search

kordlib / kord

Idiomatic Kotlin Wrapper for The Discord API
MIT License
931 stars 82 forks source link

`Manage Permissions` channel override overrides `ManageRoles` Permission #754

Open DeDiamondPro opened 1 year ago

DeDiamondPro commented 1 year ago

In TopGuildChannel.getEffectivePermissions, when the Manage Permissions channel override is denied, it will override the ManageRoles permission. These 2 permissions have nothing to do with each other, the manage permission overwrite is just for the permissions of that channel and should not influence the ManageRoles permission.

luisfbl commented 1 year ago

Do you have the debug logs?

DeDiamondPro commented 1 year ago

Do you have the debug logs?

2023-02-10 21:32:05 | DEBUG | [R]:[KTOR]:[ExclusionRequestRateLimiter] | [RESPONSE]:200:GET:https://discord.com/api/v10/guilds/906206244119904287?with_counts=false body:{"id": "906206244119904287", "name": "Bot testing ground", "icon": null, "description": null, "home_header": null, "splash": null, "discovery_splash": null, "features": ["COMMUNITY", "NEWS"], "emojis": [], "stickers": [], "banner": null, "owner_id": "336764548017291265", "application_id": null, "region": "europe", "afk_channel_id": null, "afk_timeout": 300, "system_channel_id": "906206244119904290", "widget_enabled": false, "widget_channel_id": null, "verification_level": 1, "roles": [{"id": "906206244119904287", "name": "@everyone", "description": null, "permissions": "1071698529857", "position": 0, "color": 0, "hoist": false, "managed": false, "mentionable": false, "icon": null, "unicode_emoji": null, "flags": 0}, {"id": "907967386479628288", "name": "new role", "description": null, "permissions": "1071698660929", "position": 2, "color": 3066993, "hoist": false, "managed": false, "mentionable": false, "icon": null, "unicode_emoji": null, "flags": 0}, {"id": "950095868768440355", "name": "DevDiamondBot", "description": null, "permissions": "275146345472", "position": 4, "color": 0, "hoist": false, "managed": true, "mentionable": false, "icon": null, "unicode_emoji": null, "flags": 0, "tags": {"bot_id": "872532663628595210"}}, {"id": "1049413955568799808", "name": "Glacia Beta", "description": null, "permissions": "533046077504", "position": 3, "color": 0, "hoist": false, "managed": true, "mentionable": false, "icon": null, "unicode_emoji": null, "flags": 0, "tags": {"bot_id": "1049411363275030619"}}, {"id": "1060580723926515852", "name": "new role", "description": null, "permissions": "1071698529857", "position": 1, "color": 0, "hoist": false, "managed": false, "mentionable": false, "icon": null, "unicode_emoji": null, "flags": 0}], "default_message_notifications": 1, "mfa_level": 0, "explicit_content_filter": 2, "max_presences": null, "max_members": 500000, "max_stage_video_channel_users": 0, "max_video_channel_users": 25, "vanity_url_code": null, "premium_tier": 0, "premium_subscription_count": 0, "system_channel_flags": 0, "preferred_locale": "en-US", "rules_channel_id": "1049062888620425227", "safety_alerts_channel_id": null, "public_updates_channel_id": "1049062888620425228", "hub_type": null, "premium_progress_bar_enabled": false, "latest_onboarding_question_id": null, "nsfw": false, "nsfw_level": 0}
2023-02-10 21:32:07 | DEBUG | [R]:[KTOR]:[ExclusionRequestRateLimiter] | [RESPONSE]:200:GET:https://discord.com/api/v10/channels/906206244119904290 body:{"id": "906206244119904290", "last_message_id": "1073698765690634340", "type": 0, "name": "general", "position": 0, "flags": 0, "parent_id": "906206244119904288", "topic": "Server is offline | 1 unique players ever joined", "guild_id": "906206244119904287", "permission_overwrites": [{"id": "950095868768440355", "type": 0, "allow": "0", "deny": "268435456"}, {"id": "1049413955568799808", "type": 0, "allow": "0", "deny": "0"}, {"id": "906206244119904287", "type": 0, "allow": "2048", "deny": "0"}], "last_pin_timestamp": "2022-04-09T12:00:39+00:00", "rate_limit_per_user": 1, "nsfw": false}
2023-02-10 21:32:07 | DEBUG |        d.d.glacia.listeners.InfoListener | [dev.kord.common.entity.Permission$CreateInstantInvite@18ac525d, dev.kord.common.entity.Permission$AddReactions@4db9c704, dev.kord.common.entity.Permission$Stream@51d7f280, dev.kord.common.entity.Permission$ViewChannel@52558e59, dev.kord.common.entity.Permission$SendMessages@2a7a947e, dev.kord.common.entity.Permission$EmbedLinks@1efa76a3, dev.kord.common.entity.Permission$AttachFiles@605dd866, dev.kord.common.entity.Permission$ReadMessageHistory@1b70e195, dev.kord.common.entity.Permission$MentionEveryone@63765718, dev.kord.common.entity.Permission$UseExternalEmojis@2e746abb, dev.kord.common.entity.Permission$Connect@3c04283b, dev.kord.common.entity.Permission$Speak@6d9b7634, dev.kord.common.entity.Permission$UseVAD@4b58d430, dev.kord.common.entity.Permission$ChangeNickname@1474b64d, dev.kord.common.entity.Permission$UseApplicationCommands@70396d28, dev.kord.common.entity.Permission$RequestToSpeak@2e654a6b, dev.kord.common.entity.Permission$CreatePublicThreads@3d755b2f, dev.kord.common.entity.Permission$CreatePrivateThreads@39c768f8, dev.kord.common.entity.Permission$UseExternalStickers@7af64a00, dev.kord.common.entity.Permission$SendMessagesInThreads@d2892c9, dev.kord.common.entity.Permission$UseEmbeddedActivities@1a931c60]
logger.debug(
         kord.getChannelOf<TopGuildChannel>(Snowflake(906206244119904290))!!
                .getEffectivePermissions(kord.selfId).values.toString()
)
luisfbl commented 1 year ago

