Permissions redesign (#2149)

API changes: - Cogs must now inherit from `commands.Cog` (see #2151 for discussion and more details) - All functions which are not decorators in the `redbot.core.checks` module are now deprecated in favour of their counterparts in `redbot.core.utils.mod`. This is to make this module more consistent and end the confusing naming convention. - `redbot.core.checks.check_overrides` function is now gone, overrideable checks can now be created with the `@commands.permissions_check` decorator - Command, Group, Cog and Context have some new attributes and methods, but they are for internal use so shouldn't concern cog creators (unless they're making a permissions cog!). - `__permissions_check_before` and `__permissions_check_after` have been replaced: A cog method named `__permissions_hook` will be evaluated as permissions hooks in the same way `__permissions_check_before` previously was. Permissions hooks can also be added/removed/verified through the new `*_permissions_hook()` methods on the bot object, and they will be verified even when permissions is unloaded. - New utility method `redbot.core.utils.chat_formatting.humanize_list` - New dependency [`schema`](https://github.com/keleshev/schema) User-facing changes: - When a `@bot_has_permissions` check fails, the bot will respond saying what permissions were actually missing. - All YAML-related `[p]permissions` subcommands now reside under the `[p]permissions acl` sub-group (tbh I still think the whole cog has too many top-level commands) - The YAML schema for these commands has been changed - A rule cannot be set as allow and deny at the same time (previously this would just default to allow) Documentation: - New documentation for `redbot.core.commands.requires` and `redbot.core.checks` modules - Renewed documentation for the permissions cog - `sphinx.ext.doctest` is now enabled Note: standard discord.py checks will still behave exactly the same way, in fact they are checked before `Requires` is looked at, so they are not overrideable. Signed-off-by: Toby Harradine <tobyharradine@gmail.com>
2025-11-21 10:17:59 -05:00 · 2018-10-01 13:19:25 +10:00
parent f07b78bd0d
commit 0870403299
53 changed files with 2026 additions and 1044 deletions
--- a/redbot/core/events.py
+++ b/redbot/core/events.py
@@ -5,6 +5,7 @@ import logging
 import traceback
 from datetime import timedelta
 from distutils.version import StrictVersion
+from typing import List

 import aiohttp
 import discord
@@ -14,7 +15,7 @@ from pkg_resources import DistributionNotFound

 from . import __version__, commands
 from .data_manager import storage_type
-from .utils.chat_formatting import inline, bordered
+from .utils.chat_formatting import inline, bordered, humanize_list
 from .utils import fuzzy_command_search, format_fuzzy_results

 log = logging.getLogger("red")
@@ -67,6 +68,14 @@ def init_events(bot, cli_flags):
            packages.extend(cli_flags.load_cogs)

        if packages:
+            # Load permissions first, for security reasons
+            try:
+                packages.remove("permissions")
+            except ValueError:
+                pass
+            else:
+                packages.insert(0, "permissions")
+
            to_remove = []
            print("Loading packages...")
            for package in packages:
@@ -227,6 +236,21 @@ def init_events(bot, cli_flags):
                await ctx.send(embed=await format_fuzzy_results(ctx, fuzzy_commands, embed=True))
            else:
                await ctx.send(await format_fuzzy_results(ctx, fuzzy_commands, embed=False))
+        elif isinstance(error, commands.BotMissingPermissions):
+            missing_perms: List[str] = []
+            for perm, value in error.missing:
+                if value is True:
+                    perm_name = '"' + perm.replace("_", " ").title() + '"'
+                    missing_perms.append(perm_name)
+            if len(missing_perms) == 1:
+                plural = ""
+            else:
+                plural = "s"
+            await ctx.send(
+                "I require the {perms} permission{plural} to execute that command.".format(
+                    perms=humanize_list(missing_perms), plural=plural
+                )
+            )
        elif isinstance(error, commands.CheckFailure):
            pass
        elif isinstance(error, commands.NoPrivateMessage):