Kuby/commandes/ticket/utils/permissions.py

93 lines
2.9 KiB
Python
Raw Normal View History

2026-01-14 21:32:20 +01:00
"""
Ticket Permissions Utility
==========================
Centralized permission logic for the ticket system.
"""
import discord
from typing import TYPE_CHECKING, Optional
if TYPE_CHECKING:
from ..data.models import GuildTicketConfig
def is_staff(interaction: discord.Interaction, config: 'GuildTicketConfig') -> bool:
"""
Check if the user has staff permissions.
Checks:
1. Administrator permission
2. Staff roles
3. Staff users (specific user IDs)
"""
# Get user and permissions based on object type
user = getattr(interaction, "author", getattr(interaction, "user", None))
if not user:
return False
if user.guild_permissions.administrator:
return True
# Check specific users
if user.id in config.staff_users:
return True
# Check roles
for role_id in config.staff_roles:
role = interaction.guild.get_role(int(role_id))
if role and role in user.roles:
return True
return False
def can_access_config(interaction: discord.Interaction, config: 'GuildTicketConfig') -> bool:
"""
Check if the user can access the configuration.
Checks:
1. Administrator permission
2. Config roles
3. Config users
4. Staff permissions (staff can often access basic config or view panels)
Note: This function is strictly for CONFIG access.
If staff should access config, add them to config roles or check is_staff too.
In this implementation, we check specific config permissions.
"""
# Get user and permissions based on object type
user = getattr(interaction, "author", getattr(interaction, "user", None))
if not user:
return False
if user.guild_permissions.administrator:
return True
# Check specific users
if user.id in config.config_users:
return True
# Check config roles
for role_id in config.config_roles:
role = interaction.guild.get_role(int(role_id))
if role and role in user.roles:
return True
# Also check legacy/migrated staff roles if they imply config access?
# For now, we keep it strict: config access requires explicit config permission.
return False
def is_whitelisted(interaction: discord.Interaction, config: 'GuildTicketConfig', bot) -> bool:
"""
Check if user is whitelisted or has staff/config permissions.
"""
# Staff and config users are always whitelisted
if is_staff(interaction, config) or can_access_config(interaction, config):
return True
# Check whitelist cog
whitelist_cog = bot.get_cog("WhitelistMonitor")
if not whitelist_cog:
# If whitelist system not available, deny unless staff/config
return False
return whitelist_cog.is_whitelisted(interaction.guild.id, interaction.user.id)