nhcarrigan/ephemere
9
0
Fork 0
generated from nhcarrigan/template
Code Issues Pull Requests Actions Releases Activity
Files
1fb18f95b85a19f894a2929fd26ac58dc8e930f1
ephemere/python/cohort/fix_channel_permissions.py
T
hikari ec58c9c843
CI / dependency-pin-check-typescript (push) Successful in 5s
Details
CI / dependency-pin-check-python (push) Successful in 4s
Details
CI / python (push) Successful in 9m28s
Details
CI / typescript (push) Successful in 9m42s
Details
Security Scan and Upload / Security & DefectDojo Upload (push) Successful in 1m39s
Details
feat: reorganise bash scripts and add comprehensive documentation (#6) 
## Summary

This PR completes the bash script restructuring and adds comprehensive documentation across all script categories.

### Bash Restructuring

- Moved cohort shell scripts (`remove_github_members.sh`, `update_github_teams.sh`) from `python/cohort/` into a new `bash/cohort/` directory
- Moved existing bash utilities (`add-keys-to-git.sh`, `fix-yubikey-perms.sh`, `list-yubikey-ssh-keys.sh`) into a new `bash/yubikey/` subdirectory
- Updated `run.sh` to support **Bash** as a third language option alongside TypeScript and Python
  - Bash scripts are run directly (no 1Password secret injection needed)
  - Category discovery and script listing works the same as for TS/Python
  - Removed dead "Root Scripts" logic that was no longer needed

### Documentation

Added `README.md` files for all script categories that were missing them:

- `bash/cohort/README.md` — cohort GitHub team management scripts
- `bash/yubikey/README.md` — YubiKey SSH key and permission utilities
- `typescript/src/crowdin/README.md` — Crowdin translation management scripts
- `typescript/src/discord/README.md` — Discord bot utility scripts
- `typescript/src/discourse/README.md` — Discourse forum management scripts
- `typescript/src/gitea/README.md` — Gitea bulk repository operation scripts
- `typescript/src/github/README.md` — GitHub API interaction scripts
- `typescript/src/music/README.md` — Music file metadata tools
- `typescript/src/s3/README.md` — S3-compatible object storage scripts
- `typescript/src/security/README.md` — Security analysis and reporting scripts
- `python/cohort/README.md` — Updated to remove moved shell scripts, fix usage commands

Also updated project-level docs:

- **`README.md`** — Corrected project structure, fixed running instructions (removed references to non-existent `make run-ts`/`make run-py` targets), added Bash prerequisites
- **`CLAUDE.md`** — Updated project overview, structure, development standards, and script-adding guides to reflect the current state of the project

 This PR was created with help from Hikari~ 🌸

Co-authored-by: Naomi Carrigan <commits@nhcarrigan.com>
Reviewed-on: #6
Co-authored-by: Hikari <hikari@nhcarrigan.com>
Co-committed-by: Hikari <hikari@nhcarrigan.com>
2026-02-23 20:18:41 -08:00

130 lines
4.1 KiB
Python
Raw Blame History

#!/usr/bin/env python3
"""Fix Send Messages / Send Messages in Threads permissions for a Discord channel.
Denies Send Messages and Send Messages in Threads for both @everyone and the
@cohort role on the target channel. Update CHANNEL_ID and COHORT_ROLE_ID before
running.
Data files (place in data/):
- None
Env vars:
- DISCORD_BOT_TOKEN Bot token for the Discord API
"""
import asyncio
import os
import aiohttp
DISCORD_BOT_TOKEN = os.environ["DISCORD_BOT_TOKEN"]
BASE_URL = "https://discord.com/api/v10"
GUILD_ID = "739845668582981683"
CHANNEL_ID = "1467964405646885237"
SEND_MESSAGES = 0x0000000000000800
SEND_MESSAGES_IN_THREADS = 0x0000004000000000
EVERYONE_ROLE_ID = GUILD_ID
COHORT_ROLE_ID = "1390925253102010521"
async def fix_permissions() -> None:
"""Fix the channel permissions."""
headers = {
"Authorization": f"Bot {DISCORD_BOT_TOKEN}",
"Content-Type": "application/json",
}
async with aiohttp.ClientSession() as session:
print("Fetching current channel permissions...")
async with session.get(
f"{BASE_URL}/channels/{CHANNEL_ID}", headers=headers
) as resp:
if resp.status != 200:
error = await resp.text()
print(f"Error fetching channel: {resp.status} - {error}")
return
channel = await resp.json()
print(f"Channel: {channel['name']}")
permission_overwrites = channel.get("permission_overwrites", [])
everyone_overwrite = None
cohort_overwrite = None
for overwrite in permission_overwrites:
if overwrite["id"] == EVERYONE_ROLE_ID:
everyone_overwrite = overwrite
elif overwrite["id"] == COHORT_ROLE_ID:
cohort_overwrite = overwrite
print("\nFixing @everyone permissions...")
if everyone_overwrite:
current_deny = int(everyone_overwrite.get("deny", "0"))
current_allow = int(everyone_overwrite.get("allow", "0"))
new_deny = current_deny | SEND_MESSAGES | SEND_MESSAGES_IN_THREADS
new_allow = current_allow & ~SEND_MESSAGES & ~SEND_MESSAGES_IN_THREADS
payload = {
"type": 0,
"deny": str(new_deny),
"allow": str(new_allow),
}
else:
payload = {
"type": 0,
"deny": str(SEND_MESSAGES | SEND_MESSAGES_IN_THREADS),
"allow": "0",
}
async with session.put(
f"{BASE_URL}/channels/{CHANNEL_ID}/permissions/{EVERYONE_ROLE_ID}",
headers=headers,
json=payload,
) as resp:
if resp.status == 204:
print("✅ @everyone permissions fixed!")
else:
error = await resp.text()
print(f"❌ Error fixing @everyone: {resp.status} - {error}")
print("\nFixing @cohort permissions...")
if cohort_overwrite:
current_deny = int(cohort_overwrite.get("deny", "0"))
current_allow = int(cohort_overwrite.get("allow", "0"))
new_deny = current_deny | SEND_MESSAGES | SEND_MESSAGES_IN_THREADS
new_allow = current_allow & ~SEND_MESSAGES & ~SEND_MESSAGES_IN_THREADS
payload = {
"type": 0,
"deny": str(new_deny),
"allow": str(new_allow),
}
else:
payload = {
"type": 0,
"deny": str(SEND_MESSAGES | SEND_MESSAGES_IN_THREADS),
"allow": "0",
}
async with session.put(
f"{BASE_URL}/channels/{CHANNEL_ID}/permissions/{COHORT_ROLE_ID}",
headers=headers,
json=payload,
) as resp:
if resp.status == 204:
print("✅ @cohort permissions fixed!")
else:
error = await resp.text()
print(f"❌ Error fixing @cohort: {resp.status} - {error}")
print("\n✨ Done! Permissions have been fixed.")
if __name__ == "__main__":
asyncio.run(fix_permissions())
Reference in New Issue View Git Blame Copy Permalink