Fix bug when permission overwrites could be applied out of order.

The bug was due to the fact that the way overwrites work is by doing
a loop of all the values and then applying deny first and then allow.
That way the overwrite is defined if role A and role B deny a
permission but role C allows it (and said member has A, B, C roles)
then the resolution should allow it rather than deny it regardless of
the order of the data it is received in.

1 files changed, 7 insertions, 1 deletions

diff --git a/discord/channel.py b/discord/channel.py
index b6f491ce..54d90d44 100644
--- a/discord/channel.py
+++ b/discord/channel.py
@@ -245,16 +245,22 @@ class Channel(Hashable):
             return Permissions.all()
 
         member_role_ids = set(map(lambda r: r.id, member.roles))
+        denies = 0
+        allows = 0
 
         # Apply channel specific role permission overwrites
         for overwrite in self._permission_overwrites:
             if overwrite.type == 'role' and overwrite.id in member_role_ids:
-                base.handle_overwrite(allow=overwrite.allow, deny=overwrite.deny)
+                denies |= overwrite.deny
+                allows |= overwrite.allow
+
+        base.handle_overwrite(allow=allows, deny=denies)
 
         # Apply member specific permission overwrites
         for overwrite in self._permission_overwrites:
             if overwrite.type == 'member' and overwrite.id == member.id:
                 base.handle_overwrite(allow=overwrite.allow, deny=overwrite.deny)
+                break
 
         # default channels can always be read
         if self.is_default: