Permission Overwrites resolving incorrectly. #1253
Comments
|
That's not true at all, on the same level of overwrites an allow always takes precedence over a deny. Discord even confirms this on their permissions help page. I reproduced the setup you described in the last paragraph on a server with no other roles or overwrites and got the result that the member with the two roles was in fact able to send messages. |
|
My apologies, ignore the op.. I must have been tired last night because this morning I discovered I didn't check the box on the lower role I was testing... Testing that specific setup again this morning provided results as you expected... However, if @ everyone has allow, and the specific user has deny: |
bdistin
changed the title
|
That link made me think of one more test, that also failed. Non-everyone Roles overwrite Member Specific overwrites |
bdistin
changed the title
* Fix discordjs#1253 * apparently @ everyone role can be undefined * Fix oops * Fixes possible mutiple roles named '@everyone' * Clean up order/logic
* Fix discordjs#1253 * apparently @ everyone role can be undefined * Fix oops * Fixes possible mutiple roles named '@everyone' * Clean up order/logic
Tested on latest Master.
The bug is in this particular code:for (const overwrite of overwrites.role.concat(overwrites.member)) { permissions &= ~overwrite.deny; allow |= overwrite.allow; } permissions |= allow;This means any allows, no matter where the overwrite is positioned in the overwrites, will super-cede any denys. Which is a problem, because this is not how discord resolves permissions. Discord takes the overwrites for each permission at it's highest position of overwrites, and that is law.Given a member with 2 roles, the higher role has deny send_messages and the lower has allow send_messages; d.js will resolve allow send_messages when in-fact discord will deny send_messages.The text was updated successfully, but these errors were encountered: