Permission System for Discord.py Bot
Question:
I am in the process of making a discord bot using discord.py and asyncio. The bot has commands like kick and ban which obviously should not be available to normal users.
I want to make a simple system which will detect what permissions the user’s role has using ctx.message.author to get the user who sent the command.
I do not want the bot to detect a specific role name as these vary across servers. I also prefer not to have multiple files for the bot to keep it simple.
I have seen the discord.py documentation and various other sources but none contain examples of how to implement the various methods they talk about.
As an example, here is a single command from my bot:
async def kick(ctx, userName: discord.User):
if True: #ctx.message.author.Permissions.administrator
await BSL.kick(userName)
else:
permission_error = str('Sorry ' + ctx.message.author + ' you do not have permissions to do that!')
await BSL.send_message(ctx.message.channel, permission_error)
Where the if else statement is my attempt of doing this on my own. The #ctx.message.author.Permissions.administrator is commented out as it does not work and replaced with True for testing purposes.
Thank you for any help and suggestions in advance.
Answers:
Permissions is the name of the class. To get the message authors permissions, you should access the guild_permissions property of the author.
if ctx.message.author.guild_permissions.administrator:
# you could also use guild_permissions.kick_members
Update:
A better way to validate the permissions of the person invoking the commands is by using the check feature of the commands extension, specifically the has_permissions check. For example, if you wanted to open your command only to people who had either the manage_roles permission or the ban_members permission, you could write your command like this:
from discord import Member
from discord.ext.commands import has_permissions, MissingPermissions
@bot.command(name="kick", pass_context=True)
@has_permissions(manage_roles=True, ban_members=True)
async def _kick(ctx, member: Member):
await bot.kick(member)
@_kick.error
async def kick_error(ctx, error):
if isinstance(error, MissingPermissions):
text = "Sorry {}, you do not have permissions to do that!".format(ctx.message.author)
await bot.send_message(ctx.message.channel, text)
The tips found the accepted answer may not work:
-
There may be compatibility issues with the rewrite version of the discord.py library and the pre-rewrite versions, which remain non-obsolete, non-deprecated, and still in use.
-
The bot should also check it’s own permissions, to rule out one reason for the error.
-
If there is an error, or permissions for the bot itself are invalid, the bot should say something, correct?
-
Something needs to be implemented to prevent the bot from attempting to work this command in a DM or group context. It will almost always error.
I propose the following solution for pre-rewrite (assuming you use the command extension):
import discord
from discord.ext import commands
import time
@bot.command(pass_context=True,description="Kicks the given member. Please ensure both the bot and the command invoker have the permission 'Kick Members' before running this command.")
async def kick(ctx, target:discord.Member):
"""(GUILD ONLY) Boot someone outta the server. See 's!kick' for more."""
if not str(ctx.message.channel).startswith("Direct Message with "):
msg=await bot.say("Checking perms...")
time.sleep(0.5)
if ctx.message.server.me.server_permissions.kick_members:
if ctx.message.author.server_permissions.kick_members:
await bot.edit_message(msg,new_content="All permissions valid, checking issues with target...")
time.sleep(0.5)
if target==ctx.message.server.owner:
await bot.edit_message(msg, new_content="All permissions are correct, but you're attempting to kick the server owner, whom you can't kick no matter how hard you try. Whoops!")
else:
if target==ctx.message.server.me:
await bot.edit_message(msg, new_content="Whoops! All permissions are corrent, but you just tried to make me kick myself, which is not possible. Perhaps you meant someone else, not poor me?")
else:
await bot.edit_message(msg, new_content="All permissions correct, and no issues with target being self or server owner, attempting to kick.")
time.sleep(2)
try:
await bot.kick(target)
await bot.edit_message(msg, ":boom: BAM! ***kicc'd***")
except Exception:
await bot.edit_message(msg, new_content="I was unable to kick the passed member. The member may have a higher role than me, I may have crashed into a rate-limit, or an unknown error may have occured. In that case, try again.")
else:
await bot.edit_message(msg, new_content="I've the correct permissions, {}, but you do not. Perhaps ask for them?").format(ctx.message.author.mention)
else:
await bot.edit_message(msg, new_content="I'm just a poor bot with no permissions. Could you kindly grant me the permission `Kick Members`? Thanks! :slight_smile:")
else:
await bot.say("'Tis a DM! This command is for servers only... try this again in a server maybe? :slight_smile:")
You could also use decorators.
@bot.command(name = "Kick")
@bot.has_permissions(kick_user = True)
@bot.bot_has_permissions(kick_user = True)
async def _kick(ctx, member: Member):
#Do stuff...
The advantage of checking user and bot permissions means it is easier to handle errors from either providing useful “Insufficient Permission” error messages.
Based on the current version of discord.py, using discord.ext.commands, you can do this:
Replace all <> with what it says.
import discord
from discord.ext import commands
bot = commands.Bot(command_prefix = "<this can be whatever you want>", intents = discord.intents.all())
#make sure to enable all intents in the discord dev portal. I use all intents to make things simple.
@bot.command()
@commands.has_permissions(<permission> = True)
async def ban():
#the ban commands go here
The permission has to be exactly like how it says in the api documentation here.
These permission ID’s are for discord, but they are the same for discord.ext.
The ID for banning is ban_members. In the decorator @commands.has_permissions, remember to NOT put the ID in quotes. Also remember to add = True to the end of the id.
