From 257048446a1e37c1bbdad424f8a8465f0491ca83 Mon Sep 17 00:00:00 2001 From: MarkKoz Date: Wed, 12 Aug 2020 12:11:47 -0700 Subject: Filtering: ignore errors for duplicate offensive messages The error happens when a filter is triggered by a message edit. Fixes #1099 Fixes BOT-6B --- bot/cogs/filtering.py | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/bot/cogs/filtering.py b/bot/cogs/filtering.py index 93cc1c655..99b659bff 100644 --- a/bot/cogs/filtering.py +++ b/bot/cogs/filtering.py @@ -11,6 +11,7 @@ from discord import Colour, HTTPException, Member, Message, NotFound, TextChanne from discord.ext.commands import Cog from discord.utils import escape_markdown +from bot.api import ResponseCodeError from bot.bot import Bot from bot.cogs.moderation import ModLog from bot.constants import ( @@ -301,9 +302,16 @@ class Filtering(Cog): 'delete_date': delete_date } - await self.bot.api_client.post('bot/offensive-messages', json=data) - self.schedule_msg_delete(data) - log.trace(f"Offensive message {msg.id} will be deleted on {delete_date}") + try: + await self.bot.api_client.post('bot/offensive-messages', json=data) + except ResponseCodeError as e: + if e.status == 400 and "already exists" in e.response_json.get("id", [""])[0]: + log.debug(f"Offensive message {msg.id} already exists.") + else: + log.error(f"Offensive message {msg.id} failed to post: {e}") + else: + self.schedule_msg_delete(data) + log.trace(f"Offensive message {msg.id} will be deleted on {delete_date}") if is_private: channel_str = "via DM" -- cgit v1.2.3 From b7e40706aa152228154ce96f5aa346a9f5fc43db Mon Sep 17 00:00:00 2001 From: AtieP Date: Sat, 15 Aug 2020 10:22:21 +0200 Subject: Add doc cleanup --- bot/cogs/doc.py | 28 ++++++++++++++++++++++++++-- 1 file changed, 26 insertions(+), 2 deletions(-) diff --git a/bot/cogs/doc.py b/bot/cogs/doc.py index 204cffb37..63dcc2c15 100644 --- a/bot/cogs/doc.py +++ b/bot/cogs/doc.py @@ -19,7 +19,7 @@ from sphinx.ext import intersphinx from urllib3.exceptions import ProtocolError from bot.bot import Bot -from bot.constants import MODERATION_ROLES, RedirectOutput +from bot.constants import MODERATION_ROLES, RedirectOutput, Emojis from bot.converters import ValidPythonIdentifier, ValidURL from bot.decorators import with_role from bot.pagination import LinePaginator @@ -28,6 +28,8 @@ from bot.pagination import LinePaginator log = logging.getLogger(__name__) logging.getLogger('urllib3').setLevel(logging.WARNING) +DELETE_EMOJI = Emojis.trashcan + # Since Intersphinx is intended to be used with Sphinx, # we need to mock its configuration. SPHINX_MOCK_APP = SimpleNamespace( @@ -66,6 +68,27 @@ FAILED_REQUEST_RETRY_AMOUNT = 3 NOT_FOUND_DELETE_DELAY = RedirectOutput.delete_delay +async def doc_cleanup(bot: Bot, author: discord.Member, message: discord.Message) -> None: + """ + Runs the cleanup for the documentation command. + + Adds a :trashcan: reaction what, when clicked, will delete the documentation embed. + After a 300 second timeout, the reaction will be removed.""" + + await message.add_reaction(DELETE_EMOJI) + + def check(reaction: discord.Reaction, member: discord.Member) -> bool: + """Check the reaction is :trashcan:, the author is original author and messages are the same.""" + return str(reaction) == DELETE_EMOJI and member.id == author.id and reaction.message.id == message.id + + with suppress(NotFound): + try: + await bot.wait_for("reaction_add", check=check, timeout=300) + await