javascript - 在 Discord 上设置应用程序命令权限时出现 403 错误

Question

我的机器人遇到了 403 错误，尽管它以前从未发生过，而且代码根本没有改变。

throw new DiscordAPIError(data, res.status, request);
            ^
DiscordAPIError: Bots cannot use this endpoint
  ---
{
  method: 'put',
  path: '/applications/---/guilds/---/commands/---/permissions',
  code: 20001,
  httpStatus: 403,
  requestData: { json: { permissions: [Array] }, files: [] }
}

尝试设置 fullPermissions 却给我一个 405 错误

DiscordAPIError: 405: Method Not Allowed
  ---
{
  method: 'put',
  path: '/applications/---/guilds/---/commands/permissions',
  code: 0,
  httpStatus: 405,
  requestData: {
    json: [
      [Object], [Object], [Object],
      [Object], [Object], [Object],
      [Object], [Object], [Object],
      [Object], [Object], [Object],
      [Object], [Object], [Object],
      [Object], [Object], [Object],
      [Object], [Object], [Object],
      [Object]
    ],
    files: []
  }
}

路径 /applications/{applicationId}/guilds/{guildId}/commands/{commandId}/permissions 和 /applications/{applicationId}/guilds/{guildId}/commands/permissions 以前工作得很好，为什么现在不能工作？

Answer 1

Discord 已于昨天(2022 年 4 月 27 日)向所有公会发布了权限 V2。机器人不再能控制权限，只有服务器管理员可以。如果您想限制它，最好在代码中放置简单的权限/Angular 色/用户检查，并删除将设置命令权限的代码。

// only run for specific user
if (interaction.user.id !== "userId") return;
// only run for specific role
if (!interaction.member.roles.cache.has("roleId")) return;
// only run for specific permission
if (!interaction.member.permissions.has("BAN_MEMBERS")) return; // You can use any permission flag of course

管理员可以通过转到 Server Settings --> Integerations 来设置它，但您可以使用范围名为 applications.commands.permissions 的 Bearer Token 以编程方式编辑命令权限.update，你可以从这样的 URL 获取它

https://discord.com/api/oauth2/authorize?client_id=CLIENT_ID&redirect_uri=REDIRECT_URI&response_type=token&scope=applications.commands.permissions.update

您将被重定向到您设置的 redirect_uri 的内容，并带有 URL 参数。您可以复制 access_token 部分

PUT 命令权限

const applicationId = "APPLICATION_ID"
const guildId = "GUILD_ID"
const commandId = "COMMAND_ID" // Set this as your application ID to set default permissions
const url = `https://discord.com/api/v9/applications/${applicationId}/guilds/${guildId}/commands/${commandId}/permissions`
// requires the user that the bearer token belongs to have used applications.commands.permissions.update scope and have manage guild/roles permission
const token = "Bearer {token}" // replace {token} with what you copied from access_token
const payload = {
  permissions: [
    {
      id: "ID", // role/user/channel ID
      type: 1, // 1 for role, 2 for user, and 3 for channel
      permission: false // whether or not that role/user can use the command or you can use the command in the channel
    }
  ] 
}
await fetch(url, {
    method: "PUT",
    body: JSON.stringify(payload),
    headers: {
      Authorization: `${token}`,
      Accept: 'application/json',
     'Content-Type': 'application/json'
    },
  })

获取命令权限

const applicationId = "APPLICATION_ID"
const guildId = "GUILD_ID"
const commandId = "COMMAND_ID" // Set this as your application ID to get default permissions
const url = `https://discord.com/api/v9/applications/${applicationId}/guilds/${guildId}/commands/${commandId}/permissions`
const token = "Bearer {token}"
await fetch(url, {
    method: "GET",
    headers: {
      Authorization: `${token}`,
      Accept: 'application/json',
     'Content-Type': 'application/json'
    },
  })

获取所有命令权限

const applicationId = "APPLICATION_ID"
const guildId = "GUILD_ID"
const url = `https://discord.com/api/v9/applications/${applicationId}/guilds/${guildId}/commands/permissions`
const token = "Bearer {token}"
await fetch(url, {
    method: "GET",
    headers: {
      Authorization: `${token}`,
      Accept: 'application/json',
     'Content-Type': 'application/json'
    },
  })