diff --git a/pkg/internal/http/api/channel_members_api.go b/pkg/internal/http/api/channel_members_api.go index 3428965..145c48f 100644 --- a/pkg/internal/http/api/channel_members_api.go +++ b/pkg/internal/http/api/channel_members_api.go @@ -1,7 +1,6 @@ package api import ( - "fmt" "git.solsynth.dev/hypernet/messaging/pkg/internal/gap" "git.solsynth.dev/hypernet/nexus/pkg/nex/cruda" "git.solsynth.dev/hypernet/nexus/pkg/nex/sec" @@ -97,10 +96,12 @@ func addChannelMember(c *fiber.Ctx) error { return fiber.NewError(fiber.StatusBadRequest, "direct message member changes was not allowed") } - if member, err := services.GetChannelMember(user, channel.ID); err != nil { - return fiber.NewError(fiber.StatusForbidden, err.Error()) - } else if member.PowerLevel < 50 { - return fiber.NewError(fiber.StatusForbidden, "you must be a moderator of a channel to add member into it") + if !channel.IsPublic { + if member, err := services.GetChannelMember(user, channel.ID); err != nil { + return fiber.NewError(fiber.StatusForbidden, err.Error()) + } else if member.PowerLevel < 50 { + return fiber.NewError(fiber.StatusForbidden, "you must be a moderator of a channel to add member into it") + } } var err error @@ -115,7 +116,7 @@ func addChannelMember(c *fiber.Ctx) error { return fiber.NewError(fiber.StatusNotFound, err.Error()) } - if err := services.AddChannelMemberWithCheck(account, channel); err != nil { + if err := services.AddChannelMemberWithCheck(account, user, channel); err != nil { return fiber.NewError(fiber.StatusBadRequest, err.Error()) } else { return c.SendStatus(fiber.StatusOK) @@ -252,37 +253,6 @@ func editChannelNotifyLevelOfMyself(c *fiber.Ctx) error { } } -func joinChannel(c *fiber.Ctx) error { - if err := sec.EnsureAuthenticated(c); err != nil { - return err - } - user := c.Locals("user").(authm.Account) - alias := c.Params("channel") - - var channel models.Channel - if err := database.C.Where(&models.Channel{ - Alias: alias, - }).First(&channel).Error; err != nil { - return fiber.NewError(fiber.StatusNotFound, err.Error()) - } else if _, _, err := services.GetAvailableChannel(channel.ID, user); err == nil { - return fiber.NewError(fiber.StatusBadRequest, "you already joined the channel") - } else if channel.RealmID == nil && !channel.IsCommunity { - return fiber.NewError(fiber.StatusBadRequest, "you were impossible to join a channel without related realm and non-community") - } - - if channel.RealmID != nil { - if _, err := authkit.GetRealmMember(gap.Nx, *channel.RealmID, user.ID); err != nil { - return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("you are not a part of the realm: %v", err)) - } - } - - if err := services.AddChannelMember(user, channel); err != nil { - return fiber.NewError(fiber.StatusBadRequest, err.Error()) - } else { - return c.SendStatus(fiber.StatusOK) - } -} - func leaveChannel(c *fiber.Ctx) error { if err := sec.EnsureAuthenticated(c); err != nil { return err diff --git a/pkg/internal/http/api/index.go b/pkg/internal/http/api/index.go index 950c728..40bd290 100644 --- a/pkg/internal/http/api/index.go +++ b/pkg/internal/http/api/index.go @@ -30,7 +30,6 @@ func MapAPIs(app *fiber.App, baseURL string) { channels.Put("/:channel/members/me", editChannelProfileOfMyself) channels.Put("/:channel/members/me/notify", editChannelNotifyLevelOfMyself) channels.Post("/:channel/members", addChannelMember) - channels.Post("/:channel/members/me", joinChannel) channels.Delete("/:channel/members/:memberId", removeChannelMember) channels.Delete("/:channel/members/me", leaveChannel) diff --git a/pkg/internal/services/channel_members.go b/pkg/internal/services/channel_members.go index 9999833..c7b17eb 100644 --- a/pkg/internal/services/channel_members.go +++ b/pkg/internal/services/channel_members.go @@ -53,9 +53,11 @@ func GetChannelMember(user authm.Account, channelId uint) (models.ChannelMember, return member, nil } -func AddChannelMemberWithCheck(user authm.Account, target models.Channel) error { - if err := authkit.EnsureUserPermGranted(gap.Nx, user.ID, target.AccountID, "ChannelAdd", true); err != nil { - return fmt.Errorf("unable to add user into your channel due to access denied: %v", err) +func AddChannelMemberWithCheck(user, op authm.Account, target models.Channel) error { + if user.ID != op.ID { + if err := authkit.EnsureUserPermGranted(gap.Nx, user.ID, op.ID, "ChannelAdd", true); err != nil { + return fmt.Errorf("unable to add user into your channel due to access denied: %v", err) + } } member := models.ChannelMember{ diff --git a/pkg/internal/services/channels.go b/pkg/internal/services/channels.go index 768f28c..5fb3913 100644 --- a/pkg/internal/services/channels.go +++ b/pkg/internal/services/channels.go @@ -184,7 +184,7 @@ func ListChannel(user *authm.Account, realmId ...uint) ([]models.Channel, error) var idRange []uint if user != nil { if err := database.C.Where("account_id = ?", user.ID).Find(&identities).Error; err != nil { - return nil, fmt.Errorf("unabkle to get identities: %v", err) + return nil, fmt.Errorf("unable to get identities: %v", err) } for _, identity := range identities { idRange = append(idRange, identity.ChannelID)