Toutsu/GmRelayBot
1
1
Fork 0
Code Issues 18 Pull Requests Actions Packages Projects Releases 86 Wiki Activity

fix(discord): resolve permission checking for /newsession command

Browse Source 
- DiscordPermissionChecker: removed dead-code userRoles overload;
  now only uses resolvedPermissions bitflag (Administrator = 0x8).
- DiscordNewSessionCommand: computes resolved permissions from guild
  user roles via Context.Guild.Users[Id].RoleIds + guild.Roles.
- DiscordNewSessionHandler: updated signature to accept ulong
  resolvedPermissions instead of unused userRoles.
- Added ILogger to command for diagnostics on unexpected errors.
- Added test: regular user with ManageServer (but not Admin) is rejected.

Refs issue #28

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Toutsu
2026-05-19 12:30:25 +03:00
parent 474e7f62f7
commit daa59335cc
6 changed files with 1179 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/GmRelay.Bot.Tests/Discord/DiscordPermissionCheckerTests.cs
+19 -6
View File
@@ -11,8 +11,8 @@ public sealed class DiscordPermissionCheckerTests
var result = checker.CanManageSchedule(
guildOwnerId: 123456789ul,
userId: 123456789ul,
userRoles: Array.Empty<ulong>(),
dbManagerUserIds: Array.Empty<ulong>());
dbManagerUserIds: Array.Empty<ulong>(),
resolvedPermissions: 0);
Assert.True(result);
}
@@ -38,8 +38,8 @@ public sealed class DiscordPermissionCheckerTests
var result = checker.CanManageSchedule(
guildOwnerId: 123456789ul,
userId: managerId,
userRoles: Array.Empty<ulong>(),
dbManagerUserIds: new[] { managerId });
dbManagerUserIds: new[] { managerId },
resolvedPermissions: 0);
Assert.True(result);
}
@@ -51,8 +51,21 @@ public sealed class DiscordPermissionCheckerTests
var result = checker.CanManageSchedule(
guildOwnerId: 123456789ul,
userId: 111ul,
userRoles: Array.Empty<ulong>(),
dbManagerUserIds: new[] { 222ul });
dbManagerUserIds: new[] { 222ul },
resolvedPermissions: 0);
Assert.False(result);
}
[Fact]
public void CanManageSchedule_WhenUserHasOtherPermissionButNotAdmin_ReturnsFalse()
{
var checker = new DiscordPermissionChecker();
var result = checker.CanManageSchedule(
guildOwnerId: 123456789ul,
userId: 111ul,
dbManagerUserIds: Array.Empty<ulong>(),
resolvedPermissions: 0x4); // ManageServer, not Administrator
Assert.False(result);
}