liz/PluralKit
liz/PluralKit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use AllowedMentions to disable mentions everywhere by default

Browse Source
This commit is contained in:
Ske 2020-06-20 17:33:10 +02:00
parent ff7b728762
commit 2c35649ef0
9 changed files with 32 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
PluralKit.Bot/Bot.cs
View File

@ -155,7 +155,7 @@ namespace PluralKit.Bot
if (reportChannel != null && reportChannel.BotHasAllPermissions(Permissions.SendMessages)) if (reportChannel != null && reportChannel.BotHasAllPermissions(Permissions.SendMessages))
{ {
var eid = sentryEvent.EventId; var eid = sentryEvent.EventId;
await reportChannel.SendMessageAsync( await reportChannel.SendMessageFixedAsync(
$"{Emojis.Error} Internal error occurred. Please join the support server (<https://discord.gg/PczBt78>), and send the developer this ID: `{eid}`\nBe sure to include a description of what you were doing to make the error occur."); $"{Emojis.Error} Internal error occurred. Please join the support server (<https://discord.gg/PczBt78>), and send the developer this ID: `{eid}`\nBe sure to include a description of what you were doing to make the error occur.");
} }
} }

6
PluralKit.Bot/CommandSystem/Context.cs
View File

@ -1,4 +1,5 @@
using System; using System;
using System.Collections.Generic;
using System.Linq; using System.Linq;
using System.Threading.Tasks; using System.Threading.Tasks;
@ -66,7 +67,7 @@ namespace PluralKit.Bot
public bool HasNext(bool skipFlags = true) => RemainderOrNull(skipFlags) != null; public bool HasNext(bool skipFlags = true) => RemainderOrNull(skipFlags) != null;
public string FullCommand => _parameters.FullCommand; public string FullCommand => _parameters.FullCommand;
public Task<DiscordMessage> Reply(string text = null, DiscordEmbed embed = null) public Task<DiscordMessage> Reply(string text = null, DiscordEmbed embed = null, IEnumerable<IMention> mentions = null)
{ {
if (!this.BotHasAllPermissions(Permissions.SendMessages)) if (!this.BotHasAllPermissions(Permissions.SendMessages))
// Will be "swallowed" during the error handler anyway, this message is never shown. // Will be "swallowed" during the error handler anyway, this message is never shown.
@ -74,8 +75,7 @@ namespace PluralKit.Bot
if (embed != null && !this.BotHasAllPermissions(Permissions.EmbedLinks)) if (embed != null && !this.BotHasAllPermissions(Permissions.EmbedLinks))
throw new PKError("PluralKit does not have permission to send embeds in this channel. Please ensure I have the **Embed Links** permission enabled."); throw new PKError("PluralKit does not have permission to send embeds in this channel. Please ensure I have the **Embed Links** permission enabled.");
return Channel.SendMessageFixedAsync(text, embed: embed, mentions: mentions);
return Channel.SendMessageAsync(text, embed: embed);
} }
/// <summary> /// <summary>

5
PluralKit.Bot/Commands/SystemLink.cs
View File

@ -1,6 +1,8 @@
using System.Linq; using System.Linq;
using System.Threading.Tasks; using System.Threading.Tasks;
using DSharpPlus.Entities;
using PluralKit.Core; using PluralKit.Core;
namespace PluralKit.Bot namespace PluralKit.Bot
@ -25,7 +27,8 @@ namespace PluralKit.Bot
var existingAccount = await _data.GetSystemByAccount(account.Id); var existingAccount = await _data.GetSystemByAccount(account.Id);
if (existingAccount != null) throw Errors.AccountInOtherSystem(existingAccount); if (existingAccount != null) throw Errors.AccountInOtherSystem(existingAccount);
var msg = await ctx.Reply($"{account.Mention}, please confirm the link by clicking the {Emojis.Success} reaction on this message."); var msg = await ctx.Reply($"{account.Mention}, please confirm the link by clicking the {Emojis.Success} reaction on this message.",
mentions: new IMention[] { new UserMention(account) });
if (!await ctx.PromptYesNo(msg, user: account)) throw Errors.MemberLinkCancelled; if (!await ctx.PromptYesNo(msg, user: account)) throw Errors.MemberLinkCancelled;
await _data.AddAccount(ctx.System, account.Id); await _data.AddAccount(ctx.System, account.Id);
await ctx.Reply($"{Emojis.Success} Account linked to system."); await ctx.Reply($"{Emojis.Success} Account linked to system.");

8
PluralKit.Bot/Commands/Token.cs
View File

@ -29,8 +29,8 @@ namespace PluralKit.Bot
// DM the user a security disclaimer, and then the token in a separate message (for easy copying on mobile) // DM the user a security disclaimer, and then the token in a separate message (for easy copying on mobile)
var dm = await ctx.Rest.CreateDmAsync(ctx.Author.Id); var dm = await ctx.Rest.CreateDmAsync(ctx.Author.Id);
await dm.SendMessageAsync($"{Emojis.Warn} Please note that this grants access to modify (and delete!) all your system data, so keep it safe and secure. If it leaks or you need a new one, you can invalidate this one with `pk;token refresh`.\n\nYour token is below:"); await dm.SendMessageFixedAsync($"{Emojis.Warn} Please note that this grants access to modify (and delete!) all your system data, so keep it safe and secure. If it leaks or you need a new one, you can invalidate this one with `pk;token refresh`.\n\nYour token is below:");
await dm.SendMessageAsync(token); await dm.SendMessageFixedAsync(token);
} }
private async Task<string> MakeAndSetNewToken(PKSystem system) private async Task<string> MakeAndSetNewToken(PKSystem system)
@ -63,8 +63,8 @@ namespace PluralKit.Bot
// DM the user an invalidation disclaimer, and then the token in a separate message (for easy copying on mobile) // DM the user an invalidation disclaimer, and then the token in a separate message (for easy copying on mobile)
var dm = await ctx.Rest.CreateDmAsync(ctx.Author.Id); var dm = await ctx.Rest.CreateDmAsync(ctx.Author.Id);
await dm.SendMessageAsync($"{Emojis.Warn} Your previous API token has been invalidated. You will need to change it anywhere it's currently used.\n\nYour token is below:"); await dm.SendMessageFixedAsync($"{Emojis.Warn} Your previous API token has been invalidated. You will need to change it anywhere it's currently used.\n\nYour token is below:");
await dm.SendMessageAsync(token); await dm.SendMessageFixedAsync(token);
} }
} }
} }

2
PluralKit.Bot/Handlers/MessageCreated.cs
View File

@ -122,7 +122,7 @@ namespace PluralKit.Bot
// User-facing errors, print to the channel properly formatted // User-facing errors, print to the channel properly formatted
var msg = evt.Message; var msg = evt.Message;
if (msg.Channel.Guild == null || msg.Channel.BotHasAllPermissions(Permissions.SendMessages)) if (msg.Channel.Guild == null || msg.Channel.BotHasAllPermissions(Permissions.SendMessages))
await msg.Channel.SendMessageAsync($"{Emojis.Error} {e.Message}"); await msg.Channel.SendMessageFixedAsync($"{Emojis.Error} {e.Message}");
} }
return false; return false;

7
PluralKit.Bot/Handlers/ReactionAdded.cs
View File

@ -108,15 +108,16 @@ namespace PluralKit.Bot
{ {
// If the system has pings enabled, go ahead // If the system has pings enabled, go ahead
var embed = new DiscordEmbedBuilder().WithDescription($"[Jump to pinged message]({evt.Message.JumpLink})"); var embed = new DiscordEmbedBuilder().WithDescription($"[Jump to pinged message]({evt.Message.JumpLink})");
await evt.Channel.SendMessageAsync($"Psst, **{msg.Member.DisplayName()}** (<@{msg.Message.Sender}>), you have been pinged by <@{evt.User.Id}>.", embed: embed.Build()); await evt.Channel.SendMessageFixedAsync($"Psst, **{msg.Member.DisplayName()}** (<@{msg.Message.Sender}>), you have been pinged by <@{evt.User.Id}>.", embed: embed.Build(),
new IMention[] {new UserMention(msg.Message.Sender) });
} }
else else
{ {
// If not, tell them in DMs (if we can) // If not, tell them in DMs (if we can)
try try
{ {
await guildUser.SendMessageAsync($"{Emojis.Error} {msg.Member.DisplayName()}'s system has disabled reaction pings. If you want to mention them anyway, you can copy/paste the following message:"); await guildUser.SendMessageFixedAsync($"{Emojis.Error} {msg.Member.DisplayName()}'s system has disabled reaction pings. If you want to mention them anyway, you can copy/paste the following message:");
await guildUser.SendMessageAsync($"`<@{msg.Message.Sender}>`"); await guildUser.SendMessageFixedAsync($"`<@{msg.Message.Sender}>`");
} }
catch (UnauthorizedException) { } catch (UnauthorizedException) { }
} }

