fix: some access control issues

.github/PULL_REQUEST_TEMPLATE.md

@@ -15,3 +15,4 @@
 - [ ] New localizations have been added
 - [ ] Documentation on ``docs.suggestions.gg`` has been updated
 - [ ] Do these changes make sure not to expose anonymous suggestion authors?
+- [ ] Do these changes have the correct default discord permissions setup?

requirements.txt

@@ -1,12 +1,12 @@
 aiodns==3.0.0
-aiohttp==3.8.1
 aiosignal==1.2.0
 alaric==1.2.0
 anyio==4.2.0
 async-timeout==4.0.2
 attrs==21.4.0
 Bot-Base==1.7.1
 Brotli==1.0.9
+black==24.3.0
 causar==0.2.0
 cchardet==2.1.7
 certifi==2023.11.17

suggestions/abc/loadable.py

@@ -3,5 +3,4 @@
 
 @runtime_checkable
 class Loadable(Protocol):
-    async def load(self):
-        ...
+    async def load(self): ...

suggestions/cogs/blacklist_cog.py

@@ -20,13 +20,14 @@ def __init__(self, bot):
         self.bot: SuggestionsBot = bot
         self.state: State = self.bot.state
 
-    @commands.slash_command()
-    async def user(self, interaction: disnake.GuildCommandInteraction):
-        ...
+    @commands.slash_command(
+        dm_permission=False,
+        default_member_permissions=disnake.Permissions(manage_guild=True),
+    )
+    async def user(self, interaction: disnake.GuildCommandInteraction): ...
 
     @user.sub_command_group()
-    async def blocklist(self, interaction: disnake.GuildCommandInteraction):
-        ...
+    async def blocklist(self, interaction: disnake.GuildCommandInteraction): ...
 
     @blocklist.sub_command()
     async def add(

suggestions/cogs/help_guild_cog.py

@@ -79,15 +79,15 @@ async def instance_info(
         cluster_id = (
             1
             if shard_id < 10
-            else 2
-            if shard_id < 20
-            else 3
-            if shard_id < 30
-            else 4
-            if shard_id < 40
-            else 5
-            if shard_id < 50
-            else 6
+            else (
+                2
+                if shard_id < 20
+                else (
+                    3
+                    if shard_id < 30
+                    else 4 if shard_id < 40 else 5 if shard_id < 50 else 6
+                )
+            )
         )
 
         await interaction.send(

suggestions/cogs/suggestions_message_commands.py

@@ -27,7 +27,11 @@ def __init__(self, bot: SuggestionsBot):
         self.state: State = self.bot.state
         self.stats: Stats = self.bot.stats
 
-    @commands.message_command(name="Approve suggestion")
+    @commands.message_command(
+        name="Approve suggestion",
+        dm_permission=False,
+        default_member_permissions=disnake.Permissions(manage_guild=True),
+    )
     @cooldowns.cooldown(1, 3, bucket=InteractionBucket.author)
     @checks.ensure_guild_has_logs_channel_or_keep_logs()
     async def approve_suggestion(self, interaction: disnake.GuildCommandInteraction):
@@ -71,7 +75,11 @@ async def approve_suggestion(self, interaction: disnake.GuildCommandInteraction)
             self.stats.type.APPROVE_BY_MESSAGE_COMMAND,
         )
 
-    @commands.message_command(name="Reject suggestion")
+    @commands.message_command(
+        name="Reject suggestion",
+        dm_permission=False,
+        default_member_permissions=disnake.Permissions(manage_guild=True),
+    )
     @cooldowns.cooldown(1, 3, bucket=InteractionBucket.author)
     @checks.ensure_guild_has_logs_channel_or_keep_logs()
     async def reject_suggestion(self, interaction: disnake.GuildCommandInteraction):

suggestions/exceptions.py

@@ -62,11 +62,10 @@ class BlocklistedUser(CheckFailure):
 class PartialResponse(Exception):
     """A garven route returned a partial response when we require a full response"""
 
-    
+
 class ConflictingHandlerInformation(disnake.DiscordException):
     """Raised when an InteractionHandler class gets both content and a translation key"""
 
-    
+
 class InvalidFileType(disnake.DiscordException):
     """The file you attempted to upload is not allowed."""
-

suggestions/low_level/message_editing.py

@@ -38,8 +38,7 @@ async def edit(
         allowed_mentions: Optional[AllowedMentions] = ...,
         view: Optional[View] = ...,
         components: Optional[Components[MessageUIComponent]] = ...,
-    ) -> None:
-        ...
+    ) -> None: ...
 
     @overload
     async def edit(
@@ -54,8 +53,7 @@ async def edit(
         allowed_mentions: Optional[AllowedMentions] = ...,
         view: Optional[View] = ...,
         components: Optional[Components[MessageUIComponent]] = ...,
-    ) -> None:
-        ...
+    ) -> None: ...
 
     @overload
     async def edit(
@@ -70,8 +68,7 @@ async def edit(
         allowed_mentions: Optional[AllowedMentions] = ...,
         view: Optional[View] = ...,
         components: Optional[Components[MessageUIComponent]] = ...,
-    ) -> None:
-        ...
+    ) -> None: ...
 
     @overload
     async def edit(
@@ -86,8 +83,7 @@ async def edit(
         allowed_mentions: Optional[AllowedMentions] = ...,
         view: Optional[View] = ...,
         components: Optional[Components[MessageUIComponent]] = ...,
-    ) -> None:
-        ...
+    ) -> None: ...
 
     async def edit(self, content: Optional[str] = MISSING, **fields: Any) -> None:
         if self._state.allowed_mentions is not None:

suggestions/telemetry/main.py

@@ -2,6 +2,7 @@
 This module is standalone for the bot but provides
 useful insights and telemetry to repeated information.
 """
+
 import asyncio
 import shutil
 from pathlib import Path

tests/helpers.py

@@ -13,8 +13,7 @@ async def assert_stats_count(
     member_id: int,
     guild_id: int,
     should_be_none: bool,
-):
-    ...
+): ...
 
 
 @overload
@@ -26,8 +25,7 @@ async def assert_stats_count(
     field: str,
     success_count: int = 0,
     failure_count: int = 0,
-):
-    ...
+): ...
 
 
 async def assert_stats_count(

tests/test_disnake.py

@@ -1,4 +1,5 @@
 """Tests library modifications to ensure changes work"""
+
 from unittest.mock import Mock
 
 import disnake