message.delete() + except asyncio.TimeoutError: + await message.remove_reaction(DELETE_EMOJI, bot.user) + + def async_cache(max_size: int = 128, arg_offset: int = 0) -> Callable: """ LRU cache implementation for coroutines. @@ -391,7 +414,8 @@ class Doc(commands.Cog): await error_message.delete(delay=NOT_FOUND_DELETE_DELAY) await ctx.message.delete(delay=NOT_FOUND_DELETE_DELAY) else: - await ctx.send(embed=doc_embed) + doc_embed = await ctx.send(embed=doc_embed) + await doc_cleanup(self.bot, ctx.author, doc_embed) @docs_group.command(name='set', aliases=('s',)) @with_role(*MODERATION_ROLES) -- cgit v1.2.3 From 9745f6bdc5d9928cf1cc5d19e3b25da4574d52ec Mon Sep 17 00:00:00 2001 From: AtieP Date: Sat, 15 Aug 2020 10:55:02 +0200 Subject: Satisfy some of the Azure pipelines' code requirements --- bot/cogs/doc.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/bot/cogs/doc.py b/bot/cogs/doc.py index 63dcc2c15..12ed89004 100644 --- a/bot/cogs/doc.py +++ b/bot/cogs/doc.py @@ -19,7 +19,7 @@ from sphinx.ext import intersphinx from urllib3.exceptions import ProtocolError from bot.bot import Bot -from bot.constants import MODERATION_ROLES, RedirectOutput, Emojis +from bot.constants import Emojis, MODERATION_ROLES, RedirectOutput from bot.converters import ValidPythonIdentifier, ValidURL from bot.decorators import with_role from bot.pagination import LinePaginator @@ -73,8 +73,8 @@ async def doc_cleanup(bot: Bot, author: discord.Member, message: discord.Message Runs the cleanup for the documentation command. Adds a :trashcan: reaction what, when clicked, will delete the documentation embed. - After a 300 second timeout, the reaction will be removed.""" - + After a 300 second timeout, the reaction will be removed. + """ await message.add_reaction(DELETE_EMOJI) def check(reaction: discord.Reaction, member: discord.Member) -> bool: -- cgit v1.2.3 From 7cd29c72c0c074680d63740b79b388da95a50de5 Mon Sep 17 00:00:00 2001 From: MarkKoz Date: Sat, 15 Aug 2020 09:55:43 -0700 Subject: Don't patch ctx.message.author in antispam The modification propagated across all code that is using the same `Message` object, including all other `on_message` listeners. This caused weird bugs e.g. the filtering cog thinking the bot authored a message that triggered a filter. Patching only `ctx.author` means the implementation is more fragile. Infraction code must ensure it only retrieves the author via `ctx.author` and not through `ctx.message`. Fixes #1005 Fixes BOT-7D --- bot/cogs/antispam.py | 1 - bot/cogs/moderation/scheduler.py | 6 ++++-- bot/cogs/moderation/utils.py | 2 +- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/bot/cogs/antispam.py b/bot/cogs/antispam.py index 0bcca578d..bc31cbd95 100644 --- a/bot/cogs/antispam.py +++ b/bot/cogs/antispam.py @@ -219,7 +219,6 @@ class AntiSpam(Cog): # Get context and make sure the bot becomes the actor of infraction by patching the `author` attributes context = await self.bot.get_context(msg) context.author = self.bot.user - context.message.author = self.bot.user # Since we're going to invoke the tempmute command directly, we need to manually call the converter. dt_remove_role_after = await self.expiration_date_converter.convert(context, f"{remove_role_after}S") diff --git a/bot/cogs/moderation/scheduler.py b/bot/cogs/moderation/scheduler.py index 75028d851..051f6c52c 100644 --- a/bot/cogs/moderation/scheduler.py +++ b/bot/cogs/moderation/scheduler.py @@ -161,6 +161,7 @@ class