4
PluralKit.Bot/Proxy/ProxyService.cs
View File

@ -130,14 +130,14 @@ namespace PluralKit.Bot
if ((permissions & Permissions.ManageWebhooks) == 0) if ((permissions & Permissions.ManageWebhooks) == 0)
{ {
// todo: PKError-ify these // todo: PKError-ify these
await channel.SendMessageAsync( await channel.SendMessageFixedAsync(
$"{Emojis.Error} PluralKit does not have the *Manage Webhooks* permission in this channel, and thus cannot proxy messages. Please contact a server administrator to remedy this."); $"{Emojis.Error} PluralKit does not have the *Manage Webhooks* permission in this channel, and thus cannot proxy messages. Please contact a server administrator to remedy this.");
return false; return false;
} }
if ((permissions & Permissions.ManageMessages) == 0) if ((permissions & Permissions.ManageMessages) == 0)
{ {
await channel.SendMessageAsync( await channel.SendMessageFixedAsync(
$"{Emojis.Error} PluralKit does not have the *Manage Messages* permission in this channel, and thus cannot delete the original trigger message. Please contact a server administrator to remedy this."); $"{Emojis.Error} PluralKit does not have the *Manage Messages* permission in this channel, and thus cannot delete the original trigger message. Please contact a server administrator to remedy this.");
return false; return false;
} }

2
PluralKit.Bot/Services/LogChannelService.cs
View File

@ -44,7 +44,7 @@ namespace PluralKit.Bot {
await conn.QueryMember(proxy.Member.Id), hookMessage, trigger.Id, trigger.Author, proxy.Content, await conn.QueryMember(proxy.Member.Id), hookMessage, trigger.Id, trigger.Author, proxy.Content,
trigger.Channel); trigger.Channel);
var url = $"https://discord.com/channels/{trigger.Channel.GuildId}/{trigger.ChannelId}/{hookMessage}"; var url = $"https://discord.com/channels/{trigger.Channel.GuildId}/{trigger.ChannelId}/{hookMessage}";
await logChannel.SendMessageAsync(content: url, embed: embed); await logChannel.SendMessageFixedAsync(content: url, embed: embed);
} }
private async Task<DiscordChannel> FindLogChannel(ulong guild, ulong channel) private async Task<DiscordChannel> FindLogChannel(ulong guild, ulong channel)

12
PluralKit.Bot/Utils/DiscordUtils.cs
View File

@ -105,5 +105,17 @@ namespace PluralKit.Bot
// Workaround for https://github.com/DSharpPlus/DSharpPlus/issues/565 // Workaround for https://github.com/DSharpPlus/DSharpPlus/issues/565
return input?.Replace("%20", "+"); return input?.Replace("%20", "+");
} }
// Passing an empty list (counter-intuitively) *allows* all mentions through (even if non-null)
// So we add a single "bogus" user mention for ID=1 that'll never actually resolve, and thus block all (other) mentions
private static readonly IEnumerable<IMention> DenyAllMentions = new IMention[] {new UserMention(1)};
public static Task<DiscordMessage> SendMessageFixedAsync(this DiscordChannel channel, string content = null, DiscordEmbed embed = null, IEnumerable<IMention> mentions = null) =>
channel.SendMessageAsync(content, embed: embed, mentions: mentions ?? DenyAllMentions);
// This doesn't do anything by itself (DiscordMember.SendMessageAsync doesn't take a mentions argument)
// It's just here for consistency so we don't use the standard SendMessageAsync method >.>
public static Task<DiscordMessage> SendMessageFixedAsync(this DiscordMember member, string content = null, DiscordEmbed embed = null) =>
member.SendMessageAsync(content, embed: embed);
} }
} }