Sudo suggestion

Comments

41 comments

  • Mr.Mask

    Lots of people do say they want it and others really dont

    I know why you people say its bad it is because abuse or it will end other relation ships and then like everyone having access or something but ill do a pros and cons

    Cons:
    Might end friendships
    ends clean records of rule breaking (what i mean is if someone has a cleanr ecord of no rules broken and its broken cuz sudo)

    Pros:
    Trolling
    YT CONTENT
    TTV CONTENT
    Other user reactions
    Other bots using this (As marketing maybe)

    IF ADDED:
    Cool down
    a sudoed badge
    User being sudoed gets a small notification

    1
  • MrCreepSheep

    To be honest, this could be abused for servers. But, ya gotta agree with me. Sudoing would be awesome. Also abusing wouldn't be hard to spot as a sudo badge could be there, but if not, their name color would be different. But you can toggle badges or color changes from sudoes in the server settings so trolling can still be hidden from others. Also certain roles can see the changes as well and a sudoed person get a DM when they are sudoed.

    0
  • Faces alt!

    This whould be fun but it is fair that only the owner has perms and the things with 2FA or something

    Sky_Dragonz said the rules and perms

    0
  • PiggyPlex

    You're all upvoting this because THEORETICALLY it sounds like a nice idea, and would add to trolling.

    Building off of Sky_Dragonsz's point, it would fundamentally be a good idea, if people were aware of it. This currently kind-of exists; you can use the Discord API to send a webhook with a person's username and avatar and send a message through it. It would look like the user except with a bot tag next to it.

    This could be used abusively, such as making members say things harmful or hurtful (i.e. to get them banned; can ruin friendships; distrusts the whole trust system).

    I also believe that some of you have not quite read what it says fully. It says that the endpoint should allow simulation of any action/endpoint on the Discord API. Like I said previously, this is exactly like send requests to the Discord API Endpoints using another person's token. It is effectively, for those knowing little about APIs, handing out your account blindly for anyone to do anything. The suggestion does not state that only server owners should be able to do it, nor that only in certain guilds or guilds with certain settings. It merely states that bots and users should have an endpoint to spoof any user's action through a new, specific endpoint.

    On a security perspective, this would break Discord. It would allow anyone to fake action(s) within a given server, or globally. This could allow for fake messages which would break the Discord ToS, and possibly get a person's account locked, or promote server-banned behaviour, getting a person banned. It could also allow illegal actions, which would be followed up - only for law-enforcement agencies and/or Discord to realise it was an abuse of a sudo endpoint. Whilst sounding like a good idea, I'm strongly against this idea. It's sound is a good idea, however the implementation is just like I said previously: giving your account away.

    Discord have been working on security itself for ages now, just for a sudo command to be implemented, breaking it? They've done fixes, such as hiding your token (or at least making it harder to find), not storing it in plaintext over your temporary/cache files, as well as many other small changes. That would be all for nothing if someone could physically use your account against your will or knowledge.

    Also, if it was an API Endpoint which you are suggesting, how would a user use it? Remember, it is prohibited for a user to make (automated) requests outside of the Discord client in an unauthentic way using a user token. You would be promoting a whole dialog to be added to the Discord client, just for sudo'ing.

    By a developer's perspective, both the idea and the suggested code is of a malformed syntax. The given code:

    msg.sudo('userid','action')

    alone makes no sense. For the demonstration, I'm going to assume that you mean that this would be the code which Discord.JS, a popular Node.js library would implement into their package as a wrapper to access the endpoint.

    Firstly, you should state which library that should be from. As you can see, I'm taking a wild guess. It could also be many other libraries, including Discord.PY (and its rewrite).

     You should also pay attention that msg most likely stands for the message which is given in the message client event (<Discord.Client>.on('message', (msg) => { ... });). I would personally bind this to either the <User>.sudo(<Guild>, message), where typeof message == 'string', or <GuildMember>.sudo(message). Even <Guild>.sudo(<UserResolvable>, message) would, in theory, work. The syntax would make much more sense.

    Lastly, please note that this is general suggestions or ideas to be added to the Discord API in general, as opposed to for one library. If you were to add code examples, please state for which library, or even suggest endpoint URLs directly - generic for any language.

    The only way I'd see this implemented if there were logs, and user agreement by the person's account who another person wishes to sudo. You would have to give specific access to that user within that guild, and actions would be limited to sending messages only. I'm surprised no-one came up with this idea yet, however it makes the most sense to me personally. Let me know what you think.

    TL;DR: Sudo is not a secure nor good idea, unless the user agrees by server and per user, along with sudo logs (and possibly alerts) so the user being sudo'd is aware. Having a special tag defeats the purpose of sudo (and technically exists by using Webhooks).

    3
  • Scottieboy1794

    For some reason people aren’t reading it’ll be best to have this for admins/owners only. It’s not like we are idiots to give this power to random people unless your an idiot who doesn’t set up their bots correctly or doesn’t even know how to make it where general public can’t just mess with bots at random. Sudo would do lovely for discord in the right hands if admins or owners are trolling people and the people don’t like it then leave the server not a hard concept.

    0
  • Mr.Mask

    noone cares. I made this like a year ago. Do u think I care?

    -1
  • thienbao860

    That's rude...

    1
  • yande the chickmin

    maybye /sudo [user] [command thingy] like minecraft sudo?

    and in role settings a mabye a switch that says "can use sudo"

    yes?

    2
  • aceisafk

    Stop downvoting, this could be used for actual emergencies
    like what if you get hacked and you sudo yourself on an alt to say im hacked

    1
  • BLOOD_MOON_1

    GREAT IDEA. IVE ALWAYS WANTEWD /SUDO

    0
  • Ashu Det

    Well, I for one like this suggestion, I believe it would need to be its own separate permission, but this seems like an amazing idea I've actually been looking for and need.

    0

Please sign in to leave a comment.