Merge remote-tracking branch 'origin/main'

patrickklaeren · patrickklaeren · commit 642c844ae0e6 · 2025-08-30T20:39:01.000+01:00
diff --git a/src/Modix.Bot/Modules/TagModule.cs b/src/Modix.Bot/Modules/TagModule.cs
@@ -61,6 +61,8 @@ public async Task ModifyTagAsync(
         {
             name = name.Trim().ToLower();
 
+            await _tagService.EnsureUserCanMaintainTagAsync(Context.Guild.Id, name, Context.User.Id);
+
             var currentTagData = await _tagService.GetTagAsync(Context.Guild.Id, name);
 
             if (currentTagData is null)
diff --git a/src/Modix.Services/Moderation/AttachmentBlacklistBehavior.cs b/src/Modix.Services/Moderation/AttachmentBlacklistBehavior.cs
@@ -1,6 +1,8 @@
 ﻿#nullable enable
 
 using System.Collections.Generic;
+using System.Collections.Immutable;
+using System.IO;
 using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
@@ -21,78 +23,85 @@ namespace Modix.Services.Moderation
     public class AttachmentBlacklistBehavior
         : INotificationHandler<MessageReceivedNotification>
     {
-        public static readonly IReadOnlyCollection<string> BlacklistedExtensions = new[]
-        {
-                ".exe",
-                ".dll",
-                ".application",
-                ".msc",
-                ".bat",
-                ".pdb",
-                ".sh",
-                ".com",
-                ".scr",
-                ".msi",
-                ".cmd",
-                ".vbs",
-                ".js",
-                ".reg",
-                ".pif",
-                ".msp",
-                ".hta",
-                ".cpl",
-                ".jar",
-                ".vbe",
-                ".ws",
-                ".wsf",
-                ".wsc",
-                ".wsh",
-                ".ps1",
-                ".ps1xml",
-                ".ps2",
-                ".ps2xml",
-                ".psc1",
-                ".pasc2",
-                ".msh",
-                ".msh1",
-                ".msh2",
-                ".mshxml",
-                ".msh1xml",
-                ".msh2xml",
-                ".scf",
-                ".lnk",
-                ".inf",
-                ".doc",
-                ".xls",
-                ".ppt",
-                ".docm",
-                ".dotm",
-                ".xlsm",
-                ".xltm",
-                ".xlam",
-                ".pptm",
-                ".potm",
-                ".ppam",
-                ".ppsm",
-                ".sldn",
-                ".sb",
-                ".bin",
-                ".com",
-                ".gadget",
-                ".inf1",
-                ".ins",
-                ".inx",
-                ".isu",
-                ".job",
-                ".jse",
-                ".paf",
-                ".rgs",
-                ".sct",
-                ".shb",
-                ".shs",
-                ".u3p",
-                ".vbscript"
-        };
+        /// <summary>
+        /// Gets the set of blacklisted extensions.
+        /// </summary>
+        /// <remarks>
+        /// When adding new extensions, maintain the alphabetical order to improve readability.
+        /// </remarks>
+        public static readonly ImmutableHashSet<string> BlacklistedExtensions =
+        [
+               ".application",
+               ".bat",
+               ".bin",
+               ".cmd",
+               ".com",
+               ".cpl",
+               ".dll",
+               ".doc",
+               ".docm",
+               ".dotm",
+               ".exe",
+               ".gadget",
+               ".hta",
+               ".inf",
+               ".inf1",
+               ".ins",
+               ".inx",
+               ".isu",
+               ".jar",
+               ".job",
+               ".js",
+               ".jse",
+               ".lnk",
+               ".msc",
+               ".msh",
+               ".msh1",
+               ".msh1xml",
+               ".msh2",
+               ".msh2xml",
+               ".mshxml",
+               ".msi",
+               ".msp",
+               ".paf",
+               ".pasc2",
+               ".pdb",
+               ".pdf",
+               ".pif",
+               ".potm",
+               ".ppam",
+               ".ppsm",
+               ".ppt",
+               ".pptm",
+               ".ps1",
+               ".ps1xml",
+               ".ps2",
+               ".ps2xml",
+               ".psc1",
+               ".reg",
+               ".rgs",
+               ".sb",
+               ".scf",
+               ".scr",
+               ".sct",
+               ".sh",
+               ".shb",
+               ".shs",
+               ".sldn",
+               ".u3p",
+               ".vbe",
+               ".vbs",
+               ".vbscript",
+               ".ws",
+               ".wsc",
+               ".wsf",
+               ".wsh",
+               ".xlam",
+               ".xls",
+               ".xlsm",
+               ".xltm",
+               ".zip",
+        ];
 
         public AttachmentBlacklistBehavior(
             DesignatedChannelService designatedChannelService,
@@ -151,8 +160,7 @@ public async Task HandleNotificationAsync(
             AttachmentBlacklistLogMessages.SuspiciousAttachmentsSearching(_logger);
             var blacklistedFilenames = message.Attachments
                 .Select(attachment => attachment.Filename.ToLower())
-                .Where(filename => BlacklistedExtensions
-                    .Any(extension => filename.EndsWith(extension)))
+                .Where(filename => BlacklistedExtensions.Contains(Path.GetExtension(filename)))
                 .ToArray();
 
             if(!blacklistedFilenames.Any())
diff --git a/src/Modix.Services/Tags/TagService.cs b/src/Modix.Services/Tags/TagService.cs
@@ -42,6 +42,8 @@ public interface ITagService
         Task<bool> TagExistsAsync(ulong guildId, string name);
 
         Task RefreshCache(ulong guildId);
+
+        Task EnsureUserCanMaintainTagAsync(ulong guildId, string name, ulong currentUserId);
     }
 
     internal class TagService : ITagService
@@ -340,6 +342,20 @@ public async Task RefreshCache(ulong guildId)
             _tagCache.Set(guildId, tags);
         }
 
+        public async Task EnsureUserCanMaintainTagAsync(ulong guildId, string name, ulong currentUserId)
+        {
+            var tag = await _modixContext
+                .Set<TagEntity>()
+                .Include(x => x.OwnerRole)
+                .Include(x => x.OwnerUser)
+                .Where(x => x.GuildId == guildId)
+                .Where(x => x.DeleteActionId == null)
+                .Where(x => x.Name == name)
+                .SingleOrDefaultAsync();
+
+            await EnsureUserCanMaintainTagAsync(tag, currentUserId);
+        }
+
         private async Task EnsureUserCanMaintainTagAsync(TagEntity tag, ulong currentUserId)
         {
             var currentUser = await _userService.GetGuildUserAsync(tag.GuildId, currentUserId);

Original file line number	Diff line number	Diff line change
`@@ -61,6 +61,8 @@ public async Task ModifyTagAsync(`
`61`	`61`	`{`
`62`	`62`	`name = name.Trim().ToLower();`
`63`	`63`
	`64`	`+ await _tagService.EnsureUserCanMaintainTagAsync(Context.Guild.Id, name, Context.User.Id);`
	`65`	`+`
`64`	`66`	`var currentTagData = await _tagService.GetTagAsync(Context.Guild.Id, name);`
`65`	`67`
`66`	`68`	`if (currentTagData is null)`