From 0498b22c8cf9102b006998cace6b421fd0b7e7be Mon Sep 17 00:00:00 2001
From: jackb-p <jackbondpreston@outlook.com>
Date: Fri, 19 Aug 2016 17:29:56 +0100
Subject: [PATCH] Apply same permissions from ~createjs to ~js

---
 TriviaBot/bot/BotConfig.cpp      |  4 ++--
 TriviaBot/bot/BotConfig.hpp      |  2 +-
 TriviaBot/bot/GatewayHandler.cpp | 10 ++++++++++
 3 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/TriviaBot/bot/BotConfig.cpp b/TriviaBot/bot/BotConfig.cpp
index ed55ad5..da44707 100644
--- a/TriviaBot/bot/BotConfig.cpp
+++ b/TriviaBot/bot/BotConfig.cpp
@@ -34,7 +34,7 @@ void BotConfig::load_from_json(std::string data) {
 	owner_id = parsed.value("owner_id", "");
 	cert_location = parsed.value("api_cert_file", "bot/http/DiscordCA.crt");
 
-	createjs_roles = parsed["v8"].value("createjs_allowed_roles", std::unordered_set<std::string> { "Admin", "Coder" });
+	js_allowed_roles = parsed["v8"].value("js_allowed_roles", std::unordered_set<std::string> { "Admin", "Coder" });
 
 	Logger::write("config.json file loaded", Logger::LogLevel::Info);
 }
@@ -45,7 +45,7 @@ void BotConfig::create_new_file() {
 		{ "owner_id", "" },
 		{ "api_cert_file", "bot/http/DiscordCA.crt" },
 		{ "v8", {
-			{ "createjs_allowed_roles", {
+			{ "js_allowed_roles", {
 				"Admin", "Coder", "Bot Commander"
 			} }
 		} }
diff --git a/TriviaBot/bot/BotConfig.hpp b/TriviaBot/bot/BotConfig.hpp
index 23dc842..d1a68dc 100644
--- a/TriviaBot/bot/BotConfig.hpp
+++ b/TriviaBot/bot/BotConfig.hpp
@@ -13,7 +13,7 @@ public:
 	std::string token;
 	std::string owner_id;
 	std::string cert_location;
-	std::unordered_set<std::string> createjs_roles;
+	std::unordered_set<std::string> js_allowed_roles;
 
 private:
 	void load_from_json(std::string data);
diff --git a/TriviaBot/bot/GatewayHandler.cpp b/TriviaBot/bot/GatewayHandler.cpp
index 9a1d0e4..c5cab3f 100644
--- a/TriviaBot/bot/GatewayHandler.cpp
+++ b/TriviaBot/bot/GatewayHandler.cpp
@@ -517,6 +517,16 @@ void GatewayHandler::on_event_message_create(json data, client &c, websocketpp::
 		DiscordObjects::GuildMember *member = *std::find_if(guild.members.begin(), guild.members.end(), [sender](DiscordObjects::GuildMember *m) {
 			return sender.id == m->user->id;
 		});
+		BotConfig &conf = config;
+		bool disallowed = std::find_if(member->roles.begin(), member->roles.end(), [conf](DiscordObjects::Role *r) -> bool {
+			return conf.createjs_roles.count(r->name);
+		}) == member->roles.end(); // checks if the user has the required roles
+
+		if (disallowed) {
+			DiscordAPI::send_message(channel.id, ":warning: You do not have permission to use this command.", config.token, config.cert_location);
+			return;
+		}
+
 		std::string js = message.substr(4);
 		auto it = v8_instances.find(channel.guild_id);
 		if (it != v8_instances.end() && js.length() > 0) {