Skip to content

Commit

Permalink
feat(Permissions): add checkAdmin to permission overwrite checks (#6847)
Browse files Browse the repository at this point in the history
  • Loading branch information
@ckohen
ckohen committed Oct 16, 2021
1 parent e8b6997 commit 7513b45
Show file tree
Hide file tree
Showing 4 changed files with 34 additions and 19 deletions.
23 changes: 15 additions & 8 deletions src/structures/GuildChannel.js
View file
Expand Up @@ -153,13 +153,14 @@ class GuildChannel extends Channel {
/**
* Gets the overall set of permissions for a member or role in this channel, taking into account channel overwrites.
* @param {GuildMemberResolvable|RoleResolvable} memberOrRole The member or role to obtain the overall permissions for
* @param {boolean} [checkAdmin=true] Whether having `ADMINISTRATOR` will return all permissions
* @returns {?Readonly<Permissions>}
*/
permissionsFor(memberOrRole) {
permissionsFor(memberOrRole, checkAdmin = true) {
const member = this.guild.members.resolve(memberOrRole);
if (member) return this.memberPermissions(member);
if (member) return this.memberPermissions(member, checkAdmin);
const role = this.guild.roles.resolve(memberOrRole);
return role && this.rolePermissions(role);
return role && this.rolePermissions(role, checkAdmin);
}

overwritesFor(member, verified = false, roles = null) {
Expand Down Expand Up @@ -191,16 +192,19 @@ class GuildChannel extends Channel {
/**
* Gets the overall set of permissions for a member in this channel, taking into account channel overwrites.
* @param {GuildMember} member The member to obtain the overall permissions for
* @param {boolean} checkAdmin=true Whether having `ADMINISTRATOR` will return all permissions
* @returns {Readonly<Permissions>}
* @private
*/
memberPermissions(member) {
if (member.id === this.guild.ownerId) return new Permissions(Permissions.ALL).freeze();
memberPermissions(member, checkAdmin) {
if (checkAdmin && member.id === this.guild.ownerId) return new Permissions(Permissions.ALL).freeze();

const roles = member.roles.cache;
const permissions = new Permissions(roles.map(role => role.permissions));

if (permissions.has(Permissions.FLAGS.ADMINISTRATOR)) return new Permissions(Permissions.ALL).freeze();
if (checkAdmin && permissions.has(Permissions.FLAGS.ADMINISTRATOR)) {
return new Permissions(Permissions.ALL).freeze();
}

const overwrites = this.overwritesFor(member, true, roles);

Expand All @@ -217,11 +221,14 @@ class GuildChannel extends Channel {
/**
* Gets the overall set of permissions for a role in this channel, taking into account channel overwrites.
* @param {Role} role The role to obtain the overall permissions for
* @param {boolean} checkAdmin Whether having `ADMINISTRATOR` will return all permissions
* @returns {Readonly<Permissions>}
* @private
*/
rolePermissions(role) {
if (role.permissions.has(Permissions.FLAGS.ADMINISTRATOR)) return new Permissions(Permissions.ALL).freeze();
rolePermissions(role, checkAdmin) {
if (checkAdmin && role.permissions.has(Permissions.FLAGS.ADMINISTRATOR)) {
return new Permissions(Permissions.ALL).freeze();
}

const everyoneOverwrites = this.permissionOverwrites.cache.get(this.guild.id);
const roleOverwrites = this.permissionOverwrites.cache.get(role.id);
Expand Down
5 changes: 3 additions & 2 deletions src/structures/Role.js
View file
Expand Up @@ -232,12 +232,13 @@ class Role extends Base {
* Returns `channel.permissionsFor(role)`. Returns permissions for a role in a guild channel,
* taking into account permission overwrites.
* @param {GuildChannel|Snowflake} channel The guild channel to use as context
* @param {boolean} [checkAdmin=true] Whether having `ADMINISTRATOR` will return all permissions
* @returns {Readonly<Permissions>}
*/
permissionsIn(channel) {
permissionsIn(channel, checkAdmin = true) {
channel = this.guild.channels.resolve(channel);
if (!channel) throw new Error('GUILD_CHANNEL_RESOLVE');
return channel.rolePermissions(this);
return channel.rolePermissions(this, checkAdmin);
}

