summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorElgarL <ElgarL@Palmergames.com>2014-03-27 01:50:00 +0000
committerKHobbits <rob@khobbits.co.uk>2014-05-04 12:50:12 +0100
commit64acdbf99e0c31ea8619f57f9dccd8942041efe3 (patch)
tree7cd13aad958f72c582431672e86ee136193fc5ee
parente982d8c8f8802b278934db1275ec00cbff5cffa0 (diff)
downloadEssentials-64acdbf99e0c31ea8619f57f9dccd8942041efe3.tar
Essentials-64acdbf99e0c31ea8619f57f9dccd8942041efe3.tar.gz
Essentials-64acdbf99e0c31ea8619f57f9dccd8942041efe3.tar.lz
Essentials-64acdbf99e0c31ea8619f57f9dccd8942041efe3.tar.xz
Essentials-64acdbf99e0c31ea8619f57f9dccd8942041efe3.zip
Allow Exceptions in any inherited group to override negation of permissions.
-rw-r--r--EssentialsGroupManager/.project2
-rw-r--r--EssentialsGroupManager/src/Changelog.txt3
-rw-r--r--EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java56
3 files changed, 50 insertions, 11 deletions
diff --git a/EssentialsGroupManager/.project b/EssentialsGroupManager/.project
index c0e5a6f5e..7a39e867d 100644
--- a/EssentialsGroupManager/.project
+++ b/EssentialsGroupManager/.project
@@ -16,7 +16,7 @@
<arguments>
<dictionary>
<key>LaunchConfigHandle</key>
- <value>&lt;project&gt;/.externalToolBuilders/GroupManager.launch</value>
+ <value>&lt;project&gt;/.externalToolBuilders/GroupManager_Builder.launch</value>
</dictionary>
</arguments>
</buildCommand>
diff --git a/EssentialsGroupManager/src/Changelog.txt b/EssentialsGroupManager/src/Changelog.txt
index d30265810..7a7aa45b4 100644
--- a/EssentialsGroupManager/src/Changelog.txt
+++ b/EssentialsGroupManager/src/Changelog.txt
@@ -222,4 +222,5 @@ v 2.0:
- Store worldSelection indexed on the senders name rather than the object (fixes commandblocks using manselect).
- Check subgroup permissions with an equal priority so no one subgroup is higher ranked than another.
- add recursive permission adding/deleting
- - Prevent adding sub groups for ranks the granting player doesn't have access to. \ No newline at end of file
+ - Prevent adding sub groups for ranks the granting player doesn't have access to.
+ - Allow Exceptions in any inherited group to override negation of permissions. \ No newline at end of file
diff --git a/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java b/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java
index 39ad300e0..8f8f4c599 100644
--- a/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java
+++ b/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java
@@ -5,6 +5,7 @@
package org.anjocaido.groupmanager.permissions;
import java.util.ArrayList;
+import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.LinkedList;
import java.util.List;
@@ -13,8 +14,8 @@ import java.util.Set;
import org.anjocaido.groupmanager.GroupManager;
import org.anjocaido.groupmanager.data.Group;
-import org.anjocaido.groupmanager.dataholder.WorldDataHolder;
import org.anjocaido.groupmanager.data.User;
+import org.anjocaido.groupmanager.dataholder.WorldDataHolder;
import org.anjocaido.groupmanager.utils.PermissionCheckResult;
import org.bukkit.Bukkit;
import org.bukkit.entity.Player;
@@ -121,6 +122,7 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface {
public Set<String> getAllPlayersPermissions(String userName, Boolean includeChildren) {
Set<String> playerPermArray = new LinkedHashSet<String>();
+ Set<String> overrides = new LinkedHashSet<String>();
// Add the players own permissions.
playerPermArray.addAll(populatePerms(ph.getUser(userName).getPermissionList(), includeChildren));
@@ -147,18 +149,39 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface {
// Add all group permissions, unless negated by earlier permissions.
for (String perm : groupPermArray) {
boolean negated = (perm.startsWith("-"));
+
+ // Overridden (Exception) permission defeats negation.
+ if (perm.startsWith("+")) {
+ overrides.add(perm.substring(1));
+ continue;
+ }
+
// Perm doesn't already exists and there is no negation for it
// or It's a negated perm where a normal perm doesn't exists (don't allow inheritance to negate higher perms)
if ((!negated && !playerPermArray.contains(perm) && !wildcardNegation(playerPermArray, perm)) || (negated && !playerPermArray.contains(perm.substring(1)) && !wildcardNegation(playerPermArray, perm.substring(1))))
playerPermArray.add(perm);
- if (perm.startsWith("+") && wildcardNegation(groupPermArray, perm.substring(1))) {
- playerPermArray.add(perm.substring(1));
- }
}
}
}
+
+ // Process overridden permissions
+
+ Iterator<String> itr = overrides.iterator();
+
+ while (itr.hasNext()) {
+
+ String node = itr.next();
+
+ if (playerPermArray.contains("-" + node)) {
+ playerPermArray.remove("-" + node);
+ }
+
+ playerPermArray.add(node);
+
+ }
+
// Collections.sort(playerPermArray, StringPermissionComparator.getInstance());
return playerPermArray;
@@ -1001,17 +1024,34 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface {
if (start == null || targetPermission == null) {
return null;
}
+
LinkedList<Group> stack = new LinkedList<Group>();
List<Group> alreadyVisited = new ArrayList<Group>();
+ PermissionCheckResult result = new PermissionCheckResult();
+
stack.push(start);
alreadyVisited.add(start);
+
+ // Set defaults.
+ result.askedPermission = targetPermission;
+ result.resultType = PermissionCheckResult.Type.NOTFOUND;
+
while (!stack.isEmpty()) {
Group now = stack.pop();
PermissionCheckResult resultNow = checkGroupOnlyPermission(now, targetPermission);
+
if (!resultNow.resultType.equals(PermissionCheckResult.Type.NOTFOUND)) {
- resultNow.accessLevel = targetPermission;
- return resultNow;
+
+ if (resultNow.resultType.equals(PermissionCheckResult.Type.EXCEPTION)) {
+ resultNow.accessLevel = targetPermission;
+ return resultNow;
+ }
+
+ // Negation found so store for later
+ // as we need to continue looking for an Exception.
+ result = resultNow;
}
+
for (String sonName : now.getInherits()) {
Group son = ph.getGroup(sonName);
if (son != null && !alreadyVisited.contains(son)) {
@@ -1021,9 +1061,7 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface {
}
}
}
- PermissionCheckResult result = new PermissionCheckResult();
- result.askedPermission = targetPermission;
- result.resultType = PermissionCheckResult.Type.NOTFOUND;
+
return result;
}