From 7b6550e665255978d43337738b8bd2513d1c0bdf Mon Sep 17 00:00:00 2001
From: jrmyr <jeremy.rm@icloud.com>
Date: Sun, 4 May 2025 18:41:46 +0000
Subject: [PATCH] TempVC permissions fixes.

---
 _opt/tempvc.js | 54 ++++++++++++++++++++++++++++++++++++++------------
 1 file changed, 41 insertions(+), 13 deletions(-)

diff --git a/_opt/tempvc.js b/_opt/tempvc.js
index 5147212..4e0a584 100644
--- a/_opt/tempvc.js
+++ b/_opt/tempvc.js
@@ -224,7 +224,8 @@ export const commands = [
           await interaction.reply({ content: `Channel renamed to **${name}**.`, flags: MessageFlags.Ephemeral });
         } else if (sub === 'invite') {
           const u = interaction.options.getUser('user', true);
-          await voice.permissionOverwrites.edit(u.id, { Connect: true });
+          // grant view and connect
+          await voice.permissionOverwrites.edit(u.id, { ViewChannel: true, Connect: true });
           await interaction.reply({ content: `Invited <@${u.id}>.`, flags: MessageFlags.Ephemeral });
         } else if (sub === 'kick') {
           const u = interaction.options.getUser('user', true);
@@ -335,10 +336,19 @@ export const commands = [
           const defaultName = `TempVC: ${display}`;
           await voice.setName(defaultName);
           await voice.setUserLimit(0);
-          // clear all overwrites except owner, default allow @everyone
+          // clear all overwrites: allow everyone, owner elevated perms
           await voice.permissionOverwrites.set([
-            { id: guild.roles.everyone.id, allow: [PermissionFlagsBits.Connect] },
-            { id: sess.ownerId, allow: [PermissionFlagsBits.Connect, PermissionFlagsBits.MoveMembers, PermissionFlagsBits.ManageChannels] }
+            { id: guild.roles.everyone.id, allow: [PermissionFlagsBits.ViewChannel, PermissionFlagsBits.Connect] },
+            { id: sess.ownerId, allow: [
+                PermissionFlagsBits.ViewChannel,
+                PermissionFlagsBits.Connect,
+                PermissionFlagsBits.MoveMembers,
+                PermissionFlagsBits.ManageChannels,
+                PermissionFlagsBits.PrioritySpeaker,
+                PermissionFlagsBits.MuteMembers,
+                PermissionFlagsBits.DeafenMembers
+              ]
+            }
           ]);
           sess.roleId = guild.roles.everyone.id;
           await client.pb.updateOne('tempvc_sessions', sess.pbId, { roleId: guild.roles.everyone.id, invitedUserIds: [] });
@@ -348,13 +358,13 @@ export const commands = [
           sess.mode = mode;
           // apply mode overwrites
           if (mode === 'whitelist') {
-            // only allow whitelisted role + owner + invites
-            await voice.permissionOverwrites.edit(guild.roles.everyone.id, { Connect: false });
-            if (sess.roleId) await voice.permissionOverwrites.edit(sess.roleId, { Connect: true });
+            // only allow whitelisted role
+            await voice.permissionOverwrites.edit(guild.roles.everyone.id, { ViewChannel: false });
+            if (sess.roleId) await voice.permissionOverwrites.edit(sess.roleId, { ViewChannel: true });
           } else {
             // blacklist: allow everyone, then deny the specified role
-            await voice.permissionOverwrites.edit(guild.roles.everyone.id, { Connect: true });
-            if (sess.roleId) await voice.permissionOverwrites.edit(sess.roleId, { Connect: false });
+            await voice.permissionOverwrites.edit(guild.roles.everyone.id, { ViewChannel: true });
+            if (sess.roleId) await voice.permissionOverwrites.edit(sess.roleId, { ViewChannel: false });
           }
           // persist mode
           await client.pb.updateOne('tempvc_sessions', sess.pbId, { mode });
@@ -374,10 +384,17 @@ export const commands = [
           // apply mode-based permissions
           const mode = preset.mode || 'whitelist';
           sess.mode = mode;
-          // clear existing overwrites for everyone and role
-          await voice.permissionOverwrites.edit(guild.roles.everyone.id, { Connect: mode === 'blacklist' });
+          // adjust view/connect for @everyone
+          await voice.permissionOverwrites.edit(
+            guild.roles.everyone.id,
+            { ViewChannel: mode === 'blacklist', Connect: mode === 'blacklist' }
+          );
+          // adjust view/connect for role
           if (preset.roleId) {
-            await voice.permissionOverwrites.edit(preset.roleId, { Connect: mode === 'whitelist' ? true : false });
+            await voice.permissionOverwrites.edit(
+              preset.roleId,
+              { ViewChannel: mode === 'whitelist', Connect: mode === 'whitelist' }
+            );
           }
           // invite users explicitly
           for (const uid of preset.invitedUserIds || []) {
@@ -439,12 +456,23 @@ export async function init(client) {
         const name = `TempVC: ${displayName}`;
         // create channel
         // create voice channel, default permissions inherited from category (allow everyone)
+        // create voice channel; default allow everyone view/join, owner elevated perms
         const ch = await guild.channels.create({
           name,
           type: ChannelType.GuildVoice,
           parent: catId,
           permissionOverwrites: [
-            { id: owner.id, allow: [PermissionFlagsBits.Connect, PermissionFlagsBits.MoveMembers, PermissionFlagsBits.ManageChannels] }
+            { id: guild.roles.everyone.id, allow: [PermissionFlagsBits.ViewChannel, PermissionFlagsBits.Connect] },
+            { id: owner.id, allow: [
+                PermissionFlagsBits.ViewChannel,
+                PermissionFlagsBits.Connect,
+                PermissionFlagsBits.MoveMembers,
+                PermissionFlagsBits.ManageChannels,
+                PermissionFlagsBits.PrioritySpeaker,
+                PermissionFlagsBits.MuteMembers,
+                PermissionFlagsBits.DeafenMembers
+              ]
+            }
           ]
         });
         // move member