search

KOOKIIEStudios / PalCON-Discord

A Python-based Discord bot for PalWorld server administration via RCON
MIT License
18 stars 3 forks source link

[BUG] Admin commands not checking perms properly #18

Closed KOOKIIEStudios closed 6 months ago

KOOKIIEStudios commented 6 months ago

Describe the bug initial report

To Reproduce Steps to reproduce the behavior:

  1. Have a non-admin use any commands other than /info or /online
  2. Notice that they're somehow able to use them testing on our side

Expected behavior Non-admins should not be allowed to use admin commands

Plausible explanations The way this is currently handled is the following in line 5 of main.py:

from discord.ext.commands import has_permissions

which is then consumed as a decorator for admin commands like so:

@has_permissions(administrator=True)

Based on the latest API docs for Interactions (which slash commands fall under) from discord.py, the way to check for permissions is to use this instead:

@app_commands.checks.has_permissions(administrator=True)

Note that we already import app_commands in line 4 of main.py:

from discord import app_commands

This solution has been tested by the reporter of the bug. We'll just need to perform the refactoring to remote for this issue. findings following investigation

alexraskin commented 6 months ago

I would like to take this.

Bratah123 commented 6 months ago

I would like to take this.

Assigned! Feel free to send a PR, i'd gladly review and approve

Bratah123 commented 6 months ago

Issue fixed in #20

Thanks @alexraskin!