diff --git a/Myriad/Cache/DiscordCacheExtensions.cs b/Myriad/Cache/DiscordCacheExtensions.cs index eb1ff0c2..6016bc84 100644 --- a/Myriad/Cache/DiscordCacheExtensions.cs +++ b/Myriad/Cache/DiscordCacheExtensions.cs @@ -100,7 +100,7 @@ public static class DiscordCacheExtensions await cache.SaveChannel(thread); } - public static async Task PermissionsIn(this IDiscordCache cache, ulong channelId) + public static async Task BotPermissionsIn(this IDiscordCache cache, ulong channelId) { var channel = await cache.GetRootChannel(channelId); @@ -108,7 +108,7 @@ public static class DiscordCacheExtensions { var userId = cache.GetOwnUser(); var member = await cache.TryGetSelfMember(channel.GuildId.Value); - return await cache.PermissionsFor(channelId, userId, member); + return await cache.PermissionsFor2(channelId, userId, member); } return PermissionSet.Dm; diff --git a/Myriad/Extensions/PermissionExtensions.cs b/Myriad/Extensions/PermissionExtensions.cs index 48fc9718..503c5bf2 100644 --- a/Myriad/Extensions/PermissionExtensions.cs +++ b/Myriad/Extensions/PermissionExtensions.cs @@ -31,16 +31,15 @@ public static class PermissionExtensions PermissionSet.AttachFiles | PermissionSet.EmbedLinks; - public static Task PermissionsFor(this IDiscordCache cache, MessageCreateEvent message) => - PermissionsFor(cache, message.ChannelId, message.Author.Id, message.Member, message.WebhookId != null); + public static Task PermissionsForMCE(this IDiscordCache cache, MessageCreateEvent message) => + PermissionsFor2(cache, message.ChannelId, message.Author.Id, message.Member, message.WebhookId != null); public static Task - PermissionsFor(this IDiscordCache cache, ulong channelId, GuildMember member) => - PermissionsFor(cache, channelId, member.User.Id, member); + PermissionsForMemberInChannel(this IDiscordCache cache, ulong channelId, GuildMember member) => + PermissionsFor2(cache, channelId, member.User.Id, member); - public static async Task PermissionsFor(this IDiscordCache cache, ulong channelId, ulong userId, - GuildMemberPartial? member, bool isWebhook = false, - bool isThread = false) + public static async Task PermissionsFor2(this IDiscordCache cache, ulong channelId, ulong userId, + GuildMemberPartial? member, bool isThread = false) { if (!(await cache.TryGetChannel(channelId) is Channel channel)) // todo: handle channel not found better @@ -53,9 +52,6 @@ public static class PermissionExtensions var guild = await cache.GetGuild(channel.GuildId.Value); - if (isWebhook) - return EveryonePermissions(guild); - return PermissionsFor(guild, rootChannel, userId, member, isThread: isThread); } @@ -79,9 +75,6 @@ public static class PermissionExtensions return perms; } - public static PermissionSet PermissionsFor(Guild guild, Channel channel, MessageCreateEvent msg, bool isThread = false) => - PermissionsFor(guild, channel, msg.Author.Id, msg.Member, isThread: isThread); - public static PermissionSet PermissionsFor(Guild guild, Channel channel, ulong userId, GuildMemberPartial? member, bool isThread = false) { diff --git a/PluralKit.Bot/ApplicationCommands/Message.cs b/PluralKit.Bot/ApplicationCommands/Message.cs index a4159441..e40a24d2 100644 --- a/PluralKit.Bot/ApplicationCommands/Message.cs +++ b/PluralKit.Bot/ApplicationCommands/Message.cs @@ -91,7 +91,7 @@ public class ApplicationCommandProxiedMessage internal async Task DeleteMessageInner(InteractionContext ctx, ulong channelId, ulong messageId, bool isDM = false) { - if (!