Merge pull request #4 from message-manager-discord/permissions-rewrite

feat: permissions rewrite

Author: quirky-bluejay

.eslintrc.json

@@ -1,7 +1,7 @@
 {
   "root": true,
   "parser": "@typescript-eslint/parser",
-  "plugins": ["@typescript-eslint"],
+  "plugins": ["@typescript-eslint", "simple-import-sort"],
   "parserOptions": {
     "tsconfigRootDir": ".",
     "project": ["./tsconfig.json"]
@@ -12,5 +12,10 @@
     "plugin:@typescript-eslint/recommended",
     "prettier",
     "plugin:@typescript-eslint/recommended-requiring-type-checking"
-  ]
+  ],
+  "rules": {
+    "@typescript-eslint/strict-boolean-expressions": "warn",
+    "simple-import-sort/imports": "warn",
+    "simple-import-sort/exports": "warn"
+  }
 }

package-lock.json

@@ -58,6 +58,7 @@
     "discord-api-types": "^0.27.3",
     "eslint": "^8.12.0",
     "eslint-config-prettier": "^8.5.0",
+    "eslint-plugin-simple-import-sort": "^7.0.0",
     "prettier": "2.6.1",
     "prisma": "^3.9.2",
     "tap": "^16.0.1",

package.json

@@ -3,8 +3,9 @@ import { FastifyInstance } from "fastify";
 import httpErrors from "http-errors";
 const { Forbidden } = httpErrors;
 import { Static, Type } from "@sinclair/typebox";
-import { v5 as uuidv5 } from "uuid";
 import crypto from "crypto";
+import { v5 as uuidv5 } from "uuid";
+
 import DiscordOauthRequests from "./discordOauth";
 
 const CallbackQuerystring = Type.Object({
@@ -43,10 +44,7 @@ const addPlugin = async (instance: FastifyInstance) => {
       const { redirect_to } = request.query;
 
       const state = crypto.randomBytes(16).toString("hex");
-      await instance.redisCache.setState(
-        state,
-        redirect_to ? redirect_to : null
-      );
+      await instance.redisCache.setState(state, redirect_to ?? null);
 
       return reply.redirect(
         307,
@@ -66,7 +64,7 @@ const addPlugin = async (instance: FastifyInstance) => {
     },
     async (request, reply) => {
       const { code, state } = request.query;
-      if (!state) {
+      if (state === undefined) {
         return new Forbidden("Missing state");
       }
       const cachedState = await instance.redisCache.getState(state);
@@ -103,7 +101,7 @@ const addPlugin = async (instance: FastifyInstance) => {
       const date = new Date();
       date.setDate(date.getDate() + 7);
 
-      const redirectPath = cachedState.redirectPath || "/";
+      const redirectPath = cachedState.redirectPath ?? "/";
       return reply
         .setCookie("_HOST-session", session, {
           secure: true,

src/authRoutes.ts

@@ -11,9 +11,9 @@ const inviteUrl =
 
 export {
   discordAPIBaseURL,
-  requiredScopes,
   embedPink,
-  successGreen,
   failureRed,
   inviteUrl,
+  requiredScopes,
+  successGreen,
 };

src/constants.ts

@@ -1,5 +1,5 @@
 // https://github.com/detritusjs/client/blob/b27cbaa5bfb48506b059be178da0e871b83ba95e/src/constants.ts#L917
-export const Permissions = Object.freeze({
+const DiscordPermissions = Object.freeze({
   NONE: 0n,
   CREATE_INSTANT_INVITE: 1n << 0n,
   KICK_MEMBERS: 1n << 1n,
@@ -41,3 +41,35 @@ export const Permissions = Object.freeze({
   USE_EXTERNAL_STICKERS: 1n << 37n,
   SEND_MESSAGES_IN_THREADS: 1n << 38n,
 });
+
+const _permissionsByName: { [name: string]: bigint } = {};
+const _permissionsByValue: { [value: string]: string } = {};
+// Find the names and values of all the permissions from Permissions
+
+for (const [key, value] of Object.entries(DiscordPermissions)) {
+  _permissionsByName[key] = value;
+  _permissionsByValue[value.toString()] = key;
+}
+
+const getDiscordPermissionByName = (name: string): bigint | undefined => {
+  return _permissionsByName[name];
+};
+
+const getDiscordPermissionByValue = (value: bigint): string | undefined => {
+  return _permissionsByValue[value.toString()];
+};
+
+const parseDiscordPermissionValuesToStringNames = (
+  permissions: bigint[]
+): string[] => {
+  const parsed = permissions.map((permission) => {
+    return getDiscordPermissionByValue(permission);
+  });
+  return parsed.filter((permission) => permission !== undefined) as string[];
+};
+export {
+  DiscordPermissions,
+  getDiscordPermissionByName,
+  getDiscordPermissionByValue,
+  parseDiscordPermissionValuesToStringNames,
+};

