Invite: grant every feature's required permissions (no Administrator)

CHANGELOG.md

@@ -3,6 +3,15 @@
 ## [recycler] -- 2026-06-02
 
 ### Changes
+- **Invite now covers every feature (still no Administrator).** The previous
+  least-privilege set was missing two permissions the bot genuinely uses, so
+  those actions failed after a fresh invite. Added to
+  `clanklib/permissions.py` (the single source of truth): `manage_guild`
+  (restore server-level settings -- name, verification level, content filter,
+  AFK timeout -- in `clanklib/serializer.py`'s backup/template restore) and
+  `attach_files` (the `.export` command sends the backup as a JSON file). The
+  invite/`.setup` audit/manifest value moves from `805391380` to `805424180`;
+  the manifest-vs-code test keeps them in lockstep.
 - **Least-privilege invite everywhere.** The leftover `.help` "Add to server"
   button (`cogs/_help_view.py`) still built an Administrator (`permissions=8`)
   invite; it now uses the single source of truth in `clanklib/permissions.py`

auren.json

@@ -10,7 +10,7 @@
   },
   "channels": ["discord"],
   "discord": {
-    "permissions": "805391380",
+    "permissions": "805424180",
     "scopes": ["bot", "applications.commands"]
   },
   "runtime": {

clanklib/permissions.py

@@ -42,13 +42,16 @@ class FeaturePerm:
 FEATURES: tuple[FeaturePerm, ...] = (
     FeaturePerm(
         "core", "Core",
-        ("view_channel", "send_messages", "embed_links", "read_message_history"),
-        "Read and reply in channels.",
+        ("view_channel", "send_messages", "embed_links", "attach_files",
+         "read_message_history"),
+        "Read and reply in channels, and post export files (.export).",
     ),
     FeaturePerm(
         "backups", "Backups and templates",
-        ("manage_channels", "manage_roles"),
-        "Recreate channels and roles when restoring a backup or template.",
+        ("manage_channels", "manage_roles", "manage_guild"),
+        "Recreate channels and roles and restore server-level settings (name, "
+        "verification level, content filter, AFK timeout) from a backup or "
+        "template.",
     ),
     FeaturePerm(
         "chatlog_sync", "Chatlog and sync",

docs/deployment.md

@@ -45,15 +45,18 @@ Recycler asks for only the permissions it actually uses -- **never
 Administrator**. The set is defined once in `clanklib/permissions.py` and drives
 the invite link, the `.setup` audit, and the Auren platform's Invite button:
 
-- View Channels, Send Messages, Embed Links, Read Message History (core)
+- View Channels, Send Messages, Embed Links, Attach Files, Read Message History
+  (core: reply, and send the `.export` backup file)
 - Manage Channels, Manage Roles (recreate channels/roles on backup/template restore)
+- Manage Server (restore server-level settings -- name, verification level,
+  content filter, AFK timeout -- on a backup/template restore)
 - Manage Webhooks (replay archived messages for chatlog/sync)
 - Ban Members (propagate bans between synced guilds)
 
 Build an invite URL (the `permissions` value is the union of the above):
 
 ```
-https://discord.com/oauth2/authorize?client_id=<CLIENT_ID>&permissions=805391380&scope=bot%20applications.commands
+https://discord.com/oauth2/authorize?client_id=<CLIENT_ID>&permissions=805424180&scope=bot%20applications.commands
 ```
 
 Once the bot is running you can also just type `.invite` (or `.about`) and it