((await _cache.PermissionsIn(channelId)).HasFlag(PermissionSet.ManageMessages) || isDM)) + if (!((await _cache.BotPermissionsIn(channelId)).HasFlag(PermissionSet.ManageMessages) || isDM)) throw new PKError("PluralKit does not have the *Manage Messages* permission in this channel, and thus cannot delete the message." + " Please contact a server administrator to remedy this."); @@ -110,7 +110,7 @@ public class ApplicationCommandProxiedMessage // (if not, PK shouldn't send messages on their behalf) var member = await _rest.GetGuildMember(ctx.GuildId, ctx.User.Id); var requiredPerms = PermissionSet.ViewChannel | PermissionSet.SendMessages; - if (member == null || !(await _cache.PermissionsFor(ctx.ChannelId, member)).HasFlag(requiredPerms)) + if (member == null || !(await _cache.PermissionsForMemberInChannel(ctx.ChannelId, member)).HasFlag(requiredPerms)) { throw new PKError("You do not have permission to send messages in this channel."); }; diff --git a/PluralKit.Bot/Bot.cs b/PluralKit.Bot/Bot.cs index 6b6d8107..4b329f64 100644 --- a/PluralKit.Bot/Bot.cs +++ b/PluralKit.Bot/Bot.cs @@ -249,7 +249,7 @@ public class Bot return; } - var botPerms = await _cache.PermissionsIn(reportChannel.Value); + var botPerms = await _cache.BotPermissionsIn(reportChannel.Value); if (botPerms.HasFlag(PermissionSet.SendMessages | PermissionSet.EmbedLinks)) await _errorMessageService.SendErrorMessage(reportChannel.Value, sentryEvent.EventId.ToString()); } diff --git a/PluralKit.Bot/CommandSystem/Context/Context.cs b/PluralKit.Bot/CommandSystem/Context/Context.cs index 9cc07d7d..99d4a39b 100644 --- a/PluralKit.Bot/CommandSystem/Context/Context.cs +++ b/PluralKit.Bot/CommandSystem/Context/Context.cs @@ -62,8 +62,8 @@ public class Context public readonly int ShardId; public readonly Cluster Cluster; - public Task BotPermissions => Cache.PermissionsIn(Channel.Id); - public Task UserPermissions => Cache.PermissionsFor((MessageCreateEvent)Message); + public Task BotPermissions => Cache.BotPermissionsIn(Channel.Id); + public Task UserPermissions => Cache.PermissionsForMCE((MessageCreateEvent)Message); public readonly PKSystem System; diff --git a/PluralKit.Bot/Commands/Checks.cs b/PluralKit.Bot/Commands/Checks.cs index a7d61660..caf51d80 100644 --- a/PluralKit.Bot/Commands/Checks.cs +++ b/PluralKit.Bot/Commands/Checks.cs @@ -156,7 +156,7 @@ public class Checks if (!await ctx.CheckPermissionsInGuildChannel(channel, PermissionSet.ViewChannel)) throw new PKError(error); - var botPermissions = PermissionExtensions.PermissionsFor(guild, channel, _botConfig.ClientId, guildMember); + var botPermissions = await _cache.BotPermissionsIn(channel.Id); // We use a bitfield so we can set individual permission bits ulong missingPermissions = 0; diff --git a/PluralKit.Bot/Commands/ServerConfig.cs b/PluralKit.Bot/Commands/ServerConfig.cs index daadc0b2..77af6bac 100644 --- a/PluralKit.Bot/Commands/ServerConfig.cs +++ b/PluralKit.Bot/Commands/ServerConfig.cs @@ -49,7 +49,7 @@ public class ServerConfig if (channel.Type != Channel.ChannelType.GuildText && channel.Type != Channel.ChannelType.GuildPublicThread && channel.Type != Channel.ChannelType.GuildPrivateThread) throw new PKError("PluralKit cannot log messages to this type of channel."); - var perms = await _cache.PermissionsIn(channel.Id); + var perms = await _cache.BotPermissionsIn(channel.Id); if (!perms.HasFlag(PermissionSet.SendMessages)) throw new PKError("PluralKit is missing **Send Messages** permissions in the new log channel."); if (!perms.HasFlag(PermissionSet.EmbedLinks)) diff --git a/PluralKit.Bot/Handlers/MessageCreated.cs b/PluralKit.Bot/Handlers/MessageCreated.cs index f4d84988..aad80bd2 100644 --- a/PluralKit.Bot/Handlers/MessageCreated.cs +++ b/PluralKit.Bot/Handlers/MessageCreated.cs @@ -63,7 +63,7 @@ public class MessageCreated: IEventHandler if (evt.Type != Message.MessageType.Default && evt.Type != Message.MessageType.Reply) return; if (IsDuplicateMessage(evt)) return; - var botPermissions = await _cache.PermissionsIn(evt.ChannelId); + var botPermissions = await _cache.BotPermissionsIn(evt.ChannelId); if (!botPermissions.HasFlag(PermissionSet.SendMessages)) return; // spawn off saving the private channel into another thread diff --git a/PluralKit.Bot/Handlers/MessageEdited.cs b/PluralKit.Bot/Handlers/MessageEdited.cs index 2c869c7e..bb33bc15 100644 --- a/PluralKit.Bot/Handlers/MessageEdited.cs +++ b/PluralKit.Bot/Handlers/MessageEdited.cs @@ -69,7 +69,7 @@ public class MessageEdited: IEventHandler ctx = await _repo.GetMessageContext(evt.Author.Value!.Id, channel.GuildId!.Value, rootChannel.Id, evt.ChannelId); var equivalentEvt = await GetMessageCreateEvent(evt, lastMessage, channel); - var botPermissions = await _cache.PermissionsIn(channel.Id); + var botPermissions = await _cache.BotPermissionsIn(channel.Id); try { @@ -123,7 +123,7 @@ public class MessageEdited: IEventHandler if (referencedMessageId == null) return null; - var botPermissions = await _cache.PermissionsIn(channelId); + var botPermissions = await _cache.BotPermissionsIn(channelId); if (!botPermissions.HasFlag(PermissionSet.ReadMessageHistory)) { _logger.Warning( diff --git a/PluralKit.Bot/Handlers/ReactionAdded.cs b/PluralKit.Bot/Handlers/ReactionAdded.cs index 1e55d8cb..de6a2c69 100644 --- a/PluralKit.Bot/Handlers/ReactionAdded.cs +++ b/PluralKit.Bot/Handlers/ReactionAdded.cs @@ -123,7 +123,7 @@ public class ReactionAdded: IEventHandler private async ValueTask HandleProxyDeleteReaction(MessageReactionAddEvent evt, PKMessage msg) { - if (!(await _cache.PermissionsIn(evt.ChannelId)).HasFlag(PermissionSet.ManageMessages)) + if (!(await _cache.BotPermissionsIn(evt.ChannelId)).HasFlag(PermissionSet.ManageMessages)) return; var isSameSystem = msg.Member != null && await _repo.IsMemberOwnedByAccount(msg.Member.Value, evt.UserId); @@ -150,7 +150,7 @@ public class ReactionAdded: IEventHandler if (authorId != null && authorId != evt.UserId) return; - if (!((await _cache.PermissionsIn(evt.ChannelId)).HasFlag(PermissionSet.ManageMessages) || isDM)) + if (!((await _cache.BotPermissionsIn(evt.ChannelId)).HasFlag(PermissionSet.ManageMessages) || isDM)) return; // todo: don't try to delete the user's own messages in DMs @@ -206,14 +206,14 @@ public class ReactionAdded: IEventHandler private async ValueTask HandlePingReaction(MessageReactionAddEvent evt, FullMessage msg) { - if (!(await _cache.PermissionsIn(evt.ChannelId)).HasFlag(PermissionSet.ManageMessages)) + if (!(await _cache.BotPermissionsIn(evt.ChannelId)).HasFlag(PermissionSet.ManageMessages)) return; // Check if the "pinger" has permission to send messages in this channel // (if not, PK shouldn't send messages on their behalf) var member = await _rest.GetGuildMember(evt.GuildId!.Value, evt.UserId); var requiredPerms = PermissionSet.ViewChannel | PermissionSet.SendMessages; - if (member == null || !