InfractionScheduler: self.schedule_expiration(infraction) except discord.HTTPException as e: # Accordingly display that applying the infraction failed. + # Don't use ctx.message.author; antispam only patches ctx.author. confirm_msg = ":x: failed to apply" expiry_msg = "" log_content = ctx.author.mention @@ -190,6 +191,7 @@ class InfractionScheduler: await ctx.send(f"{dm_result}{confirm_msg}{infr_message}.") # Send a log message to the mod log. + # Don't use ctx.message.author for the actor; antispam only patches ctx.author. log.trace(f"Sending apply mod log for infraction #{id_}.") await self.mod_log.send_log_message( icon_url=icon, @@ -198,7 +200,7 @@ class InfractionScheduler: thumbnail=user.avatar_url_as(static_format="png"), text=textwrap.dedent(f""" Member: {user.mention} (`{user.id}`) - Actor: {ctx.message.author}{dm_log_text}{expiry_log_text} + Actor: {ctx.author}{dm_log_text}{expiry_log_text} Reason: {reason} """), content=log_content, @@ -242,7 +244,7 @@ class InfractionScheduler: log_text = await self.deactivate_infraction(response[0], send_log=False) log_text["Member"] = f"{user.mention}(`{user.id}`)" - log_text["Actor"] = str(ctx.message.author) + log_text["Actor"] = str(ctx.author) log_content = None id_ = response[0]['id'] footer = f"ID: {id_}" diff --git a/bot/cogs/moderation/utils.py b/bot/cogs/moderation/utils.py index fb55287b6..f21272102 100644 --- a/bot/cogs/moderation/utils.py +++ b/bot/cogs/moderation/utils.py @@ -70,7 +70,7 @@ async def post_infraction( log.trace(f"Posting {infr_type} infraction for {user} to the API.") payload = { - "actor": ctx.message.author.id, + "actor": ctx.author.id, # Don't use ctx.message.author; antispam only patches ctx.author. "hidden": hidden, "reason": reason, "type": infr_type, -- cgit v1.2.3 From f26deafbebf1d3f6790a165d403e0fb664117939 Mon Sep 17 00:00:00 2001 From: MarkKoz Date: Sat, 15 Aug 2020 12:23:26 -0700 Subject: Truncate mod log content Discord has a limit of 2000 characters for messages. --- bot/cogs/moderation/modlog.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/bot/cogs/moderation/modlog.py b/bot/cogs/moderation/modlog.py index 0a63f57b8..5f30d3744 100644 --- a/bot/cogs/moderation/modlog.py +++ b/bot/cogs/moderation/modlog.py @@ -120,6 +120,10 @@ class ModLog(Cog, name="ModLog"): else: content = "@everyone" + # Truncate content to 2000 characters and append an ellipsis. + if content and len(content) > 2000: + content = content[:2000 - 3] + "..." + channel = self.bot.get_channel(channel_id) log_message = await channel.send( content=content, -- cgit v1.2.3 From 056936eafc927e8770acdc6f70bf2971cca4f4d2 Mon Sep 17 00:00:00 2001 From: MarkKoz Date: Sat, 15 Aug 2020 12:49:26 -0700 Subject: Escape Markdown in reddit post titles Use a Unicode look-alike character to replace square brackets, since they'd otherwise interfere with the Markdown. Fixes #1030 --- bot/cogs/reddit.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/bot/cogs/reddit.py b/bot/cogs/reddit.py index d853ab2ea..5d9e2c20b 100644 --- a/bot/cogs/reddit.py +++ b/bot/cogs/reddit.py @@ -10,6 +10,7 @@ from aiohttp import BasicAuth, ClientError from discord import Colour, Embed, TextChannel from discord.ext.commands import Cog, Context, group from discord.ext.tasks import loop +from discord.utils import escape_markdown from bot.bot import Bot from bot.constants import Channels, ERROR_REPLIES, Emojis, Reddit as RedditConfig, STAFF_ROLES, Webhooks @@ -187,6 +188,8 @@ class Reddit(Cog): author = data["author"] title = textwrap.shorten(data["title"], width=64, placeholder="...") + # Normal brackets interfere with Markdown. + title = escape_markdown(title).replace("[", "⦋").replace("]", "⦌") link = self.URL + data["permalink"] embed.description += ( -- cgit v1.2.3 From 063ae2baa0be2d698705dbf896a4e14511416788 Mon Sep 17 00:00:00 2001 From: MarkKoz Date: Sat, 15 Aug 2020 13:21:02 -0700 Subject: Unnominate banned users from the talent pool Fixes #1065 --- bot/cogs/watchchannels/talentpool.py | 54 +++++++++++++++++++++++------------- 1 file changed, 35 insertions(+), 19 deletions(-) diff --git a/bot/cogs/watchchannels/talentpool.py b/bot/cogs/watchchannels/talentpool.py index 89256e92e..002f01399 100644 --- a/bot/cogs/watchchannels/talentpool.py +++ b/bot/cogs/watchchannels/talentpool.py @@ -1,8 +1,9 @@ import logging import textwrap from collections import ChainMap +from typing import Union -from discord import Color, Embed, Member +from discord import Color, Embed, Member, User from discord.ext.commands import Cog, Context, group from bot.api import ResponseCodeError @@ -164,25 +165,10 @@ class TalentPool(WatchChannel, Cog, name="Talentpool"): Providing a `reason` is required. """ - active_nomination = await self.bot.api_client.get( - self.api_endpoint, - params=ChainMap( - self.api_default_params, - {"user__id": str(user.id)} - ) - ) - - if not active_nomination: + if await self.unwatch(user.id, reason): + await ctx.send(f":white_check_mark: Messages sent by {user} will no longer be relayed") + else: await ctx.send(":x: The specified user does not have an active nomination") - return - - [nomination] = active_nomination - await self.bot.api_client.patch( - f"{self.api_endpoint}/{nomination['id']}", - json={'end_reason': reason, 'active': False} - ) - await ctx.send(f":white_check_mark: Messages sent by {user} will no longer be relayed") - self._remove_user(user.id) @nomination_group.group(name='edit', aliases=('e',), invoke_without_command=True) @with_role(*MODERATION_ROLES) @@ -220,6 +206,36 @@ class TalentPool(WatchChannel, Cog, name="Talentpool"): await ctx.send(f":white_check_mark: Updated the {field} of the nomination!") + @Cog.listener() + async def on_member_ban(self, guild: Guild, user: Union[User, Member]) -> None: + """Remove `user` from the talent pool after they are banned.""" + await self.unwatch(user.id, "User was banned.") + + async def unwatch(self, user_id: int, reason: str) -> bool: + """End the active nomination of a user with the given reason and return True on success.""" + active_nomination = await self.bot.api_client.get( + self.api_endpoint, + params=ChainMap( + self.api_default_params, + {"user__id": str(user_id)} + ) + ) + + if not active_nomination: + log.debug(f"No active nominate exists for {user_id=}") + return False + + log.info(f"Ending nomination: {user_id=} {reason=}") + + [nomination] = active_nomination + await self.bot.api_client.patch( + f"{self.api_endpoint}/{nomination['id']}", + json={'end_reason': reason, 'active': False} + ) + self._remove_user(user_id) + + return True + def _nomination_to_string(self, nomination_object: dict) -> str: """Creates a string representation of a nomination.""" guild = self.bot.get_guild(Guild.id) -- cgit v1.2.3 From 4df3089d8d03f54cdbd14d7683149ae7931036c1 Mon Sep 17 00:00:00 2001 From: Leon Sandøy Date: Sun, 16 Aug 2020 15:28:23 +0200 Subject: Remove the !ask tag --- bot/resources/tags/ask.md | 9 --------- 1 file changed, 9 deletions(-) delete mode 100644 bot/resources/tags/ask.md diff --git a/bot/resources/tags/ask.md b/bot/resources/tags/ask.md deleted file mode 100644 index e2c2a88f6..000000000 --- a/bot/resources/tags/ask.md +++ /dev/null @@ -1,9 +0,0 @@ -Asking good questions will yield a much higher chance of a quick response: - -• Don't ask to ask your question, just go ahead and tell us your problem. -• Don't ask if anyone is knowledgeable in some area, filtering serves no purpose. -• Try to solve the problem on your own first, we're not going to write code for you. -• Show us the code you've tried and any errors or unexpected results it's giving. -• Be patient while we're helping you. - -You can find a much more detailed explanation [on our website](https://pythondiscord.com/pages/asking-good-questions/). -- cgit v1.2.3 From 0a865004d7e33a6d379f04b121cf3201411c75a3 Mon Sep 17 00:00:00 2001 From: AtieP Date: Sun, 16 Aug 2020 17:43:34 +0200 Subject: Use wait_for_deletion from /bot/utils/messages.py instead of doc_cleanup --- bot/cogs/doc.py | 28 +++------------------------- 1 file changed, 3 insertions(+), 25 deletions(-) diff --git a/bot/cogs/doc.py b/bot/cogs/doc.py index 12ed89004..a3b1d26a1 100644 --- a/bot/cogs/doc.py +++ b/bot/cogs/doc.py @@ -19,17 +19,16 @@ from sphinx.ext import intersphinx from urllib3.exceptions import ProtocolError from bot.bot import Bot -from bot.constants import Emojis, MODERATION_ROLES, RedirectOutput +from bot.constants import MODERATION_ROLES, RedirectOutput from bot.converters import ValidPythonIdentifier, ValidURL from bot.decorators import with_role from bot.pagination import LinePaginator +from bot.utils.messages import wait_for_deletion log = logging.getLogger(__name__) logging.getLogger('urllib3').setLevel(logging.WARNING) -DELETE_EMOJI = Emojis.trashcan - # Since Intersphinx is intended to be used with Sphinx, # we need to mock its configuration. SPHINX_MOCK_APP = SimpleNamespace( @@ -68,27 +67,6 @@ FAILED_REQUEST_RETRY_AMOUNT = 3 NOT_FOUND_DELETE_DELAY = RedirectOutput.delete_delay -async def doc_cleanup(bot: Bot, author: discord.Member, message: discord.Message) -> None: - """ - Runs the cleanup for the documentation command. - - Adds a :trashcan: reaction what, when clicked, will delete the documentation embed. - After a 300 second timeout, the reaction will be removed. - """ - await message.add_reaction(DELETE_EMOJI) - - def check(reaction: discord.Reaction, member: discord.Member) -> bool: - """Check the reaction is :trashcan:, the author is original author and messages are the same.""" - return str(reaction) == DELETE_EMOJI and member.id == author.id and reaction.message.id == message.id - - with suppress(NotFound): - try: - await bot.wait_for("reaction_add", check=check, timeout=300) - await message.delete() - except asyncio.TimeoutError: - await message.remove_reaction(DELETE_EMOJI, bot.user) - - def async_cache(max_size: int = 128, arg_offset: int = 0) -> Callable: """ LRU cache implementation for coroutines. @@ -415,7 +393,7 @@ class Doc(commands.Cog): await ctx.message.delete(delay=NOT_FOUND_DELETE_DELAY) else: doc_embed = await ctx.send(embed=doc_embed) - await doc_cleanup(self.bot, ctx.author, doc_embed) + await wait_for_deletion(doc_embed, (ctx.author.id,), client=self.bot) @docs_group.command(name='set', aliases=('s',)) @with_role(*MODERATION_ROLES) -- cgit v1.2.3 From 92094a5f9d4b8cb9693f5e7bd77e69384f25946e Mon Sep 17 00:00:00 2001 From: AtieP Date: Sun, 16 Aug 2020 19:24:27 +0200 Subject: msg rather than doc_embed --- bot/cogs/doc.