guild_id) throw new HTTPError("The category channel needs to be in the guild");
-	}
-
-	const guild = await GuildModel.findOne({ id: guild_id }, { id: true }).exec();
-	if (!guild) throw new HTTPError("Guild not found", 404);
-
-	const channel = {
-		...body,
-		id: Snowflake.generate(),
-		created_at: new Date(),
-		guild_id,
-		recipients: null
-	};
-
-	await new ChannelModel(channel).save();
-
-	await emitEvent({ event: "CHANNEL_CREATE", data: channel, guild_id } as ChannelCreateEvent);
+	const channel = await createChannel({ ...body, guild_id }, req.user_id);

 	res.json(channel);
 });
@@ -54,15 +54,4 @@ router.patch("/", check(GuildUpdateSchema), async (req: Request, res: Response)
 	return res.send(data);
 });

-router.get("/vanity-url", async (req: Request, res: Response) => {
-	const { guild_id } = req.params;
-
-	const guild = await GuildModel.findOne({ id: guild_id }).exec();
-	if (!guild) throw new HTTPError("Guild does not exist", 404);
-
-	if (!guild.vanity_url) throw new HTTPError("This guild has no vanity url", 204);
-
-	return res.json(guild.vanity_url);
-});
-
 export default router;
@@ -1,114 +0,0 @@
-import { Request, Response, Router } from "express";
-import {
-	GuildModel,
-	MemberModel,
-	UserModel,
-	toObject,
-	GuildMemberAddEvent,
-	getPermission,
-	PermissionResolvable,
-} from "@fosscord/server-util";
-import { HTTPError } from "lambert-server";
-import { instanceOf, Length, check } from "../../../util/instanceOf";
-import { PublicMemberProjection, addMember, removeMember, addRole, removeRole, changeNickname, isMember } from "../../../util/Member";
-import { emitEvent } from "../../../util/Event";
-import { MemberNickChangeSchema } from "../../../schema/Member";
-import { getPublicUser } from "../../../util/User";
-
-const router = Router();
-
-// TODO: not allowed for user -> only allowed for bots with privileged intents
-// TODO: send over websocket
-router.get("/", async (req: Request, res: Response) => {
-	const { guild_id } = req.params;
-	const guild = await GuildModel.findOne({ id: guild_id }).exec();
-	if (!guild) throw new HTTPError("Guild not found", 404);
-	await isMember(req.user_id, guild_id);
-
-	try {
-		instanceOf({ $limit: new Length(Number, 1, 1000), $after: String }, req.query, {
-			path: "query",
-			req,
-			ref: { obj: null, key: "" },
-		});
-	} catch (error) {
-		return res.status(400).json({ code: 50035, message: "Invalid Query", success: false, errors: error });
-	}
-
-	// @ts-ignore
-	if (!req.query.limit) req.query.limit = 1;
-	const { limit, after } = (<unknown>req.query) as { limit: number; after: string };
-	const query = after ? { id: { $gt: after } } : {};
-
-	var members = await MemberModel.find({ guild_id, ...query }, PublicMemberProjection)
-		.limit(limit)
-		.exec();
-
-	return res.json(toObject(members));
-});
-
-router.get("/:member_id", async (req: Request, res: Response) => {
-	const { guild_id, member_id } = req.params;
-	await isMember(req.user_id, guild_id);
-
-	const member = await MemberModel.findOne({ id: member_id, guild_id }).exec();
-	if (!member) throw new HTTPError("Member not found", 404);
-
-	return res.json(toObject(member));
-});
-
-router.put("/:member_id", async (req: Request, res: Response) => {
-	const { guild_id, member_id } = req.params;
-
-	throw new HTTPError("Maintenance: Currently you can't add a member", 403)
-	// TODO: only for oauth2 applications
-	await addMember(member_id, guild_id);
-	res.sendStatus(204)
-});
-
-router.delete("/:member_id", async (req: Request, res: Response) => {
-	const { guild_id, member_id } = req.params;
-
-	const perms = await getPermission(req.user_id, guild_id);
-	perms.hasThrow("KICK_MEMBERS");
-
