""" Ticket Permissions Utility ========================== Centralized permission logic for the ticket system. """ import discord from typing import TYPE_CHECKING, Optional if TYPE_CHECKING: from ..data.models import GuildTicketConfig def is_staff(interaction: discord.Interaction, config: 'GuildTicketConfig') -> bool: """ Check if the user has staff permissions. Checks: 1. Administrator permission 2. Staff roles 3. Staff users (specific user IDs) """ # Get user and permissions based on object type user = getattr(interaction, "author", getattr(interaction, "user", None)) if not user: return False if user.guild_permissions.administrator: return True # Check specific users if user.id in config.staff_users: return True # Check roles for role_id in config.staff_roles: role = interaction.guild.get_role(int(role_id)) if role and role in user.roles: return True return False def can_access_config(interaction: discord.Interaction, config: 'GuildTicketConfig') -> bool: """ Check if the user can access the configuration. Checks: 1. Administrator permission 2. Config roles 3. Config users 4. Staff permissions (staff can often access basic config or view panels) Note: This function is strictly for CONFIG access. If staff should access config, add them to config roles or check is_staff too. In this implementation, we check specific config permissions. """ # Get user and permissions based on object type user = getattr(interaction, "author", getattr(interaction, "user", None)) if not user: return False if user.guild_permissions.administrator: return True # Check specific users if user.id in config.config_users: return True # Check config roles for role_id in config.config_roles: role = interaction.guild.get_role(int(role_id)) if role and role in user.roles: return True # Also check legacy/migrated staff roles if they imply config access? # For now, we keep it strict: config access requires explicit config permission. return False def is_whitelisted(interaction: discord.Interaction, config: 'GuildTicketConfig', bot) -> bool: """ Check if user is whitelisted or has staff/config permissions. """ # Staff and config users are always whitelisted if is_staff(interaction, config) or can_access_config(interaction, config): return True # Check whitelist cog whitelist_cog = bot.get_cog("WhitelistMonitor") if not whitelist_cog: # If whitelist system not available, deny unless staff/config return False return whitelist_cog.is_whitelisted(interaction.guild.id, interaction.user.id)