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bot/cogs/doc.py b/bot/cogs/doc.py index a3b1d26a1..30c793c75 100644 --- a/bot/cogs/doc.py +++ b/bot/cogs/doc.py @@ -392,8 +392,8 @@ class Doc(commands.Cog): await error_message.delete(delay=NOT_FOUND_DELETE_DELAY) await ctx.message.delete(delay=NOT_FOUND_DELETE_DELAY) else: - doc_embed = await ctx.send(embed=doc_embed) - await wait_for_deletion(doc_embed, (ctx.author.id,), client=self.bot) + msg = await ctx.send(embed=doc_embed) + await wait_for_deletion(msg, (ctx.author.id,), client=self.bot) @docs_group.command(name='set', aliases=('s',)) @with_role(*MODERATION_ROLES) -- cgit v1.2.3 From 743a6b434000813425bf6480b9f7788043f6115d Mon Sep 17 00:00:00 2001 From: MarkKoz Date: Wed, 19 Aug 2020 13:46:17 -0700 Subject: Swap argument order in ChainMaps The defaults should be last to ensure they don't take precedence over explicitly set values. --- bot/cogs/watchchannels/bigbrother.py | 2 +- bot/cogs/watchchannels/talentpool.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/bot/cogs/watchchannels/bigbrother.py b/bot/cogs/watchchannels/bigbrother.py index 4d27a6333..7aa9cec58 100644 --- a/bot/cogs/watchchannels/bigbrother.py +++ b/bot/cogs/watchchannels/bigbrother.py @@ -131,8 +131,8 @@ class BigBrother(WatchChannel, Cog, name="Big Brother"): active_watches = await self.bot.api_client.get( self.api_endpoint, params=ChainMap( + {"user__id": str(user.id)}, self.api_default_params, - {"user__id": str(user.id)} ) ) if active_watches: diff --git a/bot/cogs/watchchannels/talentpool.py b/bot/cogs/watchchannels/talentpool.py index 002f01399..c5621ae18 100644 --- a/bot/cogs/watchchannels/talentpool.py +++ b/bot/cogs/watchchannels/talentpool.py @@ -216,8 +216,8 @@ class TalentPool(WatchChannel, Cog, name="Talentpool"): active_nomination = await self.bot.api_client.get( self.api_endpoint, params=ChainMap( + {"user__id": str(user_id)}, self.api_default_params, - {"user__id": str(user_id)} ) ) -- cgit v1.2.3 From bca71687eec90b88e60155679d369b57344a0ddc Mon Sep 17 00:00:00 2001 From: MarkKoz Date: Wed, 19 Aug 2020 13:50:21 -0700 Subject: Replace stinky single-item unpacking syntax --- bot/cogs/watchchannels/talentpool.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bot/cogs/watchchannels/talentpool.py b/bot/cogs/watchchannels/talentpool.py index c5621ae18..a6df84c23 100644 --- a/bot/cogs/watchchannels/talentpool.py +++ b/bot/cogs/watchchannels/talentpool.py @@ -227,7 +227,7 @@ class TalentPool(WatchChannel, Cog, name="Talentpool"): log.info(f"Ending nomination: {user_id=} {reason=}") - [nomination] = active_nomination + nomination = active_nomination[0] await self.bot.api_client.patch( f"{self.api_endpoint}/{nomination['id']}", json={'end_reason': reason, 'active': False} -- cgit v1.2.3 From 574bcac2b3fb43fc74a6c840667cfed408bc4077 Mon Sep 17 00:00:00 2001 From: Numerlor <25886452+Numerlor@users.noreply.github.com> Date: Thu, 20 Aug 2020 13:53:54 +0200 Subject: Restrict reminder methods to authors and admins. Before, any user could modify the reminders of others by the id. This restricts the behaviour to only admins and users can only modify the reminders they authored. --- bot/cogs/reminders.py | 26 ++++++++++++++++++++++++-- 1 file changed, 24 insertions(+), 2 deletions(-) diff --git a/bot/cogs/reminders.py b/bot/cogs/reminders.py