-	await removeMember(member_id, guild_id);
-	res.sendStatus(204)
-});
-
-router.delete("/:member_id/roles/:role_id", async (req: Request, res: Response) => {
-	const { guild_id, role_id, member_id } = req.params;
-
-	const perms = await getPermission(req.user_id, guild_id);
-	perms.hasThrow("MANAGE_ROLES");
-
-	await removeRole(member_id, guild_id, role_id);
-	res.sendStatus(204);
-});
-
-router.put("/:member_id/roles/:role_id", async (req: Request, res: Response) => {
-	const { guild_id, role_id, member_id } = req.params;
-
-	const perms = await getPermission(req.user_id, guild_id);
-	perms.hasThrow("MANAGE_ROLES");
-
-	await addRole(member_id, guild_id, role_id);
-	res.sendStatus(204);
-});
-
-router.patch("/:member_id/nick", check(MemberNickChangeSchema), async (req: Request, res: Response) => {
-	var { guild_id, member_id } = req.params;
-	var permissionString: PermissionResolvable = "MANAGE_NICKNAMES";
-	if (member_id === "@me") {
-		member_id = req.user_id;
-		permissionString = "CHANGE_NICKNAME";
-	}
-
-	const perms = await getPermission(req.user_id, guild_id);
-	perms.hasThrow(permissionString);
-
-	await changeNickname(member_id, guild_id, req.body.nickname);
-	res.status(204);
-});
-
-export default router;
@@ -0,0 +1,70 @@
+import { Request, Response, Router } from "express";
+import {
+	GuildModel,
+	MemberModel,
+	UserModel,
+	toObject,
+	GuildMemberAddEvent,
+	getPermission,
+	PermissionResolvable,
+	RoleModel,
+	GuildMemberUpdateEvent
+} from "@fosscord/server-util";
+import { HTTPError } from "lambert-server";
+import { addMember, isMember, removeMember } from "../../../../../util/Member";
+import { check } from "../../../../../util/instanceOf";
+import { MemberChangeSchema } from "../../../../../schema/Member";
+import { emitEvent } from "../../../../../util/Event";
+
+const router = Router();
+
+router.get("/", async (req: Request, res: Response) => {
+	const { guild_id, member_id } = req.params;
+	await isMember(req.user_id, guild_id);
+
+	const member = await MemberModel.findOne({ id: member_id, guild_id }).exec();
+	if (!member) throw new HTTPError("Member not found", 404);
+
+	return res.json(toObject(member));
+});
+
+router.patch("/", check(MemberChangeSchema), async (req, res) => {
+	const { guild_id, member_id } = req.params;
+	const body = req.body as MemberChangeSchema;
+	if (body.roles) {
+		const roles = await RoleModel.find({ id: { $in: body.roles } }).exec();
+		if (body.roles.length !== roles.length) throw new HTTPError("Roles not found", 404);
+		// TODO: check if user has permission to add role
+	}
+
+	const member = await MemberModel.findOneAndUpdate({ id: member_id, guild_id }, body).exec();
+
+	await emitEvent({
+		event: "GUILD_MEMBER_UPDATE",
+		guild_id,
+		data: toObject(member)
+	} as GuildMemberUpdateEvent);
+
+	res.json(toObject(member));
+});
+
+router.put("/", async (req: Request, res: Response) => {
+	const { guild_id, member_id } = req.params;
+
+	throw new HTTPError("Maintenance: Currently you can't add a member", 403);
+	// TODO: only for oauth2 applications
+	await addMember(member_id, guild_id);
+	res.sendStatus(204);
+});
+
+router.delete("/", async (req: Request, res: Response) => {
+	const { guild_id, member_id } = req.params;
+
+	const perms = await getPermission(req.user_id, guild_id);
+	perms.hasThrow("KICK_MEMBERS");
+
+	await removeMember(member_id, guild_id);
+	res.sendStatus(204);
+});
+
+export default router;
@@ -0,0 +1,24 @@
+import { getPermission, PermissionResolvable } from "@fosscord/server-util";
+import { Request, Response, Router } from "express";
+import { check } from "lambert-server";
+import { MemberNickChangeSchema } from "../../../../../schema/Member";
