Skip to main content
Fluxer uses a bitwise permission system where permissions are represented as 64-bit flags. Each permission is a unique bit in a 64-bit integer, allowing efficient storage and calculation of multiple permissions.

Permission Flags

All available permissions in Fluxer: 
export const Permissions = {
  CREATE_INSTANT_INVITE: 1n << 0n,   // 0x1
  KICK_MEMBERS: 1n << 1n,            // 0x2
  BAN_MEMBERS: 1n << 2n,             // 0x4
  ADMINISTRATOR: 1n << 3n,           // 0x8
  MANAGE_CHANNELS: 1n << 4n,         // 0x10
  MANAGE_GUILD: 1n << 5n,            // 0x20
  ADD_REACTIONS: 1n << 6n,           // 0x40
  VIEW_AUDIT_LOG: 1n << 7n,          // 0x80
  PRIORITY_SPEAKER: 1n << 8n,        // 0x100
  STREAM: 1n << 9n,                  // 0x200
  VIEW_CHANNEL: 1n << 10n,           // 0x400
  SEND_MESSAGES: 1n << 11n,          // 0x800
  SEND_TTS_MESSAGES: 1n << 12n,      // 0x1000
  MANAGE_MESSAGES: 1n << 13n,        // 0x2000
  EMBED_LINKS: 1n << 14n,            // 0x4000
  ATTACH_FILES: 1n << 15n,           // 0x8000
  READ_MESSAGE_HISTORY: 1n << 16n,   // 0x10000
  MENTION_EVERYONE: 1n << 17n,       // 0x20000
  USE_EXTERNAL_EMOJIS: 1n << 18n,    // 0x40000
  CONNECT: 1n << 20n,                // 0x100000
  SPEAK: 1n << 21n,                  // 0x200000
  MUTE_MEMBERS: 1n << 22n,           // 0x400000
  DEAFEN_MEMBERS: 1n << 23n,         // 0x800000
  MOVE_MEMBERS: 1n << 24n,           // 0x1000000
  USE_VAD: 1n << 25n,                // 0x2000000
  CHANGE_NICKNAME: 1n << 26n,        // 0x4000000
  MANAGE_NICKNAMES: 1n << 27n,       // 0x8000000
  MANAGE_ROLES: 1n << 28n,           // 0x10000000
  MANAGE_WEBHOOKS: 1n << 29n,        // 0x20000000
  MANAGE_EXPRESSIONS: 1n << 30n,     // 0x40000000
  USE_EXTERNAL_STICKERS: 1n << 37n,  // 0x2000000000
  MODERATE_MEMBERS: 1n << 40n,       // 0x10000000000
  CREATE_EXPRESSIONS: 1n << 43n,     // 0x80000000000
  PIN_MESSAGES: 1n << 51n,           // 0x8000000000000
  BYPASS_SLOWMODE: 1n << 52n,        // 0x10000000000000
  UPDATE_RTC_REGION: 1n << 53n       // 0x20000000000000
} as const;

Permission Descriptions

General Permissions

PermissionDescription
CREATE_INSTANT_INVITEAllows creation of instant invites
ADMINISTRATORGrants all permissions and bypasses channel permission overwrites
MANAGE_GUILDAllows management and editing of the guild
VIEW_AUDIT_LOGAllows viewing of the audit log

Membership Permissions

PermissionDescription
KICK_MEMBERSAllows kicking members from the guild
BAN_MEMBERSAllows banning members from the guild
MANAGE_NICKNAMESAllows changing other members’ nicknames
CHANGE_NICKNAMEAllows changing own nickname
MODERATE_MEMBERSAllows timing out users

Channel Permissions

PermissionDescription
MANAGE_CHANNELSAllows management and editing of channels
VIEW_CHANNELAllows viewing a channel
MANAGE_ROLESAllows management and editing of roles
MANAGE_WEBHOOKSAllows management and editing of webhooks

Text Channel Permissions

PermissionDescription
SEND_MESSAGESAllows sending messages in a channel
SEND_TTS_MESSAGESAllows sending text-to-speech messages
MANAGE_MESSAGESAllows for deleting and pinning messages
EMBED_LINKSLinks sent will have an embed automatically
ATTACH_FILESAllows uploading files
READ_MESSAGE_HISTORYAllows reading message history
MENTION_EVERYONEAllows using @everyone and @here mentions
ADD_REACTIONSAllows adding reactions to messages
PIN_MESSAGESAllows pinning messages
BYPASS_SLOWMODEAllows bypassing slowmode

Voice Channel Permissions

PermissionDescription
CONNECTAllows connecting to a voice channel
SPEAKAllows speaking in a voice channel
STREAMAllows the user to go live
USE_VADAllows using voice activity detection
PRIORITY_SPEAKERAllows using priority speaker in a voice channel
MUTE_MEMBERSAllows muting members in voice channels
DEAFEN_MEMBERSAllows deafening members in voice channels
MOVE_MEMBERSAllows moving members between voice channels
UPDATE_RTC_REGIONAllows updating the voice region

Expression Permissions

PermissionDescription
USE_EXTERNAL_EMOJISAllows using emojis from other guilds
USE_EXTERNAL_STICKERSAllows using stickers from other guilds
MANAGE_EXPRESSIONSAllows management of guild expressions
CREATE_EXPRESSIONSAllows creating guild expressions

