From fcb10e8b9a607d2f812a6137a4aeaf618e435236 Mon Sep 17 00:00:00 2001 From: 404invalid-user Date: Sat, 28 Aug 2021 23:27:38 +0100 Subject: [PATCH] i broke it real bad so i fixed it --- src/bot/events/message.js | 2 +- src/express/get/dashboard/filter.js | 30 ++--- src/express/get/dashboard/reactionroles.js | 48 ++++---- src/express/get/dashboard/server.js | 33 +++--- src/express/post/api/updatefilter.js | 38 +++--- src/express/post/api/updateoverview.js | 52 +++++---- src/express/post/api/updatereactionroles.js | 121 ++++++++++---------- 7 files changed, 177 insertions(+), 147 deletions(-) diff --git a/src/bot/events/message.js b/src/bot/events/message.js index 0ea7288..d4eb5a0 100644 --- a/src/bot/events/message.js +++ b/src/bot/events/message.js @@ -17,7 +17,7 @@ module.exports = { if (currentServer == null) return; ['caps', 'swearfilter'].forEach(addon => { - require(`../addons/${addon}`)(message, server, messageUser, client); + require(`../addons/${addon}`)(message, currentServer, messageUser, client); }) //eval command diff --git a/src/express/get/dashboard/filter.js b/src/express/get/dashboard/filter.js index 75e7a4a..910c761 100644 --- a/src/express/get/dashboard/filter.js +++ b/src/express/get/dashboard/filter.js @@ -15,21 +15,25 @@ module.exports = { let currentUser = await Userdashboard.findOne({ userId: res.locals.cookie.id }) let currentServer = await Server.findOne({ id: req.params.serverid }) if (currentServer == null) return res.render('404.ejs') - let guild = await currentUser.guilds[currentServer.id]; - if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) { - let hasAccess = false; - await currentUser.accessCodes.forEach(async(userCode) => { - if (res.locals.cookie.accesscode == userCode.code) { + let gAccess = false; + await currentUser.guilds.forEach(guild => { + if (guild.id == currentServer.id) { + gAccess = true; + if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) { + let hasAccess = false; + await currentUser.accessCodes.forEach(async(userCode) => { + if (res.locals.cookie.accesscode == userCode.code) { - hasAccess = true; - return res.cookie('id', currentUser.userId, { expires: new Date(253402300000000), httpOnly: true }).cookie('accesscode', res.locals.cookie.accesscode, { expires: new Date(253402300000000), httpOnly: true }).render('dashboard/filter.ejs', { domain: conf.domain, user: { id: currentUser.userId, accesscode: res.locals.cookie.accesscode }, currentUser: currentUser, currentServer: currentServer }); + hasAccess = true; + return res.cookie('id', currentUser.userId, { expires: new Date(253402300000000), httpOnly: true }).cookie('accesscode', res.locals.cookie.accesscode, { expires: new Date(253402300000000), httpOnly: true }).render('dashboard/filter.ejs', { domain: conf.domain, user: { id: currentUser.userId, accesscode: res.locals.cookie.accesscode }, currentUser: currentUser, currentServer: currentServer }); + }; + }); + if (hasAccess == false) return res.redirect('/login?ninvalidcode'); }; - }); - - if (hasAccess == false) return res.redirect('/login?ninvalidcode'); - - } else { - await res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff tell the bot owner", userInfo: { id: req.query.userid, username: req.query.userame, avatar: req.query.userAvatar } }) + }; + }); + if (gAccess == false) { + return res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff tell the bot owner" }) } } catch (error) { console.log(error) diff --git a/src/express/get/dashboard/reactionroles.js b/src/express/get/dashboard/reactionroles.js index fd0b697..4ba7f3c 100644 --- a/src/express/get/dashboard/reactionroles.js +++ b/src/express/get/dashboard/reactionroles.js @@ -16,28 +16,34 @@ module.exports = { if (currentUser == null) return res.render('404.ejs') let currentServer = await Server.findOne({ id: req.params.serverid }) if (currentServer == null) return res.render('404.ejs') - let guild = await currentUser.guilds[currentServer.id]; - if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) { - let