+import { changeNickname } from "../../../../../util/Member";
+
+const router = Router();
+
+router.patch("/", check(MemberNickChangeSchema), async (req: Request, res: Response) => {
+	var { guild_id, member_id } = req.params;
+	var permissionString: PermissionResolvable = "MANAGE_NICKNAMES";
+	if (member_id === "@me") {
+		member_id = req.user_id;
+		permissionString = "CHANGE_NICKNAME";
+	}
+
+	const perms = await getPermission(req.user_id, guild_id);
+	perms.hasThrow(permissionString);
+
+	await changeNickname(member_id, guild_id, req.body.nickname);
+	res.status(204);
+});
+
+export default router;
@@ -0,0 +1,27 @@
+import { getPermission } from "@fosscord/server-util";
+import { Request, Response, Router } from "express";
+import { addRole, removeRole } from "../../../../../../../util/Member";
+
+const router = Router();
+
+router.delete("/:member_id/roles/:role_id", async (req: Request, res: Response) => {
+	const { guild_id, role_id, member_id } = req.params;
+
+	const perms = await getPermission(req.user_id, guild_id);
+	perms.hasThrow("MANAGE_ROLES");
+
+	await removeRole(member_id, guild_id, role_id);
+	res.sendStatus(204);
+});
+
+router.put("/:member_id/roles/:role_id", async (req: Request, res: Response) => {
+	const { guild_id, role_id, member_id } = req.params;
+
+	const perms = await getPermission(req.user_id, guild_id);
+	perms.hasThrow("MANAGE_ROLES");
+
+	await addRole(member_id, guild_id, role_id);
+	res.sendStatus(204);
+});
+
+export default router;
@@ -0,0 +1,39 @@
+import { Request, Response, Router } from "express";
+import { GuildModel, MemberModel, toObject } from "@fosscord/server-util";
+import { HTTPError } from "lambert-server";
+import { instanceOf, Length } from "../../../../util/instanceOf";
+import { PublicMemberProjection, isMember } from "../../../../util/Member";
+
+const router = Router();
+
+// TODO: not allowed for user -> only allowed for bots with privileged intents
+// TODO: send over websocket
+router.get("/", async (req: Request, res: Response) => {
+	const { guild_id } = req.params;
+	const guild = await GuildModel.findOne({ id: guild_id }).exec();
+	if (!guild) throw new HTTPError("Guild not found", 404);
+	await isMember(req.user_id, guild_id);
+
+	try {
+		instanceOf({ $limit: new Length(Number, 1, 1000), $after: String }, req.query, {
+			path: "query",
+			req,
+			ref: { obj: null, key: "" }
+		});
+	} catch (error) {
+		return res.status(400).json({ code: 50035, message: "Invalid Query", success: false, errors: error });
+	}
+
+	// @ts-ignore
+	if (!req.query.limit) req.query.limit = 1;
+	const { limit, after } = (<unknown>req.query) as { limit: number; after: string };
+	const query = after ? { id: { $gt: after } } : {};
+
+	var members = await MemberModel.find({ guild_id, ...query }, PublicMemberProjection)
+		.limit(limit)
+		.exec();
+
+	return res.json(toObject(members));
+});
+
+export default router;
@@ -1,27 +1,38 @@
 import { Request, Response, Router } from "express";
-import { RoleModel, GuildModel, getPermission, toObject, UserModel, Snowflake, MemberModel } from "@fosscord/server-util";
+import {
+	RoleModel,
+	GuildModel,
+	getPermission,
+	toObject,
+	UserModel,
+	Snowflake,
+	MemberModel,
+	GuildRoleCreateEvent,
+	GuildRoleUpdateEvent,
+	GuildRoleDeleteEvent
+} from "@fosscord/server-util";
 import { HTTPError } from "lambert-server";
 import { emitEvent } from "../../../util/Event";
 import { check } from "../../../util/instanceOf";
-import { RoleCreateSchema, RoleModifySchema } from "../../../schema/Roles";
+import { RoleModifySchema } from "../../../schema/Roles";
 import { getPublicUser } from "../../../util/User";
+import { isMember } from "../../../util/Member";

