Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Permissions v2 UI doesn't reflect default_member_permissions #4863

Closed
SuperchupuDev opened this issue May 1, 2022 · 5 comments
Closed

Permissions v2 UI doesn't reflect default_member_permissions #4863

SuperchupuDev opened this issue May 1, 2022 · 5 comments
Assignees
@spring4175
Labels
slash commands synced Synced to internal tracker

Comments

@SuperchupuDev
Copy link
Contributor

Description

Commands with default_member_permissions show up in the command permissions menu as being enabled for @everyone, even though they are only enabled for certain permissions by default. Instead, they should show up correctly in the menu.

Steps to Reproduce

  1. Make a command with default_member_permissions
  2. Check the command at the integrations tab of the guild

Expected Behavior

It's shown up as disabled for @everyone and enabled for the roles that have the permissions you set up

Current Behavior

It's shown up as enabled for @everyone

Screenshots/Videos

JSON of the deployed command 
{
    "name": "perms_v2",
    "description": "you need manage guilds ithink",
    "default_member_permissions": "32"
}
User that doesn't have MANAGE_GUILDS trying to use the command (works as expected, the guild has access to backend v2 too)

image

The UI fails to reflect that only users with MANAGE_GUILDS can use the command

image

Client and System Information

Canary 126462 (1f5f36e) Host 1.0.46 Windows 10 64-Bit (10.0.19044)
@hollowstrawberry
Copy link

hollowstrawberry commented May 2, 2022
edited
Loading

Another thing to look out for: If the server's admin changes the base integration permissions (and everything remains synced), then all the specific default_member_permissions stop applying, same as if you unsync those commands.

This might be a bug, but only in relation to the present issue, as it is not clear when exactly users are able or unable to use restricted commands. This becomes a vulnerability risk for servers using a bot that depends on permissions v2.

@TIBI4
Copy link

TIBI4 commented May 3, 2022

Yes. It's like combining per channel permissions + per role/member permissions + default permissions, makes the "bug" come alive.

@hollowstrawberry hollowstrawberry mentioned this issue May 6, 2022
Closed
@spring4175 spring4175 added the synced Synced to internal tracker label May 10, 2022
@spring4175 spring4175 self-assigned this May 10, 2022
@casper-hansen
Copy link

I was just looking for this exact thing. A more general description I found is below. @Rapptz any idea if this will be supported?
https://msciotti.notion.site/msciotti/Command-Permissions-V2-4d113cb49090409f998f3bd80a06c3bd

@zwamdurkel
Copy link

I believe I'm having the same issue. setting default_member_permissions to 0 still shows up as enabled for everyone, but they can't use the commands (like intended). It's a bit annoying because now I can't allow everyone to use a command by overriding it in the UI.

@SuperchupuDev
Copy link
Contributor Author

It has just been shipped, thanks a lot for adding it!

image
image

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@spring4175 spring4175

Labels
slash commands synced Synced to internal tracker
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@zwamdurkel @TIBI4 @casper-hansen @hollowstrawberry @SuperchupuDev @spring4175