invaliduser/knightrider
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

i broke it real bad so i fixed it

Browse source
This commit is contained in:
404invalid-user 2021-08-28 23:27:38 +01:00
parent 425c617f23
commit fcb10e8b9a
7 changed files with 177 additions and 147 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/bot/events/message.js
View file

@ -17,7 +17,7 @@ module.exports = {
if (currentServer == null) return; if (currentServer == null) return;
['caps', 'swearfilter'].forEach(addon => { ['caps', 'swearfilter'].forEach(addon => {
require(`../addons/${addon}`)(message, server, messageUser, client); require(`../addons/${addon}`)(message, currentServer, messageUser, client);
}) })
//eval command //eval command

14
src/express/get/dashboard/filter.js
View file

@ -15,7 +15,10 @@ module.exports = {
let currentUser = await Userdashboard.findOne({ userId: res.locals.cookie.id }) let currentUser = await Userdashboard.findOne({ userId: res.locals.cookie.id })
let currentServer = await Server.findOne({ id: req.params.serverid }) let currentServer = await Server.findOne({ id: req.params.serverid })
if (currentServer == null) return res.render('404.ejs') if (currentServer == null) return res.render('404.ejs')
let guild = await currentUser.guilds[currentServer.id]; let gAccess = false;
await currentUser.guilds.forEach(guild => {
if (guild.id == currentServer.id) {
gAccess = true;
if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) { if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) {
let hasAccess = false; let hasAccess = false;
await currentUser.accessCodes.forEach(async(userCode) => { await currentUser.accessCodes.forEach(async(userCode) => {
@ -25,11 +28,12 @@ module.exports = {
return res.cookie('id', currentUser.userId, { expires: new Date(253402300000000), httpOnly: true }).cookie('accesscode', res.locals.cookie.accesscode, { expires: new Date(253402300000000), httpOnly: true }).render('dashboard/filter.ejs', { domain: conf.domain, user: { id: currentUser.userId, accesscode: res.locals.cookie.accesscode }, currentUser: currentUser, currentServer: currentServer }); return res.cookie('id', currentUser.userId, { expires: new Date(253402300000000), httpOnly: true }).cookie('accesscode', res.locals.cookie.accesscode, { expires: new Date(253402300000000), httpOnly: true }).render('dashboard/filter.ejs', { domain: conf.domain, user: { id: currentUser.userId, accesscode: res.locals.cookie.accesscode }, currentUser: currentUser, currentServer: currentServer });
}; };
}); });
if (hasAccess == false) return res.redirect('/login?ninvalidcode'); if (hasAccess == false) return res.redirect('/login?ninvalidcode');
};
} else { };
await res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff tell the bot owner", userInfo: { id: req.query.userid, username: req.query.userame, avatar: req.query.userAvatar } }) });
if (gAccess == false) {
return res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff tell the bot owner" })
} }
} catch (error) { } catch (error) {
console.log(error) console.log(error)

12
src/express/get/dashboard/reactionroles.js
View file

@ -16,7 +16,10 @@ module.exports = {
if (currentUser == null) return res.render('404.ejs') if (currentUser == null) return res.render('404.ejs')
let currentServer = await Server.findOne({ id: req.params.serverid }) let currentServer = await Server.findOne({ id: req.params.serverid })
if (currentServer == null) return res.render('404.ejs') if (currentServer == null) return res.render('404.ejs')
let guild = await currentUser.guilds[currentServer.id]; let gAccess = false;
await currentUser.guilds.forEach(guild => {
if (guild.id == currentServer.id) {
gAccess = true;
if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) { if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) {
let hasAccess = false; let hasAccess = false;
let listedRoles = []; let listedRoles = [];
@ -36,8 +39,11 @@ module.exports = {
}; };
}); });
if (hasAccess == false) return res.redirect('/login?ninvalidcode'); if (hasAccess == false) return res.redirect('/login?ninvalidcode');
} else { };
await res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff tell the bot owner", userInfo: { id: req.query.userid, username: req.query.userame, avatar: req.query.userAvatar } }) };
});
if (gAccess == false) {
return res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff tell the bot owner" })
} }
} catch (error) { } catch (error) {
console.log(error) console.log(error)