 const router: Router = Router();

 router.get("/", async (req: Request, res: Response) => {
 	const guild_id = req.params.guild_id;

-	const guild = await GuildModel.exists({ id: guild_id });
-	if (!guild) throw new HTTPError("Guild not found", 404);
+	await isMember(req.user_id, guild_id);
+
+	const roles = await RoleModel.find({ guild_id: guild_id }).exec();

-	var roles = await RoleModel.find({ guild_id: guild_id }).exec();
-	if (!roles) res.send("No roles");
 	return res.json(toObject(roles));
 });

-router.post("/", check(RoleCreateSchema), async (req: Request, res: Response) => {
+router.post("/", check(RoleModifySchema), async (req: Request, res: Response) => {
 	const guild_id = req.params.guild_id;
-	const body = req.body as RoleCreateSchema;
+	const body = req.body as RoleModifySchema;

 	const guild = await GuildModel.findOne({ id: guild_id }, { id: true }).exec();
 	if (!guild) throw new HTTPError("Guild not found", 404);
@@ -30,22 +41,29 @@ router.post("/", check(RoleCreateSchema), async (req: Request, res: Response) =>
 	if (!user) throw new HTTPError("User not found", 404);

 	const perms = await getPermission(req.user_id, guild_id);
+	perms.hasThrow("MANAGE_ROLES");
+	if (!body.name) throw new HTTPError("You need to specify a name");

-	if (!perms.has("MANAGE_ROLES")) throw new HTTPError("You missing the MANAGE_ROLES permission", 401);
-
-	const role_id = Snowflake.generate();
-
-	var role = {
+	const role = await new RoleModel({
 		...body,
-		id: role_id,
+		id: Snowflake.generate(),
 		guild_id: guild_id,
 		managed: false,
 		position: 0,
-		tags: null
-	};
+		tags: null,
+		permissions: body.permissions || 0n
+	}).save();

-	const roleNew = await new RoleModel(role).save();
-	res.json(toObject(roleNew)).send();
+	await emitEvent({
+		event: "GUILD_ROLE_CREATE",
+		guild_id,
+		data: {
+			guild_id,
+			role: toObject(role)
+		}
+	} as GuildRoleCreateEvent);
+
+	res.json(toObject(role));
 });

 router.delete("/:role_id", async (req: Request, res: Response) => {
@@ -68,7 +86,16 @@ router.delete("/:role_id", async (req: Request, res: Response) => {
 		guild_id: guild_id
 	}).exec();

-	res.send("Deleted");
+	await emitEvent({
+		event: "GUILD_ROLE_DELETE",
+		guild_id,
+		data: {
+			guild_id,
+			role_id
+		}
+	} as GuildRoleDeleteEvent);
+
+	res.sendStatus(204);
 });

 // TODO: check role hierarchy
@@ -76,6 +103,7 @@ router.delete("/:role_id", async (req: Request, res: Response) => {
 router.patch("/:role_id", check(RoleModifySchema), async (req: Request, res: Response) => {
 	const guild_id = req.params.guild_id;
 	const { role_id } = req.params;
+	const body = req.body as RoleModifySchema;

 	const guild = await GuildModel.findOne({ id: guild_id }, { id: true }).exec();
 	if (!guild) throw new HTTPError("Guild not found", 404);
@@ -92,9 +120,19 @@ router.patch("/:role_id", check(RoleModifySchema), async (req: Request, res: Res
 			id: role_id,
 			guild_id: guild_id
 		},
-		...req.body
+		// @ts-ignore
+		body
 	).exec();