hasAccess = false; - let listedRoles = []; - let listedChannels = []; - let server = await client.guilds.cache.get(currentServer.id); - let user = await server.members.fetch(currentUser.userId); - //push server roles to array - server.roles.cache.map((role) => listedRoles.push({ id: role.id, name: role.name })); - //push only channels user can see to array - server.channels.cache.filter(c => c.type == 'text').forEach(channel => { - if (server.channels.cache.get(channel.id).permissionsFor(user).has(['SEND_MESSAGES', 'VIEW_CHANNEL'])) listedChannels.push({ name: channel.name, id: channel.id }); - }); - await currentUser.accessCodes.forEach(async(userCode) => { - if (res.locals.cookie.accesscode == userCode.code) { - hasAccess = true; - return res.cookie('id', currentUser.userId, { expires: new Date(253402300000000), httpOnly: true }).cookie('accesscode', res.locals.cookie.accesscode, { expires: new Date(253402300000000), httpOnly: true }).render('dashboard/reactionroles.ejs', { domain: conf.domain, server: { channels: listedChannels, roles: listedRoles }, user: { id: currentUser.userId, accesscode: res.locals.cookie.accesscode }, currentUser: currentUser, currentServer: currentServer }); + let gAccess = false; + await currentUser.guilds.forEach(guild => { + if (guild.id == currentServer.id) { + gAccess = true; + if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) { + let hasAccess = false; + let listedRoles = []; + let listedChannels = []; + let server = await client.guilds.cache.get(currentServer.id); + let user = await server.members.fetch(currentUser.userId); + //push server roles to array + server.roles.cache.map((role) => listedRoles.push({ id: role.id, name: role.name })); + //push only channels user can see to array + server.channels.cache.filter(c => c.type == 'text').forEach(channel => { + if (server.channels.cache.get(channel.id).permissionsFor(user).has(['SEND_MESSAGES', 'VIEW_CHANNEL'])) listedChannels.push({ name: channel.name, id: channel.id }); + }); + await currentUser.accessCodes.forEach(async(userCode) => { + if (res.locals.cookie.accesscode == userCode.code) { + hasAccess = true; + return res.cookie('id', currentUser.userId, { expires: new Date(253402300000000), httpOnly: true }).cookie('accesscode', res.locals.cookie.accesscode, { expires: new Date(253402300000000), httpOnly: true }).render('dashboard/reactionroles.ejs', { domain: conf.domain, server: { channels: listedChannels, roles: listedRoles }, user: { id: currentUser.userId, accesscode: res.locals.cookie.accesscode }, currentUser: currentUser, currentServer: currentServer }); + }; + }); + if (hasAccess == false) return res.redirect('/login?ninvalidcode'); }; - }); - if (hasAccess == false) return res.redirect('/login?ninvalidcode'); - } else { - await res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff tell the bot owner", userInfo: { id: req.query.userid, username: req.query.userame, avatar: req.query.userAvatar } }) + }; + }); + if (gAccess == false) { + return res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff tell the bot owner" }) } } catch (error) { console.log(error) diff --git a/src/express/get/dashboard/server.js b/src/express/get/dashboard/server.js index 7da79fa..717cea5 100644 --- a/src/express/get/dashboard/server.js +++ b/src/express/get/dashboard/server.js @@ -16,21 +16,28 @@ module.exports = { if (currentUser == null) return res.redirect('/login'); let currentServer = await Server.findOne({ id: req.params.serverid }) if (currentServer == null) return res.render('404.ejs'); - let guild = await currentUser.guilds[currentServer.id]; - if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) { - let hasAccess = false; - await currentUser.accessCodes.forEach(async(userCode) => { - if (res.locals.cookie.accesscode == userCode.code) { - hasAccess = true; - const memberCount = await client.guilds.cache.get(currentServer.id).memberCount; - return res.cookie('id', currentUser.userId, { expires: new Date(253402300000000), httpOnly: true }).cookie('accesscode', res.locals.cookie.accesscode, { expires: new Date(253402300000000), httpOnly: true }).render('dashboard/server.ejs', { domain: conf.domain, user: { id: currentUser.userId, accesscode: res.locals.cookie.accesscode }, currentUser: currentUser, currentServer: currentServer, memberCount: memberCount }); - }; - }); - if (hasAccess == false) return res.redirect('/login?ninvalidcode'); - } else { - await res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff tell the bot owner", userInfo: { id: req.query.userid, username: req.query.userame, avatar: req.query.userAvatar } }) + let gAccess = false; + await currentUser.guilds.forEach(guild => { + if (guild.id == currentServer.id) { + gAccess = true; + if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) { + let hasAccess = false; + await currentUser.accessCodes.forEach(async(userCode) => { + if (res.locals.cookie.accesscode == userCode.code) { + hasAccess = true; + const memberCount = await client.guilds.cache.get(currentServer.id).memberCount; + return res.cookie('id', currentUser.userId, { expires: new Date(253402300000000), httpOnly: true }).cookie('accesscode', res.locals.cookie.accesscode, { expires: new Date(253402300000000), httpOnly: true }).render('dashboard/server.ejs', { domain: conf.domain, user: { id: currentUser.userId, accesscode: res.locals.cookie.accesscode }, currentUser: currentUser, currentServer: currentServer, memberCount: memberCount }); + }; + }); + if (hasAccess == false) return res.redirect('/login?ninvalidcode'); + } + }; + }); + if (gAccess == false) { + return res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff tell the bot owner" }) } + } catch (error) { console.log(error) res.status(500).render('error.ejs', { errorMessage: error, error: "there has been an issue with your request please try again, if this continuous report it at http://knightrider.rf.gd/er/admin.php" }) diff --git a/src/express/post/api/updatefilter.js b/src/express/post/api/updatefilter.js index 95c4943..377680f 100644 --- a/src/express/post/api/updatefilter.js +++ b/src/express/post/api/updatefilter.js @@ -13,25 +13,29 @@ module.exports = { if (currentUser == null) return res.status(404).json({ error: "404 - cant find you in the db" }); let currentServer = await Server.findOne({ id: req.body.server.id }); if (currentServer == null) return res.status(404).json({ error: "404 - cant find that server in the db" }); - let guild = await currentUser.guilds[currentServer.id]; - if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) { - - let hasAccess = false; - await currentUser.accessCodes.forEach(async(userCode) => { - if (req.body.user.accesscode == userCode.code) { - hasAccess = true; - currentServer.filter.normal = await req.body.normalFilter; - currentServer.filter.safe = await req.body.safeFilter; - currentServer.save(); - return res.status(200).json({ error: "no", message: "filters have been updates" }); - }; - }); - } else { - return res.status(401).json({ error: "401 - unauthorised", info: "your user does not own the server or have a staff role or pi is listed as a staff member" }); - }; - + let gAccess = false; + await currentUser.guilds.forEach(guild => { + if (guild.id == currentServer.id) { + gAccess = true; + if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) { + let hasAccess = false; + await currentUser.accessCodes.forEach(async(userCode) => { + if (req.body.user.accesscode == userCode.code) { + hasAccess = true; + currentServer.filter.normal = await req.body.normalFilter; + currentServer.filter.safe = await req.body.safeFilter; + currentServer.save(); + return res.status(200).json({ error: "no", message: "filters have been updates" }); + }; + }); + } + } + }); if (hasAccess == false) return res.status(401).json({ error: "401 - unauthorised", info: "please include your accesscode and user id to use this api more info in the docs " + conf.domain + '/docs' }); + if (gAccess == false) { + return res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff tell the bot owner" }) + } } catch (error) { console.log(error); res.status(500).json({ error: "some error happened", info: "report this if it happenes again." + domain + '/er' }); diff --git a/src/express/post/api/updateoverview.js b/src/express/post/api/updateoverview.js index 3d14865..efe424d 100644 --- a/src/express/post/api/updateoverview.js +++ b/src/express/post/api/updateoverview.js @@ -13,31 +13,35 @@ module.exports = { if (currentUser == null) return res.status(404).json({ error: "404 - cant find you in the db", message: "that user id cant be found" }); let currentServer = await Server.findOne({ id: req.body.server.id }); if (currentServer == null) return res.status(404).json({ error: "404 - cant find that server in the db", message: "that server id cant be found" }); - let guild = await currentUser.guilds[currentServer.id]; - if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) { + let gAccess = false; + await currentUser.guilds.forEach(guild => { + if (guild.id == currentServer.id) { + gAccess = true; + if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) { - let hasAccess = false; - await currentUser.accessCodes.forEach(async(userCode) => { - if (req.body.user.accesscode == userCode.code) { - hasAccess = true; - //apply all data from the req to the db (probabbly a better way to do this) - currentServer.prefix = req.body.prefix || prefix; - currentServer.staff = req.body.staffids || []; - currentServer.staffRoles = req.body.staffRoles || []; - currentServer.channels.modLogs = req.body.channels.modlogs || ' '; - currentServer.channels.announcments = req.body.channels.announcments || ' '; - currentServer.channels.townhall = req.body.channels.townhall || ' '; - currentServer.channels.townhallLogs = req.body.channels.townhallLogs || ' '; - currentServer.save(); - return res.status(200); - }; - }); - } else { - return res.status(401).json({ error: "401 - unauthorised", info: "your user does not own the server or have a staff role or pi is listed as a staff member" }); - }; - - - if (hasAccess == false) return res.status(401).JSON({ error: "401 - unauthorised", info: "please include your accesscode and user id to use this api more info in the docs " + conf.domain + '/docs' }); + let hasAccess = false; + await currentUser.accessCodes.forEach(async(userCode) => { + if (req.body.user.accesscode == userCode.code) { + hasAccess = true; + //apply all data from the req to the db (probabbly a better way to do this) + currentServer.prefix = req.body.prefix || prefix; + currentServer.staff = req.body.staffids || []; + currentServer.staffRoles = req.body.staffRoles || []; + currentServer.channels.modLogs = req.body.channels.modlogs || ' '; + currentServer.channels.announcments = req.body.channels.announcments || ' '; + currentServer.channels.townhall = req.body.channels.townhall || ' '; + currentServer.channels.townhallLogs = req.body.channels.townhallLogs || ' '; + currentServer.save(); + return res.status(200); + }; + }); + } + } + }); + if (hasAccess == false) return res.status(401).json({ error: "401 - unauthorised", info: "please include your accesscode and user id to use this api more info in the docs " + conf.domain + '/docs' }); + if (gAccess == false) { + return res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff tell the bot owner" }) + } } catch (error) { console.log(error); res.status(500).JSON({ error: "some error happened", info: "report this if it happenes again. " + domain + '/er' }); diff --git a/src/express/post/api/updatereactionroles.js b/src/express/post/api/updatereactionroles.js index 0221832..377fd0e 100644 --- a/src/express/post/api/updatereactionroles.js +++ b/src/express/post/api/updatereactionroles.js @@ -12,68 +12,73 @@ module.exports = { if (currentUser == null) return res.status(404).json({ error: "404 - cant find you in the db" }); let currentServer = await Server.findOne({ id: req.body.server.id }); if (currentServer == null) return res.status(404).json({ error: "404 - cant find that server in the db" }); - let guild = await currentUser.guilds[currentServer.id]; - if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) { - let hasAccess = false; - await currentUser.accessCodes.forEach(async(userCode) => { - if (req.body.user.accesscode == userCode.code) { - hasAccess = true; - currentServer.reactionRoles = await req.body.reactionRoles; - currentServer.save(); - let eachChannelRoles = {}; - await currentServer.reactionRoles.forEach(role => { - if (!eachChannelRoles[role.channelID]) { - eachChannelRoles[role.channelID] = [{ - roleID: role.roleID, - emoji: role.emoji - }]; - } else { - eachChannelRoles[role.channelID].push({ - roleID: role.roleID, - emoji: role.emoji + let gAccess = false; + await currentUser.guilds.forEach(guild => { + if (guild.id == currentServer.id) { + gAccess = true; + if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) { + let hasAccess = false; + await currentUser.accessCodes.forEach(async(userCode) => { + if (req.body.user.accesscode == userCode.code) { + hasAccess = true; + currentServer.reactionRoles = await req.body.reactionRoles; + currentServer.save(); + let eachChannelRoles = {}; + await currentServer.reactionRoles.forEach(role => { + if (!eachChannelRoles[role.channelID]) { + eachChannelRoles[role.channelID] = [{ + roleID: role.roleID, + emoji: role.emoji + }]; + } else { + eachChannelRoles[role.channelID].push({ + roleID: role.roleID, + emoji: role.emoji + }); + }; }); + for (let i in eachChannelRoles) { + let rolesEmbed = { + color: conf.colour.ok, + title: 'ReactionRoles', + url: conf.domain, + author: { + name: conf.bot.name, + icon_url: conf.bot.logo, + url: conf.bot.url, + }, + description: 'react with the appropriate emoji to get your role', + fields: [], + timestamp: new Date(), + footer: { + text: currentServer.name, + }, + }; + + await eachChannelRoles[i].forEach(role => { + rolesEmbed.fields.push({ + name: '\u200B', + value: '<@&' + role.roleID + '> - ' + role.emoji, + }); + }); + const channel = client.guilds.cache.get(currentServer.id).channels.cache.get(i) + if (channel !== undefined) { + const msg = await channel.send({ embed: rolesEmbed }); + eachChannelRoles[i].forEach(role => { + msg.react(role.emoji); + }); + }; + }; + return res.status(200).json({ error: "no", message: "reactionroles have been updates" }); }; }); - for (let i in eachChannelRoles) { - let rolesEmbed = { - color: conf.colour.ok, - title: 'ReactionRoles', - url: conf.domain, - author: { - name: conf.bot.name, - icon_url: conf.bot.logo, - url: conf.bot.url, - }, - description: 'react with the appropriate emoji to get your role', - fields: [], - timestamp: new Date(), - footer: { - text: currentServer.name, - }, - }; - - - await eachChannelRoles[i].forEach(role => { - rolesEmbed.fields.push({ - name: '\u200B', - value: '<@&' + role.roleID + '> - ' + role.emoji, - }); - }); - const channel = client.guilds.cache.get(currentServer.id).channels.cache.get(i) - if (channel !== undefined) { - const msg = await channel.send({ embed: rolesEmbed }); - eachChannelRoles[i].forEach(role => { - msg.react(role.emoji); - }); - }; - }; - return res.status(200).json({ error: "no", message: "reactionroles have been updates" }); - }; - }); - } else { - return res.status(401).json({ error: "401 - unauthorised", info: "your user does not own the server or have a staff role or pi is listed as a staff member" }); - } + } + } + }); if (hasAccess == false) return res.status(401).json({ error: "401 - unauthorised", info: "please include your accesscode and user id to use this api more info in the docs " + conf.domain + '/docs' }); + if (gAccess == false) { + return res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff tell the bot owner" }) + } } catch (error) { console.log(error); res.status(500).json({ error: "some error happened", info: "report this if it happenes again." + conf.domain + '/er' });