I don't understand very well, you don't have these permissions on debug, can you send the PATCH debug (when you disable the ManagePermissions permission)

DeDiamondPro commented 1 year ago

these permissions on debug

That's not the problem, the bot never updates the channel override. The problem is (as far as I can see) the ManageRoles permission and ManagePermissions channel overwrite are handled as the same thing, while they should not be handled like that. The ManageRoles permission shouldn't be influenced by a channel overwrite.

HopeBaron commented 1 year ago

Hello there, could you include the steps on how to reproduce this? Also did you make sure you are on the latest version?

DeDiamondPro commented 1 year ago

Hello there, could you include the steps on how to reproduce this? Also did you make sure you are on the latest version?

I'm using 0.8.x-SNAPSHOT

Steps to reproduce:

  1. Give the bot the manage roles permission
  2. Run the following code: 
     kord.on<ReadyEvent> {
        val channelId = Snowflake(YOUR_CHANNEL_ID)
        val channel = kord.getChannelOf<TopGuildChannel>(channelId)
        val permissions = channel!!.getEffectivePermissions(kord.selfId)
        println(permissions.contains(Permission.ManageRoles))
    }

    This returns true, as expected

  3. Add a channel override for the bot and deny the permission Manage Permissions overwrite. image
  4. Run the code again You would expect this to also return true, since the Manage Permissions channel overwrite only denies the bot the permission to edit the overwrites of the channel, but for some reason it returns false.
HopeBaron commented 1 year ago

@DeDiamondPro sorry I didn't ask you Does the bot have admin permissions?

DeDiamondPro commented 1 year ago

@DeDiamondPro sorry I didn't ask you Does the bot have admin permissions?

No it does not