From aa43f05173205fb600e8a44e325f76b5c2ca8bfe Mon Sep 17 00:00:00 2001
From: Dragory <2606411+Dragory@users.noreply.github.com>
Date: Wed, 28 Apr 2021 21:47:45 +0300
Subject: [PATCH] Check !bansearch permissions before running search

---
 backend/src/plugins/Utility/search.ts | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/backend/src/plugins/Utility/search.ts b/backend/src/plugins/Utility/search.ts
index 682765ee..ec7a6604 100644
--- a/backend/src/plugins/Utility/search.ts
+++ b/backend/src/plugins/Utility/search.ts
@@ -1,4 +1,4 @@
-import { Member, Message, User } from "eris";
+import { Constants, Member, Message, User } from "eris";
 import moment from "moment-timezone";
 import escapeStringRegexp from "escape-string-regexp";
 import { isFullMessage, MINUTES, multiSorter, noop, sorter, trimLines } from "../../utils";
@@ -14,6 +14,7 @@ import { allowTimeout, RegExpRunner } from "../../RegExpRunner";
 import { inputPatternToRegExp, InvalidRegexError } from "../../validatorUtils";
 import { asyncFilter } from "../../utils/async";
 import Timeout = NodeJS.Timeout;
+import { hasDiscordPermissions } from "../../utils/hasDiscordPermissions";
 
 const SEARCH_RESULTS_PER_PAGE = 15;
 const SEARCH_ID_RESULTS_PER_PAGE = 50;
@@ -395,6 +396,11 @@ async function performBanSearch(
   page = 1,
   perPage = SEARCH_RESULTS_PER_PAGE,
 ): Promise<{ results: User[]; totalResults: number; page: number; lastPage: number; from: number; to: number }> {
+  const member = pluginData.guild.members.get(pluginData.client.user.id);
+  if (member && !hasDiscordPermissions(member.permissions, Constants.Permissions.banMembers)) {
+    throw new SearchError(`Unable to search bans: missing "Ban Members" permission`);
+  }
+
   let matchingBans = (await pluginData.guild.getBans()).map(x => x.user);
 
   if (args.query) {