1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
use serde::{Deserialize, Serialize};
#[cfg(feature = "utoipa")]
use utoipa::ToSchema;
use uuid::Uuid;
use crate::v1::types::util::deserialize_sorted;
pub mod defaults;
/// a permission that lets a user do something
#[derive(
Debug,
Hash,
Clone,
Copy,
PartialEq,
Eq,
PartialOrd,
Ord,
Serialize,
Deserialize,
strum::EnumIter,
strum::EnumCount,
)]
#[cfg_attr(feature = "utoipa", derive(ToSchema))]
pub enum Permission {
/// Allows **everything**
/// probably a major footgun. i'd like to remove it, but theres legit purposes for it right now...
Admin,
/// can configure all bots and kick all bots
IntegrationsManage,
/// can add and remove emoji
EmojiManage,
/// can use custom emoji not added to this room
EmojiUseExternal,
/// create invites, view metadata for invites they created, and delete invites they created
InviteCreate,
/// view metadata for all invites and delete all invites
/// implies InviteCreate
InviteManage,
/// ban and unban members
MemberBan,
/// allow adding users with type Puppet and use timestamp massaging
/// intended for bridge bots
// TODO: rename to `Bridge`
MemberBridge,
/// kick members
MemberKick,
/// edit members' nicknames
MemberNicknameManage,
/// send attachments
/// requires MessageCreate
MessageAttachments,
/// send messages
MessageCreate,
/// delete other people's messages
MessageDelete,
/// remove and restore messages
MessageRemove,
/// send embeds (link previews)
/// requires MessageCreate
MessageEmbeds,
/// (unimplemented) mention @everyone, @here, and all roles
/// requires MessageCreate
MessageMassMention,
/// (unimplemented) move messages between channels
MessageMove,
/// pin and unpin messages
MessagePin,
/// use a custom nickname
MemberNickname,
/// timeout members
MemberTimeout,
/// add new reactions
// TODO: can still react with existing reactions
ReactionAdd,
/// remove all reactions
ReactionPurge,
/// add and remove roles from members
RoleApply,
/// create, edit, and delete roles. also managing permissions in general.
RoleManage,
/// edit name, description, really anything else
RoomManage,
/// (server, unimplemented) can access metrics (prometheus)
ServerMetrics,
/// (server) can view the server room and all members on the server
ServerOversee,
/// (server, unimplemented) access reports
ServerReports,
/// (unimplemented) apply tags to threads
/// applying tags to rooms would probably be a RoomEdit thing
// TODO: merge with ThreadEdit?
TagApply,
/// (unimplemented) create and delete tags
// TODO: merge with ChannelManage or ChannelEdit?
TagManage,
/// can change channel names and topics
ChannelEdit,
/// can create, remove, and archive channels. can also list all channels.
ChannelManage,
/// can create private threads
ThreadCreatePrivate,
/// can create public threads
ThreadCreatePublic,
/// remove and archive threads, and move threads between channels. can also view all threads.
ThreadManage,
/// change name and description of threads
ThreadEdit,
/// lock and unlock threads
// TODO: merge with ThreadManage?
ThreadLock,
/// Can view channels
ViewChannel,
/// view audit log
ViewAuditLog,
/// connect and listen to voice threads
VoiceConnect,
/// stop someone from listening
VoiceDeafen,
/// disconnect members from voice threads
VoiceDisconnect,
/// move members between voice threads
VoiceMove,
/// stop someone from talking
VoiceMute,
/// talk louder
/// requires VoiceSpeak
VoicePriority,
/// talk in voice threads
/// requires VoiceConnect
VoiceSpeak,
/// stream video and screenshare in voice threads
/// requires VoiceConnect
VoiceVideo,
/// can manage calendar events
CalendarEventManage,
}
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
#[cfg_attr(feature = "utoipa", derive(ToSchema))]
pub struct PermissionOverwrites {
#[serde(flatten)]
inner: Vec<PermissionOverwrite>,
}
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
#[cfg_attr(feature = "utoipa", derive(ToSchema))]
pub struct PermissionOverwrite {
/// id of role or user
pub id: Uuid,
/// whether this is for a user or role
#[serde(rename = "type")]
pub ty: PermissionOverwriteType,
/// extra permissions allowed here
#[serde(deserialize_with = "deserialize_sorted")]
pub allow: Vec<Permission>,
/// permissions denied here
#[serde(deserialize_with = "deserialize_sorted")]
pub deny: Vec<Permission>,
}
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
#[cfg_attr(feature = "utoipa", derive(ToSchema))]
pub struct PermissionOverwriteSet {
/// whether this is for a user or role
#[serde(rename = "type")]
pub ty: PermissionOverwriteType,
/// extra permissions allowed here
#[serde(deserialize_with = "deserialize_sorted")]
pub allow: Vec<Permission>,
/// permissions denied here
#[serde(deserialize_with = "deserialize_sorted")]
pub deny: Vec<Permission>,
}
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize, Hash)]
#[cfg_attr(feature = "utoipa", derive(ToSchema))]
pub enum PermissionOverwriteType {
/// permission overrides for a role
Role,
/// permission overrides for a user
User,
}