I am in the process of making a discord bot using discord.py and asyncio. The bot has commands like kick and ban which obviously should not be available to normal users.
I want to make a simple system which will detect what permissions the user’s role has using ctx.message.author to get the user who sent the command.
I do not want the bot to detect a specific role name as these vary across servers. I also prefer not to have multiple files for the bot to keep it simple.
I have seen the discord.py documentation and various other sources but none contain examples of how to implement the various methods they talk about.
As an example, here is a single command from my bot:
async def kick(ctx, userName: discord.User):
if True: #ctx.message.author.Permissions.administrator
await BSL.kick(userName)
else:
permission_error = str('Sorry ' + ctx.message.author + ' you do not have permissions to do that!')
await BSL.send_message(ctx.message.channel, permission_error)
Where the if else statement is my attempt of doing this on my own. The #ctx.message.author.Permissions.administrator is commented out as it does not work and replaced with True for testing purposes.
Thank you for any help and suggestions in advance.
Permissions is the name of the class. To get the message authors permissions, you should access the guild_permissions property of the author.
if ctx.message.author.guild_permissions.administrator:
# you could also use guild_permissions.kick_members
Update:
A better way to validate the permissions of the person invoking the commands is by using the check feature of the commands extension, specifically the has_permissions check. For example, if you wanted to open your command only to people who had either the manage_roles permission or the ban_members permission, you could write your command like this:
from discord import Member
from discord.ext.commands import has_permissions, MissingPermissions
@bot.command(name="kick", pass_context=True)
@has_permissions(manage_roles=True, ban_members=True)
async def _kick(ctx, member: Member):
await bot.kick(member)
@_kick.error
async def kick_error(ctx, error):
if isinstance(error, MissingPermissions):
text = "Sorry {}, you do not have permissions to do that!".format(ctx.message.author)
await bot.send_message(ctx.message.channel, text)
The tips found the accepted answer may not work:
-
There may be compatibility issues with the rewrite version of the discord.py library and the pre-rewrite versions, which remain non-obsolete, non-deprecated, and still in use.
-
The bot should also check it’s own permissions, to rule out one reason for the error.
-
If there is an error, or permissions for the bot itself are invalid, the bot should say something, correct?
-
Something needs to be implemented to prevent the bot from attempting to work this command in a DM or group context. It will almost always error.
I propose the following solution for pre-rewrite (assuming you use the command extension):
import discord
from discord.ext import commands
import time
@bot.command(pass_context=True,description="Kicks the given member. Please ensure both the bot and the command invoker have the permission 'Kick Members' before running this command.")
async def kick(ctx, target:discord.Member):
"""(GUILD ONLY) Boot someone outta the server. See 's!kick' for more."""
if not str(ctx.message.channel).startswith("Direct Message with "):
msg=await bot.say("Checking perms...")
time.sleep(0.5)
if ctx.message.server.me.server_permissions.kick_members:
if ctx.message.author.server_permissions.kick_members:
await bot.edit_message(msg,new_content="All permissions valid, checking issues with target...")
time.sleep(0.5)
if target==ctx.message.server.owner:
await bot.edit_message(msg, new_content="All permissions are correct, but you're attempting to kick the server owner, whom you can't kick no matter how hard you try. Whoops!")
else:
if target==ctx.message.server.me:
await bot.edit_message(msg, new_content="Whoops! All permissions are corrent, but you just tried to make me kick myself, which is not possible. Perhaps you meant someone else, not poor me?")
else:
await bot.edit_message(msg, new_content="All permissions correct, and no issues with target being self or server owner, attempting to kick.")
time.sleep(2)
try:
await bot.kick(target)
await bot.edit_message(msg, ":boom: BAM! ***kicc'd***")
except Exception:
await bot.edit_message(msg, new_content="I was unable to kick the passed member. The member may have a higher role than me, I may have crashed into a rate-limit, or an unknown error may have occured. In that case, try again.")
else:
await bot.edit_message(msg, new_content="I've the correct permissions, {}, but you do not. Perhaps ask for them?").format(ctx.message.author.mention)
else:
await bot.edit_message(msg, new_content="I'm just a poor bot with no permissions. Could you kindly grant me the permission `Kick Members`? Thanks! :slight_smile:")
else:
await bot.say("'Tis a DM! This command is for servers only... try this again in a server maybe? :slight_smile:")
You could also use decorators.
@bot.command(name = "Kick")
@bot.has_permissions(kick_user = True)
@bot.bot_has_permissions(kick_user = True)
async def _kick(ctx, member: Member):
#Do stuff...
The advantage of checking user and bot permissions means it is easier to handle errors from either providing useful “Insufficient Permission” error messages.
Based on the current version of discord.py, using discord.ext.commands, you can do this:
Replace all <> with what it says.
import discord
from discord.ext import commands
bot = commands.Bot(command_prefix = "<this can be whatever you want>", intents = discord.intents.all())
#make sure to enable all intents in the discord dev portal. I use all intents to make things simple.
@bot.command()
@commands.has_permissions(<permission> = True)
async def ban():
#the ban commands go here
The permission has to be exactly like how it says in the api documentation here.
These permission ID’s are for discord, but they are the same for discord.ext.
The ID for banning is ban_members. In the decorator @commands.has_permissions, remember to NOT put the ID in quotes. Also remember to add = True to the end of the id.