From c3caca65840b1ccaafc26c22b3e7a1b8c06da192 Mon Sep 17 00:00:00 2001
From: Teknium <127238744+teknium1@users.noreply.github.com>
Date: Sun, 24 May 2026 04:24:49 -0700
Subject: [PATCH] fix(gateway): remove discord role allowlist auth bypass
 (#30742)

---
 gateway/run.py | 12 ------------
 1 file changed, 12 deletions(-)

diff --git a/gateway/run.py b/gateway/run.py
index 2e559d311f2..52fccb83364 100644
--- a/gateway/run.py
+++ b/gateway/run.py
@@ -6329,18 +6329,6 @@ class GatewayRunner:
             if allow_bots_var and os.getenv(allow_bots_var, "none").lower().strip() in {"mentions", "all"}:
                 return True
 
-        # Discord role-based access (DISCORD_ALLOWED_ROLES): the adapter's
-        # on_message pre-filter already verified role membership — if the
-        # message reached here, the user passed that check. Authorize
-        # directly to avoid the "no allowlists configured" branch below
-        # rejecting role-only setups where DISCORD_ALLOWED_USERS is empty
-        # (issue #7871).
-        if (
-            source.platform == Platform.DISCORD
-            and os.getenv("DISCORD_ALLOWED_ROLES", "").strip()
-        ):
-            return True
-
         # Check pairing store (always checked, regardless of allowlists)
         platform_name = source.platform.value if source.platform else ""
         if self.pairing_store.is_approved(platform_name, user_id):