From 741c0dc44e2d8c519564d1477f8d168d82eb572e Mon Sep 17 00:00:00 2001 From: MarkKoz Date: Tue, 27 Jul 2021 13:52:36 -0700 Subject: Specify DEBUG_MODE via the config file The `SITE_URL` environment variable hasn't been used by anything else for a long time. It wouldn't have been reliable to look for "local" anyway since the Docker hostname may be used. --- bot/constants.py | 2 +- config-default.yml | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/bot/constants.py b/bot/constants.py index 500803f33..b7c6ffa70 100644 --- a/bot/constants.py +++ b/bot/constants.py @@ -687,7 +687,7 @@ class VideoPermission(metaclass=YAMLGetter): # Debug mode -DEBUG_MODE = 'local' in os.environ.get("SITE_URL", "local") +DEBUG_MODE: bool = _CONFIG_YAML["debug"] # Paths BOT_DIR = os.path.dirname(__file__) diff --git a/config-default.yml b/config-default.yml index 811640034..40c6d691e 100644 --- a/config-default.yml +++ b/config-default.yml @@ -1,3 +1,6 @@ +debug: false + + bot: prefix: "!" sentry_dsn: !ENV "BOT_SENTRY_DSN" -- cgit v1.2.3 From 14056b3ede96401d2a3364ca9a0e8f3b3ec72277 Mon Sep 17 00:00:00 2001 From: MarkKoz Date: Tue, 27 Jul 2021 13:58:17 -0700 Subject: Restrict internal eval to bot owner when in debug mode It's a security risk to let anyone in a test server have essentially full access to the host machine. Resolve #1683 --- bot/exts/utils/internal.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/bot/exts/utils/internal.py b/bot/exts/utils/internal.py index 6f2da3131..5d2cd7611 100644 --- a/bot/exts/utils/internal.py +++ b/bot/exts/utils/internal.py @@ -11,10 +11,10 @@ from io import StringIO from typing import Any, Optional, Tuple import discord -from discord.ext.commands import Cog, Context, group, has_any_role +from discord.ext.commands import Cog, Context, group, has_any_role, is_owner from bot.bot import Bot -from bot.constants import Roles +from bot.constants import DEBUG_MODE, Roles from bot.utils import find_nth_occurrence, send_to_paste_service log = logging.getLogger(__name__) @@ -33,6 +33,9 @@ class Internal(Cog): self.socket_event_total = 0 self.socket_events = Counter() + if DEBUG_MODE: + self.eval.add_check(is_owner().predicate) + @Cog.listener() async def on_socket_response(self, msg: dict) -> None: """When a websocket event is received, increase our counters.""" -- cgit v1.2.3 From b6b05251238df2ccff4cab721e5b03e2208aa713 Mon Sep 17 00:00:00 2001 From: MarkKoz Date: Mon, 23 Aug 2021 13:19:53 -0700 Subject: Enable debug mode by default --- bot/constants.py | 2 +- config-default.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/bot/constants.py b/bot/constants.py index b7c6ffa70..a6dd3ab65 100644 --- a/bot/constants.py +++ b/bot/constants.py @@ -687,7 +687,7 @@ class VideoPermission(metaclass=YAMLGetter): # Debug mode -DEBUG_MODE: bool = _CONFIG_YAML["debug"] +DEBUG_MODE: bool = _CONFIG_YAML["debug"] == "true" # Paths BOT_DIR = os.path.dirname(__file__) diff --git a/config-default.yml b/config-default.yml index 40c6d691e..85532ad28 100644 --- a/config-default.yml +++ b/config-default.yml @@ -1,4 +1,4 @@ -debug: false +debug: !ENV ["BOT_DEBUG", "true"] bot: -- cgit v1.2.3