Javascript Return Roleset Permissions

I’m sorry if this is rather off topic, but I didn’t really know where to put this. This is related to JavaScript & returning certain values/permissions of a roleset in a group.

Now as some of you may know each roleset of a group has a specific ID (or atleast I believe its something along the lines of that) so would it be possible to read each roleset based on that ID and returning that permission in to a table/array like object.

Here is a simple inspect element of what the permission looks like.


Then you could use the checked value to see if its true or false, checked = true, however if there is no checked value then we can assume that its false and they don’t have access to the permission.


The Question

How could I go about reading these values and returning them in to an array?

let RolePermissions = [
   CanViewWall: true;
   CanExileMembers: false;


Once again I’m truly sorry if this is in the wrong spot, not entirely sure where this would go if even on these forums at all (due to it being more offsite javascript rather then roblox lua)


You can also view and get the pages source code, allowing you to see this.

<input type="checkbox" 
                                        title="View group status" class="tooltip-right"
                                    <input type="checkbox" 
                                        title="Post on group wall" class="tooltip-right"
                                    <input type="checkbox" 
                                        title="Post group status" class="tooltip-right"

jQuery would be super useful in this case. If you’re using something like Node.js then I’d highly recommend checking out cheerio.
Per your issue on noblox.js’s repo, that’s something I want to add in v5.

1 Like

I’ve always heard about jQuery floating around, I’ll look in to this. If I need to I’ll get in touch with you on discord in order to solve this (if you don’t mind of course)

If I can do this myself then wonderful, however I’m not very keen on waiting for a V5 if I can solve the issue myself.

I’ll look at cheerio as well.

1 Like

I’m no web wizard so I can’t help you with your inquiry, but I can calm your worry: this is Scripting Support. Requests here aren’t necessarily restricted to RbxLua alone, but it’s more of a preference and majority topic. There are some categories where you shouldn’t go into other languages (i.e. #development-support:requests-for-code-feedback).

1 Like

While using Cheerio and requesting the HTML Source code (using request) it seems due to the redirection if you have invalid permissions to view the group base, it’ll spit back a different page. Rather strange?


Here’s what I’ve been working with.

request('', function (error, response, html) {
      if (!error && response.statusCode == 200) {
        var $ = cheerio.load(html);
        $('td.RolesAllPermissions').each(function(i, element) {
          var a = $(this).prev();

Here’s what I have and it works. You know how every role has a unique ID (not the 1-255)? That’s pretty much how you can find permissions.

I think the problem with your request may be that there is no token or cookie with it containing .ROBLOSECURITY so you would be redirected.

1 Like

With the code you provided could you explain how its actually reaching the roblox websites/servers though? That’s my main problem, not the actual Cheerio (I haven’t explored much with it however) as well as how you got the HTML with it?

Are you unable to get this information from our groups APIs? If there is some functionality you can’t find there, feel free to post a feature request. In general you shouldn’t have to parse HTML programmatically like this.

From my understanding there currently isnt a way to check if a certain roleset in a group has access to a certain permission, such as exiling.

GroupRoleResponse {
   id (integ    optional): 
   name (string, optional): 
   rank (integer, optional): 

Okay. I suggest filing a feature request. Obviously until such an API exists this is the only option.


@Jamie_Jr: With the code provided, I actually just stuck the HTML file in there after saving it to my local disk. If you want to properly get pages like these, you’d have to create a way to login to your account and navigate around using a X-CSRF-TOKEN and .ROBLOSECURITY cookie. You can use roblox-js/noblox.js’s http function to do that. There’s a super dirty way which involves creating a new function in one of the folders inside /lib/ to do this. The code would look like:

const cheerio = require('cheerio')

// Includes
var http = require('../util/http.js').func
var getGeneralToken = require('../util/getGeneralToken.js').func

// Args
exports.required = ['groupId', 'roleId', 'permission']
exports.optional = ['jar']

// Define
function getPerms (jar, token, groupId, roleId, permission) {
  var httpOpt = {
    url: '' + groupId,
    options: {
      method: 'POST',
      jar: jar,
      followRedirect: true,
      headers: {
        'X-CSRF-TOKEN': token
  return http(httpOpt)
    .then(function (res) {
        const $ = cheerio.load(res)

        return $(`input[name='${roleId}-Permission:${permission}']`).prop('checked')

exports.func = function (args) {
  var jar = args.jar
  return getGeneralToken({jar: jar})
    .then(function (xcsrf) {
      return getPerms(jar, xcsrf, args.groupId, args.roleId, args.permission)

This would be used as nbx.groupPerms(2622473, 17421963, 'CanPostToWall'). Like Seranok said, you should definitely send in a feature request.

@Seranok: Will there better way of interacting with Roblox’s API (dev. tokens, consistent API) anytime soon?

1 Like

While this gives an insight on what should be done, it sadly doesn’t work.

I’m trying to look and see whats up with it, just returns undefined.

Strange. Are you signing in and running it after the Promise?

nbx.login('user', 'pass').then(() => {
    nbx.groupPerms(a, b, c).then((res) => {
1 Like

That was my bad, I failed to import it and then login properly. Its all good now! Appreciated, hopefully when we get a proper API for this it’ll be easier. Also look forward to seeing you release an update with noblox for this.

1 Like

Can’t believe I was dumb enough to not look in the existing Groups API. :joy:

@Jamie_Jr: There is an existing API endpoint however it can only be viewed by group owners and people with that rank. I’m not sure if people with access to Group Admin can still use the endpoint.

Hm, well thats not entirely helpful considering I don’t want my bot/javascript to be ran by the owner of the group.

1 Like