src/consts.ts

@@ -1,13 +1,14 @@
 import axios, { AxiosError, AxiosResponse } from "axios";
 import {
+  RESTGetAPICurrentUserGuildsResult,
   RESTGetAPICurrentUserResult,
+  RESTGetCurrentUserGuildMemberResult,
   RESTPostOAuth2AccessTokenResult,
   Snowflake,
-  RESTGetAPICurrentUserGuildsResult,
-  RESTGetCurrentUserGuildMemberResult,
 } from "discord-api-types/v9";
 import { FastifyInstance } from "fastify";
 import { URLSearchParams } from "url";
+
 import { discordAPIBaseURL, requiredScopes } from "./constants";
 import {
   ExpectedOauth2Failure,
@@ -83,15 +84,15 @@ class DiscordOauthRequests {
     cacheExpiry?: number;
     userId?: Snowflake;
   }): Promise<UncachedResponse | CachedResponse> {
-    if (cacheExpiry && userId) {
+    if (cacheExpiry !== undefined && userId !== undefined) {
       // TODO: Should cacheExpiry be checked / used
       // Requests without a token are not cached
       const cachedResponse = (await this._instance.redisCache.getOauthCache(
         path,
         userId
       )) as string | null;
 
-      if (cachedResponse) {
+      if (cachedResponse !== null) {
         return { cached: true, data: cachedResponse };
       }
       const response = await this._makeRequest({
@@ -108,7 +109,7 @@ class DiscordOauthRequests {
       );
       return response;
     }
-    if (token) {
+    if (token !== undefined) {
       headers = { ...headers, Authorization: `Bearer ${token}` };
     }
     let response: AxiosResponse;
@@ -139,7 +140,8 @@ class DiscordOauthRequests {
       return new UnexpectedFailure(
         InteractionOrRequestFinalStatus.OAUTH_REQUEST_FAILED,
         `Oauth request to ${
-          // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access,  @typescript-eslint/restrict-template-expressions
+          // TODO: Fix this type mess. Most likely by changing request libs
+          // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access,  @typescript-eslint/restrict-template-expressions, @typescript-eslint/strict-boolean-expressions
           response.request.path || "Unknown path"
         } failed with the status ${statusCode}`
       );
@@ -152,7 +154,7 @@ class DiscordOauthRequests {
   }): Promise<RESTGetAPICurrentUserResult> {
     let cacheExpiry: number | undefined;
     let response;
-    if (user.userId) {
+    if (user.userId !== undefined) {
       cacheExpiry = 1000 * 60 * 5; // 5 minutes
       response = await this._makeRequest({
         path: "/users/@me",