13
src/express/get/dashboard/server.js
View file

@ -16,7 +16,10 @@ module.exports = {
if (currentUser == null) return res.redirect('/login'); if (currentUser == null) return res.redirect('/login');
let currentServer = await Server.findOne({ id: req.params.serverid }) let currentServer = await Server.findOne({ id: req.params.serverid })
if (currentServer == null) return res.render('404.ejs'); if (currentServer == null) return res.render('404.ejs');
let guild = await currentUser.guilds[currentServer.id]; let gAccess = false;
await currentUser.guilds.forEach(guild => {
if (guild.id == currentServer.id) {
gAccess = true;
if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) { if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) {
let hasAccess = false; let hasAccess = false;
await currentUser.accessCodes.forEach(async(userCode) => { await currentUser.accessCodes.forEach(async(userCode) => {
@ -27,9 +30,13 @@ module.exports = {
}; };
}); });
if (hasAccess == false) return res.redirect('/login?ninvalidcode'); if (hasAccess == false) return res.redirect('/login?ninvalidcode');
} else {
await res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff tell the bot owner", userInfo: { id: req.query.userid, username: req.query.userame, avatar: req.query.userAvatar } })
} }
};
});
if (gAccess == false) {
return res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff tell the bot owner" })
}
} catch (error) { } catch (error) {
console.log(error) console.log(error)

16
src/express/post/api/updatefilter.js
View file

@ -13,7 +13,10 @@ module.exports = {
if (currentUser == null) return res.status(404).json({ error: "404 - cant find you in the db" }); if (currentUser == null) return res.status(404).json({ error: "404 - cant find you in the db" });
let currentServer = await Server.findOne({ id: req.body.server.id }); let currentServer = await Server.findOne({ id: req.body.server.id });
if (currentServer == null) return res.status(404).json({ error: "404 - cant find that server in the db" }); if (currentServer == null) return res.status(404).json({ error: "404 - cant find that server in the db" });
let guild = await currentUser.guilds[currentServer.id]; let gAccess = false;
await currentUser.guilds.forEach(guild => {
if (guild.id == currentServer.id) {
gAccess = true;
if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) { if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) {
let hasAccess = false; let hasAccess = false;
@ -26,12 +29,13 @@ module.exports = {
return res.status(200).json({ error: "no", message: "filters have been updates" }); return res.status(200).json({ error: "no", message: "filters have been updates" });
}; };
}); });
} else { }
return res.status(401).json({ error: "401 - unauthorised", info: "your user does not own the server or have a staff role or pi is listed as a staff member" }); }
}; });
if (hasAccess == false) return res.status(401).json({ error: "401 - unauthorised", info: "please include your accesscode and user id to use this api more info in the docs " + conf.domain + '/docs' }); if (hasAccess == false) return res.status(401).json({ error: "401 - unauthorised", info: "please include your accesscode and user id to use this api more info in the docs " + conf.domain + '/docs' });
if (gAccess == false) {
return res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff tell the bot owner" })
}
} catch (error) { } catch (error) {
console.log(error); console.log(error);
res.status(500).json({ error: "some error happened", info: "report this if it happenes again." + domain + '/er' }); res.status(500).json({ error: "some error happened", info: "report this if it happenes again." + domain + '/er' });