index 670493bcf..08bce2153 100644 --- a/bot/cogs/reminders.py +++ b/bot/cogs/reminders.py @@ -12,10 +12,10 @@ from dateutil.relativedelta import relativedelta from discord.ext.commands import Cog, Context, Greedy, group from bot.bot import Bot -from bot.constants import Guild, Icons, MODERATION_ROLES, POSITIVE_REPLIES, STAFF_ROLES +from bot.constants import Guild, Icons, MODERATION_ROLES, POSITIVE_REPLIES, Roles, STAFF_ROLES from bot.converters import Duration from bot.pagination import LinePaginator -from bot.utils.checks import without_role_check +from bot.utils.checks import with_role_check, without_role_check from bot.utils.messages import send_denial from bot.utils.scheduling import Scheduler from bot.utils.time import humanize_delta @@ -396,6 +396,8 @@ class Reminders(Cog): async def edit_reminder(self, ctx: Context, id_: int, payload: dict) -> None: """Edits a reminder with the given payload, then sends a confirmation message.""" + if not await self._can_modify(ctx, id_): + return reminder = await self._edit_reminder(id_, payload) # Parse the reminder expiration back into a datetime @@ -413,6 +415,8 @@ class Reminders(Cog): @remind_group.command("delete", aliases=("remove", "cancel")) async def delete_reminder(self, ctx: Context, id_: int) -> None: """Delete one of your active reminders.""" + if not await self._can_modify(ctx, id_): + return await self._delete_reminder(id_) await self._send_confirmation( ctx, @@ -421,6 +425,24 @@ class Reminders(Cog): delivery_dt=None, ) + async def _can_modify(self, ctx: Context, reminder_id: t.Union[str, int]) -> bool: + """ + Check whether the reminder can be modified by the ctx author. + + The check passes when the user is an admin, or if they created the reminder. + """ + if with_role_check(ctx, Roles.admins): + return True + + api_response = await self.bot.api_client.get(f"bot/reminders/{reminder_id}") + if not api_response["author"] == ctx.author.id: + log.debug(f"{ctx.author} is not the reminder author and does not pass the check.") + await send_denial(ctx, "You can't modify reminders of other users!") + return False + + log.debug(f"{ctx.author} is the reminder author and passes the check.") + return True + def setup(bot: Bot) -> None: """Load the Reminders cog.""" -- cgit v1.2.3 From 47521608d573c97597df7b97bf42b0142f79e98c Mon Sep 17 00:00:00 2001 From: MarkKoz Date: Thu, 20 Aug 2020 11:02:40 -0700 Subject: Make client parameter mandatory for wait_for_deletion A client instance is necessary for the core feature of this function. There is no way to obtain it from the other arguments. The previous code was wrong to think `discord.Guild.me` is an equivalent. Fixes #1112 --- bot/cogs/bot.py | 2 +- bot/cogs/snekbox.py | 4 +--- bot/cogs/tags.py | 4 ++-- bot/utils/messages.py | 13 ++++--------- 4 files changed, 8 insertions(+), 15 deletions(-) diff --git a/bot/cogs/bot.py b/bot/cogs/bot.py index 79510739c..70ef407d7 100644 --- a/bot/cogs/bot.py +++ b/bot/cogs/bot.py @@ -337,7 +337,7 @@ class BotCog(Cog, name="Bot"): self.codeblock_message_ids[msg.id] = bot_message.id self.bot.loop.create_task( - wait_for_deletion(bot_message, user_ids=(msg.author.id,), client=self.bot) + wait_for_deletion(bot_message, (msg.author.id,), self.bot) ) else: return diff --git a/bot/cogs/snekbox.py b/bot/cogs/snekbox.py index 52c8b6f88..63e6d7f31 100644 --- a/bot/cogs/snekbox.py +++ b/bot/cogs/snekbox.py @@ -220,9 +220,7 @@ class Snekbox(Cog): response = await