From daadb5fe85d32cd86f46fd915073ba75138c9401 Mon Sep 17 00:00:00 2001 From: Isaac Date: Fri, 10 Mar 2023 23:37:40 +0000 Subject: [PATCH] fix: check roles for staff-only commands --- src/commands/slash/move.js | 18 +++++++++++++++++- src/commands/slash/priority.js | 15 +++++++++++++++ src/i18n/en-GB.yml | 11 ++++++++++- src/lib/tickets/manager.js | 28 ++++++++++++++++++++++++++++ 4 files changed, 70 insertions(+), 2 deletions(-) diff --git a/src/commands/slash/move.js b/src/commands/slash/move.js index 4083ff6..25c582c 100644 --- a/src/commands/slash/move.js +++ b/src/commands/slash/move.js @@ -1,6 +1,7 @@ const { SlashCommand } = require('@eartharoid/dbf'); const { ApplicationCommandOptionType } = require('discord.js'); const ExtendedEmbedBuilder = require('../../lib/embed'); +const { isStaff } = require('../../lib/users'); module.exports = class MoveSlashCommand extends SlashCommand { constructor(client, options) { @@ -62,10 +63,25 @@ module.exports = class MoveSlashCommand extends SlashCommand { }); } + const getMessage = client.i18n.getLocale(ticket.guild.locale); + + if (!(await isStaff(interaction.guild, interaction.user.id))) { // if user is not staff + return await interaction.editReply({ + embeds: [ + new ExtendedEmbedBuilder({ + iconURL: interaction.guild.iconURL(), + text: ticket.guild.footer, + }) + .setColor(ticket.guild.errorColour) + .setTitle(getMessage('commands.slash.move.not_staff.title')) + .setDescription(getMessage('commands.slash.move.not_staff.description')), + ], + }); + } + const creator = await interaction.guild.members.fetch(ticket.createdById); const newCategory = await client.prisma.category.findUnique({ where: { id: interaction.options.getInteger('category', true) } }); const discordCategory = await interaction.guild.channels.fetch(newCategory.discordCategory); - const getMessage = client.i18n.getLocale(ticket.guild.locale); if (discordCategory.children.cache.size === 50) { return await interaction.editReply({ diff --git a/src/commands/slash/priority.js b/src/commands/slash/priority.js index b46c0c8..2a44394 100644 --- a/src/commands/slash/priority.js +++ b/src/commands/slash/priority.js @@ -2,6 +2,7 @@ const { SlashCommand } = require('@eartharoid/dbf'); const { ApplicationCommandOptionType } = require('discord.js'); const ExtendedEmbedBuilder = require('../../lib/embed'); const { logTicketEvent } = require('../../lib/logging'); +const { isStaff } = require('../../lib/users'); module.exports = class PrioritySlashCommand extends SlashCommand { constructor(client, options) { @@ -86,6 +87,20 @@ module.exports = class PrioritySlashCommand extends SlashCommand { }); } + if (!(await isStaff(interaction.guild, interaction.user.id))) { // if user is not staff + return await interaction.editReply({ + embeds: [ + new ExtendedEmbedBuilder({ + iconURL: interaction.guild.iconURL(), + text: ticket.guild.footer, + }) + .setColor(ticket.guild.errorColour) + .setTitle(getMessage('commands.slash.move.not_staff.title')) + .setDescription(getMessage('commands.slash.move.not_staff.description')), + ], + }); + } + const priority = interaction.options.getString('priority', true); let name = interaction.channel.name; if (ticket.priority) name = name.replace(this.getEmoji(ticket.priority), this.getEmoji(priority)); diff --git a/src/i18n/en-GB.yml b/src/i18n/en-GB.yml index 72e59b8..26e09d8 100644 --- a/src/i18n/en-GB.yml +++ b/src/i18n/en-GB.yml @@ -64,6 +64,9 @@ commands: claim: description: Claim a ticket name: claim + not_staff: + description: Only staff members can claim tickets. + title: ❌ Error close: description: Request a ticket to be closed invalid_time: @@ -126,6 +129,9 @@ commands: description: Move a ticket to another category moved: 🗃️ {by} has moved this ticket from **{from}** to **{to}**. name: move + not_staff: + description: Only staff members can move tickets. + title: ❌ Error options: category: description: The category to move the ticket to @@ -140,6 +146,9 @@ commands: priority: description: Set the priority of a ticket name: priority + not_staff: + description: Only staff members can change the priority of tickets. + title: ❌ Error options: priority: choices: @@ -158,7 +167,7 @@ commands: description: Remove a member from a ticket name: remove not_staff: - description: Only staff members can removed members from others' tickets. + description: Only staff members can remove members from others' tickets. title: ❌ Error options: member: diff --git a/src/lib/tickets/manager.js b/src/lib/tickets/manager.js index 4ab35d2..f744d54 100644 --- a/src/lib/tickets/manager.js +++ b/src/lib/tickets/manager.js @@ -698,6 +698,20 @@ module.exports = class TicketManager { }); const getMessage = this.client.i18n.getLocale(ticket.guild.locale); + if (!(await isStaff(interaction.guild, interaction.user.id))) { // if user is not staff + return await interaction.editReply({ + embeds: [ + new ExtendedEmbedBuilder({ + iconURL: interaction.guild.iconURL(), + text: ticket.guild.footer, + }) + .setColor(ticket.guild.errorColour) + .setTitle(getMessage('commands.slash.claim.not_staff.title')) + .setDescription(getMessage('commands.slash.claim.not_staff.description')), + ], + }); + } + await Promise.all([ interaction.channel.permissionOverwrites.edit(interaction.user, { 'ViewChannel': true }, `Ticket claimed by ${interaction.user.tag}`), ...ticket.category.staffRoles.map(role => interaction.channel.permissionOverwrites.edit(role, { 'ViewChannel': false }, `Ticket claimed by ${interaction.user.tag}`)), @@ -784,6 +798,20 @@ module.exports = class TicketManager { }); const getMessage = this.client.i18n.getLocale(ticket.guild.locale); + if (!(await isStaff(interaction.guild, interaction.user.id))) { // if user is not staff + return await interaction.editReply({ + embeds: [ + new ExtendedEmbedBuilder({ + iconURL: interaction.guild.iconURL(), + text: ticket.guild.footer, + }) + .setColor(ticket.guild.errorColour) + .setTitle(getMessage('commands.slash.claim.not_staff.title')) + .setDescription(getMessage('commands.slash.claim.not_staff.description')), + ], + }); + } + await Promise.all([ interaction.channel.permissionOverwrites.delete(interaction.user, `Ticket released by ${interaction.user.tag}`), ...ticket.category.staffRoles.map(role => interaction.channel.permissionOverwrites.edit(role, { 'ViewChannel': true }, `Ticket released by ${interaction.user.tag}`)),