+	await emitEvent({
+		event: "GUILD_ROLE_UPDATE",
+		guild_id,
+		data: {
+			guild_id,
+			role
+		}
+	} as GuildRoleUpdateEvent);
+
 	res.json(toObject(role));
 });

@@ -6,6 +6,7 @@ import { GuildCreateSchema } from "../../schema/Guild";
 import Config from "../../util/Config";
 import { getPublicUser } from "../../util/User";
 import { addMember } from "../../util/Member";
+import { createChannel } from "../../util/Channel";

 const router: Router = Router();

@@ -80,7 +81,8 @@ router.post("/", check(GuildCreateSchema), async (req: Request, res: Response) =
 		}).save()
 	]);

-	await addMember(req.user_id, guild_id, { guild: guild_doc });
+	await createChannel({ name: "general", type: 0, guild_id, position: 0, permission_overwrites: [] }, req.user_id);
+	await addMember(req.user_id, guild_id);

 	res.status(201).json({ id: guild.id });
 });
@@ -7,7 +7,7 @@ export const InviteCreateSchema = {
 	$temporary: Boolean,
 	$unique: Boolean,
 	$target_user: String,
-	$target_user_type: Number,
+	$target_user_type: Number
 };
 export interface InviteCreateSchema {
 	target_user_id?: String;
@@ -1,21 +1,29 @@
 export const MemberCreateSchema = {
 	id: String,
-    nick: String,
-    guild_id: String,
-	joined_at: Date,
+	nick: String,
+	guild_id: String,
+	joined_at: Date
 };

 export interface MemberCreateSchema {
 	id: string;
-    nick: string;
-    guild_id: string;
+	nick: string;
+	guild_id: string;
 	joined_at: Date;
 }

 export const MemberNickChangeSchema = {
-	 nick: String,
-}
+	nick: String
+};

 export interface MemberNickChangeSchema {
-	 nick: string,
-}
+	nick: string;
+}
+
+export const MemberChangeSchema = {
+	$roles: [String]
+};
+
+export interface MemberChangeSchema {
+	roles?: string[];
+}
@@ -5,6 +5,7 @@ export const MessageCreateSchema = {
 	$content: new Length(String, 0, 2000),
 	$nonce: String,
 	$tts: Boolean,
+	$flags: BigInt,
 	$embed: {
 		$title: new Length(String, 0, 256), //title of embed
 		$type: String, // type of embed (always "rich" for webhook embeds)
@@ -15,48 +16,49 @@ export const MessageCreateSchema = {
 		$footer: {
 			text: new Length(String, 0, 2048),
 			icon_url: String,
-			proxy_icon_url: String,
+			proxy_icon_url: String
 		}, // footer object	footer information
 		$image: EmbedImage, // image object	image information
 		$thumbnail: EmbedImage, // thumbnail object	thumbnail information
 		$video: EmbedImage, // video object	video information
 		$provider: {
 			name: String,
-			url: String,
+			url: String
 		}, // provider object	provider information
 		$author: {
 			name: new Length(String, 0, 256),
 			url: String,
 			icon_url: String,
-			proxy_icon_url: String,
+			proxy_icon_url: String
 		}, // author object	author information
 		$fields: new Length(
 			[
 				{
 					name: new Length(String, 0, 256),
 					value: new Length(String, 0, 1024),
-					$inline: Boolean,
-				},
+					$inline: Boolean
+				}
 			],
 			0,
 			25
-		),
+		)
 	},
 	$allowed_mentions: [],
 	$message_reference: {
 		message_id: String,
 		channel_id: String,
 		$guild_id: String,
-		$fail_if_not_exists: Boolean,
+		$fail_if_not_exists: Boolean
 	},
 	$payload_json: String,
-	$file: Object,
+	$file: Object
 };