ctx.send("Attempt to circumvent filter detected. Moderator team has been alerted.") else: response = await ctx.send(msg) - self.bot.loop.create_task( - wait_for_deletion(response, user_ids=(ctx.author.id,), client=ctx.bot) - ) + self.bot.loop.create_task(wait_for_deletion(response, (ctx.author.id,), ctx.bot)) log.info(f"{ctx.author}'s job had a return code of {results['returncode']}") return response diff --git a/bot/cogs/tags.py b/bot/cogs/tags.py index 3d76c5c08..d01647312 100644 --- a/bot/cogs/tags.py +++ b/bot/cogs/tags.py @@ -236,7 +236,7 @@ class Tags(Cog): await wait_for_deletion( await ctx.send(embed=Embed.from_dict(tag['embed'])), [ctx.author.id], - client=self.bot + self.bot ) elif founds and len(tag_name) >= 3: await wait_for_deletion( @@ -247,7 +247,7 @@ class Tags(Cog): ) ), [ctx.author.id], - client=self.bot + self.bot ) else: diff --git a/bot/utils/messages.py b/bot/utils/messages.py index 670289941..aa8f17f75 100644 --- a/bot/utils/messages.py +++ b/bot/utils/messages.py @@ -19,25 +19,20 @@ log = logging.getLogger(__name__) async def wait_for_deletion( message: Message, user_ids: Sequence[Snowflake], + client: Client, deletion_emojis: Sequence[str] = (Emojis.trashcan,), timeout: float = 60 * 5, attach_emojis: bool = True, - client: Optional[Client] = None ) -> None: """ Wait for up to `timeout` seconds for a reaction by any of the specified `user_ids` to delete the message. An `attach_emojis` bool may be specified to determine whether to attach the given - `deletion_emojis` to the message in the given `context` - - A `client` instance may be optionally specified, otherwise client will be taken from the - guild of the message. + `deletion_emojis` to the message in the given `context`. """ - if message.guild is None and client is None: + if message.guild is None: raise ValueError("Message must be sent on a guild") - bot = client or message.guild.me - if attach_emojis: for emoji in deletion_emojis: await message.add_reaction(emoji) @@ -51,7 +46,7 @@ async def wait_for_deletion( ) with contextlib.suppress(asyncio.TimeoutError): - await bot.wait_for('reaction_add', check=check, timeout=timeout) + await client.wait_for('reaction_add', check=check, timeout=timeout) await message.delete() -- cgit v1.2.3 From 36ccac8272de9e60c1c04db7ab3640fd76af8585 Mon Sep 17 00:00:00 2001 From: Joe Banks Date: Thu, 20 Aug 2020 22:35:12 +0100 Subject: Disable raw commands --- bot/cogs/information.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bot/cogs/information.py b/bot/cogs/information.py index 8982196d1..2d87866fb 100644 --- a/bot/cogs/information.py +++ b/bot/cogs/information.py @@ -376,7 +376,7 @@ class Information(Cog): return out.rstrip() @cooldown_with_role_bypass(2, 60 * 3, BucketType.member, bypass_roles=constants.STAFF_ROLES) - @group(invoke_without_command=True) + @group(invoke_without_command=True, enabled=False) @in_whitelist(channels=(constants.Channels.bot_commands,), roles=constants.STAFF_ROLES) async def raw(self, ctx: Context, *, message: Message, json: bool = False) -> None: """Shows information about the raw API response.""" @@ -411,7 +411,7 @@ class Information(Cog): for page in paginator.pages: await ctx.send(page) - @raw.command() + @raw.command(enabled=False) async def json(self, ctx: Context, message: Message) -> None: """Shows information about the raw API response in a copy-pasteable Python format.""" await ctx.invoke(self.raw, message=message, json=True) -- cgit v1.2.3