src/discordOauth.ts

@@ -42,71 +42,57 @@
         "description": "Manage bot level permissions. Requires being a manager on the bot.",
         "options": [
           {
-            "name": "set",
+            "name": "manage",
             "type": 1,
-            "description": "Set a user's or a role's bot permission",
+            "description": "Manage and view the target's permissions",
             "options": [
               {
                 "type": 9,
                 "name": "target",
                 "required": true,
-                "description": "The user or role to set the permission for"
-              },
-              {
-                "type": 4,
-                "name": "permission",
-                "required": true,
-                "description": "The permission to set",
-                "choices": [
-                  {
-                    "name": "View Messages",
-                    "value": 1
-                  },
-                  {
-                    "name": "Edit Messages",
-                    "value": 2
-                  },
-                  {
-                    "name": "Send Messages",
-                    "value": 3
-                  },
-                  {
-                    "name": "Delete Messages",
-                    "value": 4
-                  },
-                  {
-                    "name": "Manage Permissions",
-                    "value": 5
-                  },
-                  {
-                    "name": "Manage Config",
-                    "value": 6
-                  }
-                ]
+                "description": "The user or role to manage / view permissions for"
               },
               {
                 "type": 7,
                 "name": "channel",
-                "description": "The channel to set the permission on. Leave empty to set the permission on the guild level.",
+                "required": false,
+                "description": "The channel to manage / view permissions of the target on. Leave this blank to manage permissions on the entire server",
                 "channel_types": [0, 5]
               }
             ]
           },
           {
-            "name": "remove",
+            "name": "quickstart",
             "type": 1,
-            "description": "Remove a user's or a role's bot permission",
+            "description": "Get permissions setup with presets. Use the manage command to have finer control over permissions",
             "options": [
               {
                 "type": 9,
                 "name": "target",
                 "required": true,
-                "description": "The user or role to remove permissions for"
+                "description": "The user or role to setup permissions for"
+              },
+              {
+                "type": 3,
+                "name": "preset",
+                "required": true,
+                "description": "The preset to grant to the target",
+                "choices": [
+                  {
+                    "name": "message-access",
+                    "value": "message-access"
+                  },
+                  {
+                    "name": "management-access",
+                    "value": "management-access"
+                  }
+                ]
               },
               {
                 "type": 7,
                 "name": "channel",
-                "description": "The channel to remove the permissions on. Leave empty to remove the permissions on the guild level.",
+                "required": false,
+                "description": "The channel to setup permissions of the target on. Leave this blank to setup permissions on the entire server",
                 "channel_types": [0, 5]
               }
             ]
@@ -121,21 +107,6 @@
                 "name": "channel",
                 "description": "The channel to list the permissions on. Leave empty to list the permissions on the guild level.",
                 "channel_types": [0, 5]
-              },
-              {
-                "type": 3,
-                "name": "type-filter",
-                "description": "Filter the set permissions by a specific type (user or role)",
-                "choices": [
-                  {
-                    "name": "Users",
-                    "value": "users"
-                  },
-                  {
-                    "name": "Roles",
-                    "value": "roles"
-                  }
-                ]
               }
             ]
           }

src/discord_commands/global.json

@@ -26,7 +26,8 @@ enum InteractionOrRequestFinalStatus {
   BOT_FOUND_WHEN_USER_EXPECTED,
   NO_PERMISSION_TO_REMOVE,
   TAG_NOT_FOUND,
-  MANAGE_CONFIG_PERMISSION_CANNOT_BE_SET_ON_CHANNEL_LEVEL,
+  NO_PERMISSIONS_PRESET_SELECTED,
+  MANAGEMENT_PERMISSIONS_CANNOT_BE_SET_ON_CHANNEL_LEVEL,
   GENERIC_EXPECTED_PERMISSIONS_FAILURE = 3000,
   USER_MISSING_DISCORD_PERMISSION,
   BOT_MISSING_DISCORD_PERMISSION,
@@ -60,6 +61,7 @@ enum InteractionOrRequestFinalStatus {
   OAUTH_REQUEST_FAILED,
   CREATE_WEBHOOK_RESULT_MISSING_TOKEN,
   ROLE_NOT_IN_CACHE,
+  PERMISSIONS_CANNOT_CROSSOVER_WHEN_UPDATING,
 }
 
 class CustomError extends Error {
@@ -97,11 +99,11 @@ class UnexpectedFailure extends CustomError {
 }
 
 export {
-  InteractionOrRequestFinalStatus,
+  CustomError,
   ExpectedFailure,
-  ExpectedPermissionFailure,
   ExpectedOauth2Failure,
+  ExpectedPermissionFailure,
+  InteractionOrRequestFinalStatus,
   LimitHit,
   UnexpectedFailure,
-  CustomError,
 };