(await _cache.PermissionsFor(evt.ChannelId, member)).HasFlag(requiredPerms)) return; + if (member == null || !(await _cache.PermissionsForMemberInChannel(evt.ChannelId, member)).HasFlag(requiredPerms)) return; if (msg.Member == null) return; @@ -266,7 +266,7 @@ public class ReactionAdded: IEventHandler private async Task TryRemoveOriginalReaction(MessageReactionAddEvent evt) { - if ((await _cache.PermissionsIn(evt.ChannelId)).HasFlag(PermissionSet.ManageMessages)) + if ((await _cache.BotPermissionsIn(evt.ChannelId)).HasFlag(PermissionSet.ManageMessages)) await _rest.DeleteUserReaction(evt.ChannelId, evt.MessageId, evt.Emoji, evt.UserId); } } \ No newline at end of file diff --git a/PluralKit.Bot/Proxy/ProxyService.cs b/PluralKit.Bot/Proxy/ProxyService.cs index 67ae7c37..b8a533ef 100644 --- a/PluralKit.Bot/Proxy/ProxyService.cs +++ b/PluralKit.Bot/Proxy/ProxyService.cs @@ -102,7 +102,7 @@ public class ProxyService // Check if the sender account can mention everyone/here + embed links // we need to "mirror" these permissions when proxying to prevent exploits - var senderPermissions = PermissionExtensions.PermissionsFor(guild, rootChannel, message, isThread: rootChannel.Id != channel.Id); + var senderPermissions = PermissionExtensions.PermissionsFor(guild, rootChannel, message.Author.Id, message.Member, isThread: rootChannel.Id != channel.Id); var allowEveryone = senderPermissions.HasFlag(PermissionSet.MentionEveryone); var allowEmbeds = senderPermissions.HasFlag(PermissionSet.EmbedLinks); diff --git a/PluralKit.Bot/Services/LoggerCleanService.cs b/PluralKit.Bot/Services/LoggerCleanService.cs index 72d0d599..0f623e68 100644 --- a/PluralKit.Bot/Services/LoggerCleanService.cs +++ b/PluralKit.Bot/Services/LoggerCleanService.cs @@ -101,7 +101,7 @@ public class LoggerCleanService var channel = await _cache.GetChannel(msg.ChannelId); if (channel.Type != Channel.ChannelType.GuildText) return; - if (!(await _cache.PermissionsIn(channel.Id)).HasFlag(PermissionSet.ManageMessages)) return; + if (!(await _cache.BotPermissionsIn(channel.Id)).HasFlag(PermissionSet.ManageMessages)) return; // If this message is from a *webhook*, check if the application ID matches one of the bots we know // If it's from a *bot*, check the bot ID to see if we know it. diff --git a/PluralKit.Bot/Utils/SerilogGatewayEnricherFactory.cs b/PluralKit.Bot/Utils/SerilogGatewayEnricherFactory.cs index d7a34fd7..4fba3f24 100644 --- a/PluralKit.Bot/Utils/SerilogGatewayEnricherFactory.cs +++ b/PluralKit.Bot/Utils/SerilogGatewayEnricherFactory.cs @@ -40,7 +40,7 @@ public class SerilogGatewayEnricherFactory if (await _cache.TryGetChannel(channel.Value) != null) { - var botPermissions = await _cache.PermissionsIn(channel.Value); + var botPermissions = await _cache.BotPermissionsIn(channel.Value); props.Add(new LogEventProperty("BotPermissions", new ScalarValue(botPermissions))); } } @@ -52,7 +52,7 @@ public class SerilogGatewayEnricherFactory props.Add(new LogEventProperty("UserId", new ScalarValue(user.Value))); if (evt is MessageCreateEvent mce) - props.Add(new LogEventProperty("UserPermissions", new ScalarValue(await _cache.PermissionsFor(mce)))); + props.Add(new LogEventProperty("UserPermissions", new ScalarValue(await _cache.PermissionsForMCE(mce)))); return new Inner(props); }