Bitwise Operations

Combining Permissions

import { Permissions } from '@fluxer/constants';

// Combine multiple permissions with bitwise OR
const basicPermissions = 
  Permissions.VIEW_CHANNEL | 
  Permissions.SEND_MESSAGES | 
  Permissions.READ_MESSAGE_HISTORY;

console.log(basicPermissions); // 67584n

Checking Permissions

// Check if permissions include a specific permission
function hasPermission(permissions: bigint, permission: bigint): boolean {
  return (permissions & permission) === permission;
}

const userPerms = Permissions.SEND_MESSAGES | Permissions.VIEW_CHANNEL;

console.log(hasPermission(userPerms, Permissions.SEND_MESSAGES)); // true
console.log(hasPermission(userPerms, Permissions.ADMINISTRATOR));  // false

Adding Permissions

// Add a permission
let permissions = Permissions.VIEW_CHANNEL;
permissions |= Permissions.SEND_MESSAGES;

console.log(hasPermission(permissions, Permissions.SEND_MESSAGES)); // true

Removing Permissions

// Remove a permission
let permissions = Permissions.VIEW_CHANNEL | Permissions.SEND_MESSAGES;
permissions &= ~Permissions.SEND_MESSAGES;

console.log(hasPermission(permissions, Permissions.SEND_MESSAGES)); // false

Default Permissions

Fluxer defines default permissions for new members: 
export const DEFAULT_PERMISSIONS =
  Permissions.CREATE_INSTANT_INVITE |
  Permissions.ADD_REACTIONS |
  Permissions.STREAM |
  Permissions.VIEW_CHANNEL |
  Permissions.SEND_MESSAGES |
  Permissions.EMBED_LINKS |
  Permissions.ATTACH_FILES |
  Permissions.READ_MESSAGE_HISTORY |
  Permissions.USE_EXTERNAL_EMOJIS |
  Permissions.CONNECT |
  Permissions.SPEAK |
  Permissions.USE_VAD |
  Permissions.CHANGE_NICKNAME |
  Permissions.USE_EXTERNAL_STICKERS |
  Permissions.CREATE_EXPRESSIONS;

Elevated Permissions

Permissions that grant significant control and should be granted carefully: 
export const ElevatedPermissions =
  Permissions.KICK_MEMBERS |
  Permissions.BAN_MEMBERS |
  Permissions.ADMINISTRATOR |
  Permissions.MANAGE_CHANNELS |
  Permissions.MANAGE_GUILD |
  Permissions.MANAGE_ROLES |
  Permissions.MANAGE_MESSAGES |
  Permissions.MANAGE_WEBHOOKS |
  Permissions.MANAGE_EXPRESSIONS |
  Permissions.MODERATE_MEMBERS;

Permission Checking

Server-Side Validation

import { requirePermission, hasPermission } from '@fluxer/api';
import { Permissions } from '@fluxer/constants';

// Require permission (throws error if missing)
await requirePermission(gatewayService, {
  guildId,
  userId,
  permission: Permissions.MANAGE_MESSAGES,
  channelId // optional - for channel-specific permissions
});

// Check permission (returns boolean)
const canManage = await hasPermission(gatewayService, {
  guildId,
  userId,
  permission: Permissions.MANAGE_CHANNELS
});

Computing Permission Changes

import { computePermissionsDiff } from '@fluxer/api';

const oldPerms = Permissions.VIEW_CHANNEL | Permissions.SEND_MESSAGES;
const newPerms = Permissions.VIEW_CHANNEL | Permissions.MANAGE_MESSAGES;

const diff = computePermissionsDiff(oldPerms, newPerms);
console.log(diff);
// {
//   added: ['MANAGE_MESSAGES'],
//   removed: ['SEND_MESSAGES']
// }

Channel Permission Overwrites

Channels can override guild-level permissions for specific roles or members:

Overwrite Types

export const ChannelOverwriteTypes = {
  ROLE: 0,    // Overwrite applies to a role
  MEMBER: 1   // Overwrite applies to a member
} as const;

Permission Calculation

Permissions are calculated in this order:
  1. Base permissions - Guild-wide role permissions
  2. Channel overwrites - Channel-specific role overwrites
  3. Member overwrites - Channel-specific member overwrites
  4. Administrator - ADMINISTRATOR permission bypasses all overwrites

Best Practices

Use Administrator Sparingly

The ADMINISTRATOR permission bypasses all permission checks. Only grant it to fully trusted users.

Principle of Least Privilege

Grant only the minimum permissions necessary for users to perform their roles.

Use BigInt

Always use BigInt for permission values to prevent precision loss with 64-bit integers.

Check Permissions Server-Side

Always validate permissions on the server. Never trust client-side permission checks alone.

Error Handling

When a permission check fails: 
import { MissingPermissionsError } from '@fluxer/errors';

try {
  await requirePermission(gatewayService, {
    guildId,
    userId,
    permission: Permissions.BAN_MEMBERS
  });
} catch (error) {
  if (error instanceof MissingPermissionsError) {
    // Handle missing permissions
    console.log('User lacks required permissions');
  }
}

All Permissions Value

// Bitwise OR of all permissions
export const ALL_PERMISSIONS = Object.values(Permissions)
  .reduce((acc, p) => acc | p, 0n);
This value represents having every permission enabled.

Build docs developers (and LLMs) love

Get started for freeTalk to us