18
src/express/post/api/updateoverview.js
View file

@ -13,7 +13,10 @@ module.exports = {
if (currentUser == null) return res.status(404).json({ error: "404 - cant find you in the db", message: "that user id cant be found" }); if (currentUser == null) return res.status(404).json({ error: "404 - cant find you in the db", message: "that user id cant be found" });
let currentServer = await Server.findOne({ id: req.body.server.id }); let currentServer = await Server.findOne({ id: req.body.server.id });
if (currentServer == null) return res.status(404).json({ error: "404 - cant find that server in the db", message: "that server id cant be found" }); if (currentServer == null) return res.status(404).json({ error: "404 - cant find that server in the db", message: "that server id cant be found" });
let guild = await currentUser.guilds[currentServer.id]; let gAccess = false;
await currentUser.guilds.forEach(guild => {
if (guild.id == currentServer.id) {
gAccess = true;
if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) { if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) {
let hasAccess = false; let hasAccess = false;
@ -32,12 +35,13 @@ module.exports = {
return res.status(200); return res.status(200);
}; };
}); });
} else { }
return res.status(401).json({ error: "401 - unauthorised", info: "your user does not own the server or have a staff role or pi is listed as a staff member" }); }
}; });
if (hasAccess == false) return res.status(401).json({ error: "401 - unauthorised", info: "please include your accesscode and user id to use this api more info in the docs " + conf.domain + '/docs' });
if (gAccess == false) {
if (hasAccess == false) return res.status(401).JSON({ error: "401 - unauthorised", info: "please include your accesscode and user id to use this api more info in the docs " + conf.domain + '/docs' }); return res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff tell the bot owner" })
}
} catch (error) { } catch (error) {
console.log(error); console.log(error);
res.status(500).JSON({ error: "some error happened", info: "report this if it happenes again. " + domain + '/er' }); res.status(500).JSON({ error: "some error happened", info: "report this if it happenes again. " + domain + '/er' });

13
src/express/post/api/updatereactionroles.js
View file

@ -12,7 +12,10 @@ module.exports = {
if (currentUser == null) return res.status(404).json({ error: "404 - cant find you in the db" }); if (currentUser == null) return res.status(404).json({ error: "404 - cant find you in the db" });
let currentServer = await Server.findOne({ id: req.body.server.id }); let currentServer = await Server.findOne({ id: req.body.server.id });
if (currentServer == null) return res.status(404).json({ error: "404 - cant find that server in the db" }); if (currentServer == null) return res.status(404).json({ error: "404 - cant find that server in the db" });
let guild = await currentUser.guilds[currentServer.id]; let gAccess = false;
await currentUser.guilds.forEach(guild => {
if (guild.id == currentServer.id) {
gAccess = true;
if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) { if (guild.userPermission == 'owner' || guild.userPermission == 'MANAGE_GUILD' || currentServer.staff.includes(currentUser.userId)) {
let hasAccess = false; let hasAccess = false;
await currentUser.accessCodes.forEach(async(userCode) => { await currentUser.accessCodes.forEach(async(userCode) => {
@ -52,7 +55,6 @@ module.exports = {
}, },
}; };
await eachChannelRoles[i].forEach(role => { await eachChannelRoles[i].forEach(role => {
rolesEmbed.fields.push({ rolesEmbed.fields.push({
name: '\u200B', name: '\u200B',
@ -70,10 +72,13 @@ module.exports = {
return res.status(200).json({ error: "no", message: "reactionroles have been updates" }); return res.status(200).json({ error: "no", message: "reactionroles have been updates" });
}; };
}); });
} else {
return res.status(401).json({ error: "401 - unauthorised", info: "your user does not own the server or have a staff role or pi is listed as a staff member" });
} }
}
});
if (hasAccess == false) return res.status(401).json({ error: "401 - unauthorised", info: "please include your accesscode and user id to use this api more info in the docs " + conf.domain + '/docs' }); if (hasAccess == false) return res.status(401).json({ error: "401 - unauthorised", info: "please include your accesscode and user id to use this api more info in the docs " + conf.domain + '/docs' });
if (gAccess == false) {
return res.status(401).render('error.ejs', { errorMessage: null, error: "you do not have access to the admin dashboard if you are a member of staff tell the bot owner" })
}
} catch (error) { } catch (error) {
console.log(error); console.log(error);
res.status(500).json({ error: "some error happened", info: "report this if it happenes again." + conf.domain + '/er' }); res.status(500).json({ error: "some error happened", info: "report this if it happenes again." + conf.domain + '/er' });