 export interface MessageCreateSchema {
 	content?: string;
 	nonce?: string;
 	tts?: boolean;
+	flags?: bigint;
 	embed?: Embed & { timestamp?: string };
 	allowed_mentions?: [];
 	message_reference?: {
@@ -1,34 +1,17 @@
-export const RoleCreateSchema = {
-	name: String,
-	permissions: BigInt,
-	color: Number, 
-	hoist: Boolean, // whether the role should be displayed separately in the sidebar
-	mentionable: Boolean // whether the role should be mentionable
-};
-
-export interface RoleCreateSchema {
-	name: string,
-	permissions: BigInt,
-	color: number,
-	hoist: boolean, // whether the role should be displayed separately in the sidebar
-	mentionable: boolean // whether the role should be mentionable
-}
-
 export const RoleModifySchema = {
 	$name: String,
 	$permissions: BigInt,
 	$color: Number,
 	$hoist: Boolean, // whether the role should be displayed separately in the sidebar
 	$mentionable: Boolean, // whether the role should be mentionable
-	$position: Number,
-
+	$position: Number
 };

 export interface RoleModifySchema {
-	name?: string,
-	permissions?: BigInt,
-	color?: number,
-	hoist?: boolean, // whether the role should be displayed separately in the sidebar
-	mentionable?: boolean, // whether the role should be mentionable
-	position?: number,
+	name?: string;
+	permissions?: BigInt;
+	color?: number;
+	hoist?: boolean; // whether the role should be displayed separately in the sidebar
+	mentionable?: boolean; // whether the role should be mentionable
+	position?: number;
 }
@@ -1,8 +1,3 @@
-import { getPermission } from "@fosscord/server-util";
+import { Snowflake } from "@fosscord/server-util";

-async function main() {
-	const t = await getPermission("811642917432066048", "812327318532915201");
-	console.log(t);
-}
-
-main();
+console.log(Snowflake.deconstruct("0"));
@@ -0,0 +1,54 @@
+import {
+	ChannelCreateEvent,
+	ChannelModel,
+	ChannelType,
+	getPermission,
+	GuildModel,
+	Snowflake,
+	TextChannel,
+	VoiceChannel
+} from "@fosscord/server-util";
+import { HTTPError } from "lambert-server";
+import { emitEvent } from "./Event";
+
+// TODO: DM channel
+export async function createChannel(channel: Partial<TextChannel | VoiceChannel>, user_id: string = "0") {
+	if (!channel.permission_overwrites) channel.permission_overwrites = [];
+
+	switch (channel.type) {
+		case ChannelType.GUILD_TEXT:
+		case ChannelType.GUILD_VOICE:
+			break;
+		case ChannelType.DM:
+		case ChannelType.GROUP_DM:
+			throw new HTTPError("You can't create a dm channel in a guild");
+		// TODO: check if guild is community server
+		case ChannelType.GUILD_STORE:
+		case ChannelType.GUILD_NEWS:
+		default:
+			throw new HTTPError("Not yet supported");
+	}
+
+	const permissions = await getPermission(user_id, channel.guild_id);
+	permissions.hasThrow("MANAGE_CHANNELS");
+
+	if (channel.parent_id) {
+		const exists = await ChannelModel.findOne({ id: channel.parent_id }, { guild_id: true }).exec();
+		if (!exists) throw new HTTPError("Parent id channel doesn't exist", 400);
+		if (exists.guild_id !== channel.guild_id) throw new HTTPError("The category channel needs to be in the guild");
+	}
+
+	// TODO: auto generate position
+
+	channel = await new ChannelModel({
+		...channel,
+		id: Snowflake.generate(),
+		created_at: new Date(),
+		// @ts-ignore
+		recipients: null
+	}).save();
+
+	await emitEvent({ event: "CHANNEL_CREATE", data: channel, guild_id: channel.guild_id } as ChannelCreateEvent);
+
+	return channel;
+}
@@ -9,7 +9,7 @@ import { HTTPError } from "lambert-server";
 import { emitEvent } from "./Event";
 // TODO: check webhook, application, system author

