From 7e8818bbb26d57f1cb7d8a3232f3e70bb513dc4c Mon Sep 17 00:00:00 2001
From: ADAMJR <adamjf123@gmail.com>
Date: Mon, 9 Aug 2021 23:05:56 +0100
Subject: [PATCH] Fix Things

---
 backend/src/rest/apply-routes.ts             | 12 +++++++-----
 frontend/src/components/pages/guild-page.tsx |  2 +-
 frontend/src/theme/discord-theme.css         |  5 +----
 3 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/backend/src/rest/apply-routes.ts b/backend/src/rest/apply-routes.ts
index fa18228..1fe60af 100644
--- a/backend/src/rest/apply-routes.ts
+++ b/backend/src/rest/apply-routes.ts
@@ -5,14 +5,17 @@ import { Message } from '../data/models/message';
 import { router as authRoutes } from './routes/auth-routes';
 import path from 'path';
 import { loggedIn, updateUser } from './middleware';
-import { User } from '../data/models/user';
+import createError from 'http-errors';
 
 export default (app: Express) => {
   const prefix = process.env.API_PREFIX;
 
-  app.get(`${prefix}/channels/:channelId/messages`, async (req, res) => {
-    // v6: has access to the channel
-    
+  app.get(`${prefix}/channels/:channelId/messages`, async (req, res, next) => {
+    // v6: validate has access to the channel
+    const userInGuild = await Guild.findOne({ channels: req.params.channelId as any });
+    if (!userInGuild)
+      return next(createError(401, 'Insufficient access'));
+
     const messages = await Message.find({ channelId: req.params.channelId });
     res.json(messages);
   });
@@ -44,7 +47,6 @@ export default (app: Express) => {
   });
   
   // v7: guild members
-  // v6: validate has access to users
   app.get(`${prefix}/users`, loggedIn, updateUser, async (req, res) => {
     const user: Entity.User = res.locals.user;
     const guilds = await Guild
diff --git a/frontend/src/components/pages/guild-page.tsx b/frontend/src/components/pages/guild-page.tsx
index 2e1a62b..8c164f6 100644
--- a/frontend/src/components/pages/guild-page.tsx
+++ b/frontend/src/components/pages/guild-page.tsx
@@ -38,7 +38,7 @@ const GuildPage: React.FunctionComponent = () => {
             <div
               style={{ height: 'calc(100vh - 48px)' }}
               className="flex">
-              <TextBasedChannel />
+              {ui.activeChannel && <TextBasedChannel />}
               <MemberList users={guild.members} />
             </div>
           </div>
diff --git a/frontend/src/theme/discord-theme.css b/frontend/src/theme/discord-theme.css
index 96eed8b..4e66541 100644
--- a/frontend/src/theme/discord-theme.css
+++ b/frontend/src/theme/discord-theme.css
@@ -50,12 +50,9 @@ textarea {
   background-color: var(--bg-textarea);
 }
 
-a[href] {
+a[href]:not(a > *:last-child) {
   color: var(--link);
 }
-a > button {
-  color: inherit;
-}
 a.active {
   background-color: var(--bg-modifier-selected);
   color: var(--heading);