summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--EssentialsGroupManager/src/org/anjocaido/groupmanager/data/DataUnit.java1
-rw-r--r--EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java52
2 files changed, 45 insertions, 8 deletions
diff --git a/EssentialsGroupManager/src/org/anjocaido/groupmanager/data/DataUnit.java b/EssentialsGroupManager/src/org/anjocaido/groupmanager/data/DataUnit.java
index 5cd07048f..48d0e55e9 100644
--- a/EssentialsGroupManager/src/org/anjocaido/groupmanager/data/DataUnit.java
+++ b/EssentialsGroupManager/src/org/anjocaido/groupmanager/data/DataUnit.java
@@ -167,6 +167,7 @@ public abstract class DataUnit {
* @return a copy of the permission list
*/
public List<String> getPermissionList() {
+ sortPermissions();
return permissions;
}
diff --git a/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java b/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java
index 3a6adee2e..069289c93 100644
--- a/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java
+++ b/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java
@@ -5,7 +5,7 @@
package org.anjocaido.groupmanager.permissions;
import java.util.ArrayList;
-import java.util.HashSet;
+import java.util.LinkedHashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
@@ -120,7 +120,7 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface {
@Override
public Set<String> getAllPlayersPermissions(String userName, Boolean includeChildren) {
- Set<String> playerPermArray = new HashSet<String>();
+ Set<String> playerPermArray = new LinkedHashSet<String>();
// Add the players own permissions.
playerPermArray.addAll(populatePerms(ph.getUser(userName).getPermissionList(), includeChildren));
@@ -133,7 +133,7 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface {
if (!alreadyProcessed.contains(group)) {
alreadyProcessed.add(group);
- Set<String> groupPermArray = new HashSet<String>();
+ Set<String> groupPermArray = new LinkedHashSet<String>();
if (group.startsWith("g:") && GroupManager.getGlobalGroups().hasGroup(group)) {
// GlobalGroups
@@ -149,7 +149,7 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface {
boolean negated = (perm.startsWith("-"));
// Perm doesn't already exists and there is no negation for it
// or It's a negated perm where a normal perm doesn't exists (don't allow inheritance to negate higher perms)
- if ((!negated && !playerPermArray.contains(perm) && !playerPermArray.contains("-" + perm)) || (negated && !playerPermArray.contains(perm.substring(1)) && !playerPermArray.contains("-" + perm)))
+ if ((!negated && !playerPermArray.contains(perm) && !wildcardNegation(playerPermArray, perm)) || (negated && !playerPermArray.contains(perm.substring(1)) && !wildcardNegation(playerPermArray, perm.substring(1))))
playerPermArray.add(perm);
}
}
@@ -159,12 +159,49 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface {
return playerPermArray;
}
+
+ /**
+ * Is there a direct or wildcard negation in the list which covers this permission node.
+ *
+ * @param playerPermArray
+ * @param node
+ * @return
+ */
+ private boolean wildcardNegation(Set<String> playerPermArray, String node) {
+
+ /*
+ * Check for a negated parent with a wildcard or negated permission
+ */
+
+ if (playerPermArray.contains("-" + node))
+ return true;
+
+ final String[] parts = node.split("\\.");
+ final StringBuilder builder = new StringBuilder(node.length());
+ for (String part : parts) {
+ builder.append('*');
+ if (playerPermArray.contains("-" + builder.toString())) {
+ GroupManager.logger.fine("Wildcard Negation found for " + node);
+ return true;
+ }
+
+ builder.deleteCharAt(builder.length() - 1);
+ builder.append(part).append('.');
+ }
+
+ /*
+ * No negated parent found so return false.
+ */
+ GroupManager.logger.fine("No Negation found for " + node);
+ return false;
+
+ }
private Set<String> populatePerms(List<String> permsList, boolean includeChildren) {
// Create a new array so it's modifiable.
List<String> perms = new ArrayList<String>(permsList);
- Set<String> permArray = new HashSet<String>();
+ Set<String> permArray = new LinkedHashSet<String>();
Boolean allPerms = false;
// Allow * node to populate ALL permissions to Bukkit.
@@ -175,9 +212,8 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface {
// Remove the no offline perms node as this should not be given.
perms.remove("groupmanager.noofflineperms");
}
-
+
for (String perm : perms) {
-
/**
* all permission sets are passed here pre-sorted, alphabetically.
* This means negated nodes will be processed before all permissions
@@ -199,7 +235,7 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface {
*/
if ((includeChildren) || (negated && allPerms)) {
- Map<String, Boolean> children = GroupManager.BukkitPermissions.getAllChildren((negated ? perm.substring(1) : perm), new HashSet<String>());
+ Map<String, Boolean> children = GroupManager.BukkitPermissions.getAllChildren((negated ? perm.substring(1) : perm), new LinkedHashSet<String>());
if (children != null) {
if (negated)