[Bug] Cannot perform action due to a lack of Permission. Missing permission: MANAGE_WEBHOOKS
Closed this issue · 4 comments
Checks
- I confirm that I have searched for existing issues / pull requests before reporting to avoid duplicate reporting.
- I confirm that I followed the DMCC Docs and read the Changelog, but this problem still exists.
- I confirm that I noted that if I don't follow the instructions, the issue may be closed directly.
Minecraft Version
1.20.4
Discord-MC-Chat Version
Latest Build (GitHub Actions)
Description
A bot which has permission to create webhooks in the log channel, but not in the guild crashes the server, when everything should work.
This is due to :
Checking unconditionally. Additionally, this check also happens and crashes the server when
use_webhook
config is off (!!!!!)
To Reproduce
- Add bot to server
- Make sure bot doesn't have global manage webhooks permission
- Make sure bot does have manage webhooks permission in the log channel
- Start the server
Log
0|start | [19:31:35] [main/INFO]: -----------------------------------------
0|start | [19:31:35] [main/INFO]: Discord-MC-Chat (DMCC) 2.3.2
0|start | [19:31:35] [main/INFO]: By Xujiayao
0|start | [19:31:35] [main/INFO]:
0|start | [19:31:35] [main/INFO]: More information + Docs:
0|start | [19:31:35] [main/INFO]: https://blog.xujiayao.com/posts/4ba0a17a/
0|start | [19:31:35] [main/INFO]: -----------------------------------------
0|start | [19:31:35] [main/INFO]: Login Successful!
0|start | [19:31:35] [JDA MainWS-WriteThread/INFO]: Connected to WebSocket
0|start | [19:31:39] [JDA MainWS-ReadThread/INFO]: Finished Loading!
0|start | [19:31:39] [main/ERROR]: net.dv8tion.jda.api.exceptions.InsufficientPermissionException: Cannot perform action due to a lack of Permission. Missing permission: MANAGE_WEBHOOKS
0|start | at net.dv8tion.jda.internal.entities.GuildImpl.retrieveWebhooks(GuildImpl.java:736)
0|start | at com.xujiayao.discord_mc_chat.Main.onInitializeServer(Main.java:119)
0|start | at net.fabricmc.loader.impl.FabricLoaderImpl.invokeEntrypoints(FabricLoaderImpl.java:384)
0|start | at net.fabricmc.loader.impl.game.minecraft.Hooks.startServer(Hooks.java:64)
0|start | at net.minecraft.server.Main.main(Main.java:109)
0|start | at net.fabricmc.loader.impl.game.minecraft.MinecraftGameProvider.launch(MinecraftGameProvider.java:470)
0|start | at net.fabricmc.loader.impl.launch.knot.Knot.launch(Knot.java:74)
0|start | at net.fabricmc.loader.impl.launch.knot.KnotServer.main(KnotServer.java:23)
0|start | at net.fabricmc.loader.impl.launch.server.FabricServerLauncher.main(FabricServerLauncher.java:69)
0|start | at net.fabricmc.installer.ServerLauncher.main(ServerLauncher.java:69)
Config
{
"generic": {
"language": "en_us",
"botToken": "TOKEN",
"botPlayingStatus": "(%onlinePlayerCount%/%maxPlayerCount%)",
"botListeningStatus": "",
"useWebhook": true,
"channelId": "THE ID OF THE CHANNEL",
"consoleLogChannelId": "",
"updateNotificationChannelId": "",
"useUuidInsteadOfName": true,
"avatarApi": "https://mc-heads.net/avatar/%player%.png",
"broadcastPlayerCommandExecution": false,
"broadcastSlashCommandExecution": false,
"announceServerStartStop": true,
"announcePlayerJoinLeave": true,
"announceDeathMessages": true,
"announceAdvancements": true,
"broadcastChatMessages": true,
"formatChatMessages": true,
"allowedMentions": [],
"useServerNickname": true,
"discordNewlineLimit": 3,
"announceHighMspt": true,
"msptCheckInterval": 5000,
"msptLimit": 50,
"whitelistRequiresAdmin": true,
"notifyUpdates": false,
"mentionAdminsForUpdates": false,
"updateChannelTopic": false,
"channelTopicUpdateInterval": 600000,
"shutdownImmediately": false,
"excludedCommands": [
"/msg",
"/tell",
"/tellraw",
"/w"
],
"adminsIds": [
"332894758076678144"
]
},
"multiServer": {
"enable": false,
"host": "127.0.0.1",
"port": 5000,
"name": "SMP",
"botIds": []
},
"customMessage": {
"unformattedResponseMessage": "",
"unformattedChatMessage": "",
"unformattedOtherMessage": "",
"unformattedCommandNotice": "",
"formattedResponseMessage": "",
"formattedChatMessage": "",
"formattedOtherMessage": "",
"formattedCommandNotice": "",
"messageWithoutWebhook": "",
"messageWithoutWebhookForMultiServer": "",
"serverStarted": "",
"serverStopped": "",
"joinServer": "",
"leftServer": "",
"deathMessage": "",
"advancementTask": "",
"advancementGoal": "",
"advancementChallenge": "",
"highMspt": "",
"offlineChannelTopic": "",
"onlineChannelTopic": "",
"onlineChannelTopicForMultiServer": ""
},
"latestVersion": "2.3.2",
"latestCheckTime": 1717059760765
}
The docs states which permissions are required for auth, and this happens only when people try not to follow the docs. So this doesn't seem to be a big deal?
Every permission isn't always available, like in my case. If the disparity between server and channel webhook is not very important, crashing when not using webhook can get really annoying.
I will take a look at the purpose of the code you quoted and decide whether it should be removed.
Sorry for late response.
The MANAGE_WEBHOOKS
permission for both channel and guild webhook requests is needed for the purpose of that code, and I decided to keep it. That code is to remove abandoned webhooks in the entire guild (including the guild's webhooks and the channel's webhooks), as older versions of DMCC used guild webhooks instead of channel webhooks. Note that webhooks created by an application cannot be used by any others (it will return an invalid link).
Releasing the permission to the entire guild for an open-source project should not make much security difference to the vast majority of people. What actually is your concern on that?