From 92bb4e0e6626aeeb574f7217de825b718cf14dac Mon Sep 17 00:00:00 2001 From: ElgarL Date: Thu, 27 Mar 2014 01:50:00 +0000 Subject: Allow Exceptions in any inherited group to override negation of permissions. --- EssentialsGroupManager/.project | 2 +- EssentialsGroupManager/src/Changelog.txt | 3 +- .../permissions/AnjoPermissionsHandler.java | 56 ++++++++++++++++++---- 3 files changed, 50 insertions(+), 11 deletions(-) diff --git a/EssentialsGroupManager/.project b/EssentialsGroupManager/.project index c0e5a6f5e..7a39e867d 100644 --- a/EssentialsGroupManager/.project +++ b/EssentialsGroupManager/.project @@ -16,7 +16,7 @@ LaunchConfigHandle - <project>/.externalToolBuilders/GroupManager.launch + <project>/.externalToolBuilders/GroupManager_Builder.launch diff --git a/EssentialsGroupManager/src/Changelog.txt b/EssentialsGroupManager/src/Changelog.txt index d30265810..7a7aa45b4 100644 --- a/EssentialsGroupManager/src/Changelog.txt +++ b/EssentialsGroupManager/src/Changelog.txt @@ -222,4 +222,5 @@ v 2.0: - Store worldSelection indexed on the senders name rather than the object (fixes commandblocks using manselect). - Check subgroup permissions with an equal priority so no one subgroup is higher ranked than another. - add recursive permission adding/deleting - - Prevent adding sub groups for ranks the granting player doesn't have access to. \ No newline at end of file + - Prevent adding sub groups for ranks the granting player doesn't have access to. + - Allow Exceptions in any inherited group to override negation of permissions. \ No newline at end of file diff --git a/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java b/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java index 39ad300e0..8f8f4c599 100644 --- a/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java +++ b/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java @@ -5,6 +5,7 @@ package org.anjocaido.groupmanager.permissions; import java.util.ArrayList; +import java.util.Iterator; import java.util.LinkedHashSet; import java.util.LinkedList; import java.util.List; @@ -13,8 +14,8 @@ import java.util.Set; import org.anjocaido.groupmanager.GroupManager; import org.anjocaido.groupmanager.data.Group; -import org.anjocaido.groupmanager.dataholder.WorldDataHolder; import org.anjocaido.groupmanager.data.User; +import org.anjocaido.groupmanager.dataholder.WorldDataHolder; import org.anjocaido.groupmanager.utils.PermissionCheckResult; import org.bukkit.Bukkit; import org.bukkit.entity.Player; @@ -121,6 +122,7 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface { public Set getAllPlayersPermissions(String userName, Boolean includeChildren) { Set playerPermArray = new LinkedHashSet(); + Set overrides = new LinkedHashSet(); // Add the players own permissions. playerPermArray.addAll(populatePerms(ph.getUser(userName).getPermissionList(), includeChildren)); @@ -147,18 +149,39 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface { // Add all group permissions, unless negated by earlier permissions. for (String perm : groupPermArray) { boolean negated = (perm.startsWith("-")); + + // Overridden (Exception) permission defeats negation. + if (perm.startsWith("+")) { + overrides.add(perm.substring(1)); + continue; + } + // Perm doesn't already exists and there is no negation for it // or It's a negated perm where a normal perm doesn't exists (don't allow inheritance to negate higher perms) if ((!negated && !playerPermArray.contains(perm) && !wildcardNegation(playerPermArray, perm)) || (negated && !playerPermArray.contains(perm.substring(1)) && !wildcardNegation(playerPermArray, perm.substring(1)))) playerPermArray.add(perm); - if (perm.startsWith("+") && wildcardNegation(groupPermArray, perm.substring(1))) { - playerPermArray.add(perm.substring(1)); - } } } } + + // Process overridden permissions + + Iterator itr = overrides.iterator(); + + while (itr.hasNext()) { + + String node = itr.next(); + + if (playerPermArray.contains("-" + node)) { + playerPermArray.remove("-" + node); + } + + playerPermArray.add(node); + + } + // Collections.sort(playerPermArray, StringPermissionComparator.getInstance()); return playerPermArray; @@ -1001,17 +1024,34 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface { if (start == null || targetPermission == null) { return null; } + LinkedList stack = new LinkedList(); List alreadyVisited = new ArrayList(); + PermissionCheckResult result = new PermissionCheckResult(); + stack.push(start); alreadyVisited.add(start); + + // Set defaults. + result.askedPermission = targetPermission; + result.resultType = PermissionCheckResult.Type.NOTFOUND; + while (!stack.isEmpty()) { Group now = stack.pop(); PermissionCheckResult resultNow = checkGroupOnlyPermission(now, targetPermission); + if (!resultNow.resultType.equals(PermissionCheckResult.Type.NOTFOUND)) { - resultNow.accessLevel = targetPermission; - return resultNow; + + if (resultNow.resultType.equals(PermissionCheckResult.Type.EXCEPTION)) { + resultNow.accessLevel = targetPermission; + return resultNow; + } + + // Negation found so store for later + // as we need to continue looking for an Exception. + result = resultNow; } + for (String sonName : now.getInherits()) { Group son = ph.getGroup(sonName); if (son != null && !alreadyVisited.contains(son)) { @@ -1021,9 +1061,7 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface { } } } - PermissionCheckResult result = new PermissionCheckResult(); - result.askedPermission = targetPermission; - result.resultType = PermissionCheckResult.Type.NOTFOUND; + return result; } -- cgit v1.2.3