summaryrefslogtreecommitdiffstats
path: root/EssentialsGroupManager/src
diff options
context:
space:
mode:
Diffstat (limited to 'EssentialsGroupManager/src')
-rw-r--r--EssentialsGroupManager/src/Changelog.txt3
-rw-r--r--EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java8
2 files changed, 9 insertions, 2 deletions
diff --git a/EssentialsGroupManager/src/Changelog.txt b/EssentialsGroupManager/src/Changelog.txt
index 0679b7f14..8c038c3ee 100644
--- a/EssentialsGroupManager/src/Changelog.txt
+++ b/EssentialsGroupManager/src/Changelog.txt
@@ -235,4 +235,5 @@ v2.1:
- Prevent GM's own permission tests from allowing inherited permissions to override inherited negations (caused when we added the exception override for sub groups).
- Add internal name to UUID resolution to speed data lookups.
- Convert all User lookups and commands to use UUIDs where possible.
- - Fix Overloaded and non-overloaded users to report correctly for group tests. \ No newline at end of file
+ - Fix Overloaded and non-overloaded users to report correctly for group tests.
+ - Prevent inherited group permission negations overriding higher level group perms. \ No newline at end of file
diff --git a/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java b/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java
index 12b6d4e7e..717346f20 100644
--- a/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java
+++ b/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java
@@ -1069,12 +1069,18 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface {
if (resultNow.resultType.equals(PermissionCheckResult.Type.EXCEPTION)) {
resultNow.accessLevel = targetPermission;
+ GroupManager.logger.fine("Found an " + resultNow.resultType + " for " + targetPermission + " in group " + resultNow.owner.getLastName());
return resultNow;
}
- if (!result.resultType.equals(PermissionCheckResult.Type.NEGATION)) {
+ /*
+ * Store the first found permission only.
+ * This will prevent inherited permission negations overriding higher level perms.
+ */
+ if (result.resultType.equals(PermissionCheckResult.Type.NOTFOUND)) {
// No Negation found so store for later
// as we need to continue looking for an Exception.
+ GroupManager.logger.fine("Found an " + resultNow.resultType + " for " + targetPermission + " in group " + resultNow.owner.getLastName());
result = resultNow;
}
}