velvox
/
litecord
mirror of https://gitlab.com/litecord/litecord.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

checks: validate when target or user is an owner

This commit is contained in:
Luna 2021-08-30 23:18:28 -03:00
parent 4c2bbe89a1
commit 0c14473a95
1 changed files with 22 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
litecord/blueprints/checks.py
View File

@ -127,10 +127,31 @@ async def _max_role_position(guild_id, member_id) -> Optional[int]:
) )
async def _validate_target_member(guild_id: int, user_id: int, target_member_id: int): async def _validate_target_member(
guild_id: int, user_id: int, target_member_id: int
) -> bool:
owner_id = await storage.db.fetchval(
"""
SELECT owner_id
FROM guilds
WHERE id = $1
""",
guild_id,
)
# owners have all permissions
# if doing an action as an owner, it always works
# if doing an action TO an owner, it always fails
if user_id == owner_id:
return True
if target_member_id == owner_id:
return False
# there is no internal function to fetch full role objects # there is no internal function to fetch full role objects
# (likely because it would be too expensive to do it here), # (likely because it would be too expensive to do it here),
# so instead do a raw sql query. # so instead do a raw sql query.
target_max_position = await _max_role_position(guild_id, target_member_id) target_max_position = await _max_role_position(guild_id, target_member_id)
user_max_position = await _max_role_position(guild_id, user_id) user_max_position = await _max_role_position(guild_id, user_id)