generated from nhcarrigan/template
naomi
4fdb5d06f1
- Port 19 cohort scripts from /home/naomi/docs/cohort/ - Replace all hardcoded tokens and dotenv usage with os.environ - Add pandas==3.0.1 dependency - Add E501 to ruff ignore list for Discord message string content - Make remove_resigned_members.py reusable (empty RESIGNED_IDS constant) - Make update_roster_messages.py reusable (iterates all teams from JSON) - Exclude 12 one-off/event-specific scripts as non-reusable
143 lines
4.8 KiB
Python
143 lines
4.8 KiB
Python
#!/usr/bin/env python3
|
|
"""Check cohort-team-* channels for incorrect @everyone or @cohort permissions.
|
|
|
|
Find channels where @everyone or @cohort has Send Messages or
|
|
Send Messages in Threads enabled.
|
|
"""
|
|
|
|
import asyncio
|
|
import os
|
|
|
|
import aiohttp
|
|
|
|
DISCORD_BOT_TOKEN = os.environ["DISCORD_BOT_TOKEN"]
|
|
BASE_URL = "https://discord.com/api/v10"
|
|
GUILD_ID = "739845668582981683"
|
|
|
|
SEND_MESSAGES = 0x0000000000000800
|
|
SEND_MESSAGES_IN_THREADS = 0x0000004000000000
|
|
|
|
|
|
async def check_permissions() -> None:
|
|
"""Check all cohort-team-* channels for permission issues."""
|
|
headers = {"Authorization": f"Bot {DISCORD_BOT_TOKEN}"}
|
|
|
|
async with aiohttp.ClientSession() as session:
|
|
print("Fetching channels...")
|
|
async with session.get(
|
|
f"{BASE_URL}/guilds/{GUILD_ID}/channels", headers=headers
|
|
) as resp:
|
|
if resp.status != 200:
|
|
error = await resp.text()
|
|
print(f"Error fetching channels: {resp.status} - {error}")
|
|
return
|
|
channels = await resp.json()
|
|
|
|
print("Fetching roles...")
|
|
async with session.get(
|
|
f"{BASE_URL}/guilds/{GUILD_ID}/roles", headers=headers
|
|
) as resp:
|
|
if resp.status != 200:
|
|
error = await resp.text()
|
|
print(f"Error fetching roles: {resp.status} - {error}")
|
|
return
|
|
roles = await resp.json()
|
|
|
|
everyone_role_id = GUILD_ID
|
|
|
|
cohort_role_id = None
|
|
for role in roles:
|
|
if "cohort" in role["name"].lower():
|
|
cohort_role_id = role["id"]
|
|
print(f"Found cohort role: {role['name']} ({role['id']})")
|
|
break
|
|
|
|
if not cohort_role_id:
|
|
print("Warning: Could not find @cohort role!")
|
|
|
|
cohort_channels = [
|
|
ch
|
|
for ch in channels
|
|
if ch["name"].startswith("cohort-team-") and ch["type"] == 0
|
|
]
|
|
|
|
print(f"\nFound {len(cohort_channels)} cohort-team-* channels\n")
|
|
|
|
problematic_channels = []
|
|
|
|
for channel in sorted(cohort_channels, key=lambda x: x["name"]):
|
|
channel_name = channel["name"]
|
|
channel_id = channel["id"]
|
|
permission_overwrites = channel.get("permission_overwrites", [])
|
|
|
|
everyone_perms = None
|
|
cohort_perms = None
|
|
|
|
for overwrite in permission_overwrites:
|
|
if overwrite["id"] == everyone_role_id:
|
|
everyone_perms = overwrite
|
|
elif cohort_role_id and overwrite["id"] == cohort_role_id:
|
|
cohort_perms = overwrite
|
|
|
|
issues = []
|
|
|
|
if everyone_perms:
|
|
deny = int(everyone_perms.get("deny", "0"))
|
|
allow = int(everyone_perms.get("allow", "0"))
|
|
|
|
if (allow & SEND_MESSAGES) or not (deny & SEND_MESSAGES):
|
|
issues.append("@everyone can send messages")
|
|
|
|
if (allow & SEND_MESSAGES_IN_THREADS) or not (
|
|
deny & SEND_MESSAGES_IN_THREADS
|
|
):
|
|
issues.append("@everyone can send messages in threads")
|
|
else:
|
|
issues.append(
|
|
"@everyone has no permission overwrite (inheriting server perms)"
|
|
)
|
|
|
|
if cohort_perms and cohort_role_id:
|
|
deny = int(cohort_perms.get("deny", "0"))
|
|
allow = int(cohort_perms.get("allow", "0"))
|
|
|
|
if (allow & SEND_MESSAGES) or not (deny & SEND_MESSAGES):
|
|
issues.append("@cohort can send messages")
|
|
|
|
if (allow & SEND_MESSAGES_IN_THREADS) or not (
|
|
deny & SEND_MESSAGES_IN_THREADS
|
|
):
|
|
issues.append("@cohort can send messages in threads")
|
|
elif cohort_role_id:
|
|
issues.append(
|
|
"@cohort has no permission overwrite (inheriting server perms)"
|
|
)
|
|
|
|
if issues:
|
|
problematic_channels.append(
|
|
{"name": channel_name, "id": channel_id, "issues": issues}
|
|
)
|
|
print(f"❌ {channel_name}")
|
|
for issue in issues:
|
|
print(f" - {issue}")
|
|
else:
|
|
print(f"✅ {channel_name}")
|
|
|
|
print("\n" + "=" * 60)
|
|
print(
|
|
f"\nSummary: {len(problematic_channels)} channels with permission issues\n"
|
|
)
|
|
|
|
if problematic_channels:
|
|
print("Problematic channels:")
|
|
for ch in problematic_channels:
|
|
print(f"\n{ch['name']} (ID: {ch['id']})")
|
|
for issue in ch["issues"]:
|
|
print(f" • {issue}")
|
|
else:
|
|
print("All channels have correct permissions! 🎉")
|
|
|
|
|
|
if __name__ == "__main__":
|
|
asyncio.run(check_permissions())
|