feat: port remaining cohort scripts and make reusable

- Port 19 cohort scripts from /home/naomi/docs/cohort/ - Replace all hardcoded tokens and dotenv usage with os.environ - Add pandas==3.0.1 dependency - Add E501 to ruff ignore list for Discord message string content - Make remove_resigned_members.py reusable (empty RESIGNED_IDS constant) - Make update_roster_messages.py reusable (iterates all teams from JSON) - Exclude 12 one-off/event-specific scripts as non-reusable
2026-02-23 15:23:10 -08:00
parent e481823e06
commit 4fdb5d06f1
20 changed files with 2108 additions and 1 deletions
@@ -0,0 +1,142 @@
+#!/usr/bin/env python3
+"""Check cohort-team-* channels for incorrect @everyone or @cohort permissions.
+
+Find channels where @everyone or @cohort has Send Messages or
+Send Messages in Threads enabled.
+"""
+
+import asyncio
+import os
+
+import aiohttp
+
+DISCORD_BOT_TOKEN = os.environ["DISCORD_BOT_TOKEN"]
+BASE_URL = "https://discord.com/api/v10"
+GUILD_ID = "739845668582981683"
+
+SEND_MESSAGES = 0x0000000000000800
+SEND_MESSAGES_IN_THREADS = 0x0000004000000000
+
+
+async def check_permissions() -> None:
+    """Check all cohort-team-* channels for permission issues."""
+    headers = {"Authorization": f"Bot {DISCORD_BOT_TOKEN}"}
+
+    async with aiohttp.ClientSession() as session:
+        print("Fetching channels...")
+        async with session.get(
+            f"{BASE_URL}/guilds/{GUILD_ID}/channels", headers=headers
+        ) as resp:
+            if resp.status != 200:
+                error = await resp.text()
+                print(f"Error fetching channels: {resp.status} - {error}")
+                return
+            channels = await resp.json()
+
+        print("Fetching roles...")
+        async with session.get(
+            f"{BASE_URL}/guilds/{GUILD_ID}/roles", headers=headers
+        ) as resp:
+            if resp.status != 200:
+                error = await resp.text()
+                print(f"Error fetching roles: {resp.status} - {error}")
+                return
+            roles = await resp.json()
+
+        everyone_role_id = GUILD_ID
+
+        cohort_role_id = None
+        for role in roles:
+            if "cohort" in role["name"].lower():
+                cohort_role_id = role["id"]
+                print(f"Found cohort role: {role['name']} ({role['id']})")
+                break
+
+        if not cohort_role_id:
+            print("Warning: Could not find @cohort role!")
+
+        cohort_channels = [
+            ch
+            for ch in channels
+            if ch["name"].startswith("cohort-team-") and ch["type"] == 0
+        ]
+
+        print(f"\nFound {len(cohort_channels)} cohort-team-* channels\n")
+
+        problematic_channels = []
+
+        for channel in sorted(cohort_channels, key=lambda x: x["name"]):
+            channel_name = channel["name"]
+            channel_id = channel["id"]
+            permission_overwrites = channel.get("permission_overwrites", [])
+
+            everyone_perms = None
+            cohort_perms = None
+
+            for overwrite in permission_overwrites:
+                if overwrite["id"] == everyone_role_id:
+                    everyone_perms = overwrite
+                elif cohort_role_id and overwrite["id"] == cohort_role_id:
+                    cohort_perms = overwrite
+
+            issues = []
+
+            if everyone_perms:
+                deny = int(everyone_perms.get("deny", "0"))
+                allow = int(everyone_perms.get("allow", "0"))
+
+                if (allow & SEND_MESSAGES) or not (deny & SEND_MESSAGES):
+                    issues.append("@everyone can send messages")
+
+                if (allow & SEND_MESSAGES_IN_THREADS) or not (
+                    deny & SEND_MESSAGES_IN_THREADS
+                ):
+                    issues.append("@everyone can send messages in threads")
+            else:
+                issues.append(
+                    "@everyone has no permission overwrite (inheriting server perms)"
+                )
+
+            if cohort_perms and cohort_role_id:
+                deny = int(cohort_perms.get("deny", "0"))
+                allow = int(cohort_perms.get("allow", "0"))
+
+                if (allow & SEND_MESSAGES) or not (deny & SEND_MESSAGES):
+                    issues.append("@cohort can send messages")
+
+                if (allow & SEND_MESSAGES_IN_THREADS) or not (
+                    deny & SEND_MESSAGES_IN_THREADS
+                ):
+                    issues.append("@cohort can send messages in threads")
+            elif cohort_role_id:
+                issues.append(
+                    "@cohort has no permission overwrite (inheriting server perms)"
+                )
+
+            if issues:
+                problematic_channels.append(
+                    {"name": channel_name, "id": channel_id, "issues": issues}
+                )
+                print(f"❌ {channel_name}")
+                for issue in issues:
+                    print(f"   - {issue}")
+            else:
+                print(f"✅ {channel_name}")
+
+        print("\n" + "=" * 60)
+        print(
+            f"\nSummary: {len(problematic_channels)} channels with permission issues\n"
+        )
+
+        if problematic_channels:
+            print("Problematic channels:")
+            for ch in problematic_channels:
+                print(f"\n{ch['name']} (ID: {ch['id']})")
+                for issue in ch["issues"]:
+                    print(f"  • {issue}")
+        else:
+            print("All channels have correct permissions! 🎉")
+
+
+if __name__ == "__main__":
+    asyncio.run(check_permissions())