-export async function sendMessage(opts: Partial<Message>) {
+export async function handleMessage(opts: Partial<Message>) {
 	const channel = await ChannelModel.findOne({ id: opts.channel_id }, { guild_id: true, type: true, permission_overwrites: true }).exec();
 	if (!channel || !opts.channel_id) throw new HTTPError("Channel not found", 404);
 	// TODO: are tts messages allowed in dm channels? should permission be checked?
@@ -28,10 +28,8 @@ export async function sendMessage(opts: Partial<Message>) {
 	}

 	// TODO: check and put it all in the body
-	const message: Message = {
+	return {
 		...opts,
-		id: Snowflake.generate(),
-		timestamp: new Date(),
 		guild_id: channel.guild_id,
 		channel_id: opts.channel_id,
 		// TODO: generate mentions and check permissions
@@ -43,10 +41,14 @@ export async function sendMessage(opts: Partial<Message>) {
 		reactions: opts.reactions || [],
 		type: opts.type ?? 0
 	};
+}
+
+export async function sendMessage(opts: Partial<Message>) {
+	const message = await handleMessage({ ...opts, id: Snowflake.generate(), timestamp: new Date() });

 	const data = toObject(await new MessageModel(message).populate({ path: "member", select: PublicMemberProjection }).save());

-	await emitEvent({ event: "MESSAGE_CREATE", channel_id: opts.channel_id, data, guild_id: channel.guild_id } as MessageCreateEvent);
+	await emitEvent({ event: "MESSAGE_CREATE", channel_id: opts.channel_id, data, guild_id: message.guild_id } as MessageCreateEvent);

 	return data;
 }
@@ -5,7 +5,8 @@ import { Tuple } from "lambert-server";
 import "missing-native-js-functions";

 export const OPTIONAL_PREFIX = "$";
-export const EMAIL_REGEX = /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
+export const EMAIL_REGEX =
+	/^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;

 export function check(schema: any) {
 	return (req: Request, res: Response, next: NextFunction) => {
@@ -27,9 +28,9 @@ export function FieldErrors(fields: Record<string, { code?: string; message: str
 			_errors: [
 				{
 					message,
-					code: code || "BASE_TYPE_INVALID",
-				},
-			],
+					code: code || "BASE_TYPE_INVALID"
+				}
+			]
 		}))
 	);
 }
@@ -68,7 +69,7 @@ export function instanceOf(
 		optional = false,
 		errors = {},
 		req,
-		ref,
+		ref
 	}: { path?: string; optional?: boolean; errors?: any; req: Request; ref?: { key: string | number; obj: any } }
 ): Boolean {
 	if (!ref) ref = { obj: null, key: "" };
@@ -131,7 +132,7 @@ export function instanceOf(
 								optional,
 								errors: errors[i],
 								req,
-								ref: { key: i, obj: value },
+								ref: { key: i, obj: value }
 							}) === true
 						) {
 							delete errors[i];
@@ -153,7 +154,7 @@ export function instanceOf(
 					throw new FieldError(
 						"BASE_TYPE_BAD_LENGTH",
 						req.t("common:field.BASE_TYPE_BAD_LENGTH", {
-							length: `${type.min} - ${type.max}`,
+							length: `${type.min} - ${type.max}`
 						})
 					);
 				}
@@ -185,7 +186,7 @@ export function instanceOf(
 							optional: OPTIONAL,
 							errors: errors[newKey],
 							req,
-							ref: { key: newKey, obj: value },
+							ref: { key: newKey, obj: value }
 						}) === true
 					) {
 						delete errors[newKey];