/**
Expand Down
5 changes: 3 additions & 2 deletions src/structures/ThreadChannel.js
View file
Expand Up @@ -227,10 +227,11 @@ class ThreadChannel extends Channel {
* Gets the overall set of permissions for a member or role in this thread's parent channel, taking overwrites into
* account.
* @param {GuildMemberResolvable|RoleResolvable} memberOrRole The member or role to obtain the overall permissions for
* @param {boolean} [checkAdmin=true] Whether having `ADMINISTRATOR` will return all permissions
* @returns {?Readonly<Permissions>}
*/
permissionsFor(memberOrRole) {
return this.parent?.permissionsFor(memberOrRole) ?? null;
permissionsFor(memberOrRole, checkAdmin) {
return this.parent?.permissionsFor(memberOrRole, checkAdmin) ?? null;
}

/**
Expand Down
20 changes: 13 additions & 7 deletions typings/index.d.ts
View file
Expand Up @@ -883,8 +883,8 @@ export class GuildBan extends Base {

export abstract class GuildChannel extends Channel {
public constructor(guild: Guild, data?: RawGuildChannelData, client?: Client, immediatePatch?: boolean);
private memberPermissions(member: GuildMember): Readonly<Permissions>;
private rolePermissions(role: Role): Readonly<Permissions>;
private memberPermissions(member: GuildMember, checkAdmin: boolean): Readonly<Permissions>;
private rolePermissions(role: Role, checkAdmin: boolean): Readonly<Permissions>;

public readonly calculatedPosition: number;
public readonly deletable: boolean;
Expand All @@ -906,8 +906,11 @@ export abstract class GuildChannel extends Channel {
public edit(data: ChannelData, reason?: string): Promise<this>;
public equals(channel: GuildChannel): boolean;
public lockPermissions(): Promise<this>;
public permissionsFor(memberOrRole: GuildMember | Role): Readonly<Permissions>;
public permissionsFor(memberOrRole: GuildMemberResolvable | RoleResolvable): Readonly<Permissions> | null;
public permissionsFor(memberOrRole: GuildMember | Role, checkAdmin?: boolean): Readonly<Permissions>;
public permissionsFor(
memberOrRole: GuildMemberResolvable | RoleResolvable,
checkAdmin?: boolean,
): Readonly<Permissions> | null;
public setName(name: string, reason?: string): Promise<this>;
public setParent(channel: CategoryChannelResolvable | null, options?: SetParentOptions): Promise<this>;
public setPosition(position: number, options?: SetChannelPositionOptions): Promise<this>;
Expand Down Expand Up @@ -1725,7 +1728,7 @@ export class Role extends Base {
public edit(data: RoleData, reason?: string): Promise<Role>;
public equals(role: Role): boolean;
public iconURL(options?: StaticImageURLOptions): string | null;
public permissionsIn(channel: GuildChannel | Snowflake): Readonly<Permissions>;
public permissionsIn(channel: GuildChannel | Snowflake, checkAdmin?: boolean): Readonly<Permissions>;
public setColor(color: ColorResolvable, reason?: string): Promise<Role>;
public setHoist(hoist?: boolean, reason?: string): Promise<Role>;
public setMentionable(mentionable?: boolean, reason?: string): Promise<Role>;
Expand Down Expand Up @@ -2004,8 +2007,11 @@ export class ThreadChannel extends TextBasedChannel(Channel) {
public edit(data: ThreadEditData, reason?: string): Promise<ThreadChannel>;
public join(): Promise<ThreadChannel>;
public leave(): Promise<ThreadChannel>;
public permissionsFor(memberOrRole: GuildMember | Role): Readonly<Permissions>;
public permissionsFor(memberOrRole: GuildMemberResolvable | RoleResolvable): Readonly<Permissions> | null;
public permissionsFor(memberOrRole: GuildMember | Role, checkAdmin?: boolean): Readonly<Permissions>;
public permissionsFor(
memberOrRole: GuildMemberResolvable | RoleResolvable,
checkAdmin?: boolean,
): Readonly<Permissions> | null;
public fetchOwner(options?: BaseFetchOptions): Promise<ThreadMember | null>;
public fetchStarterMessage(options?: BaseFetchOptions): Promise<Message>;
public setArchived(archived?: boolean, reason?: string): Promise<ThreadChannel>;
Expand Down

0 comments on commit 7513b45

Please sign in to comment.