From bd72eee559b224a06bef4a55a52215e0e79c6528 Mon Sep 17 00:00:00 2001
From: ElgarL <ElgarL@Palmergames.com>
Date: Thu, 17 Jul 2014 10:37:58 +0100
Subject: Prevent inherited group permission negations overriding higher level
 group perms.

---
 .../groupmanager/permissions/AnjoPermissionsHandler.java          | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions')

diff --git a/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java b/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java
index 12b6d4e7e..717346f20 100644
--- a/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java
+++ b/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java
@@ -1069,12 +1069,18 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface {
 				
 				if (resultNow.resultType.equals(PermissionCheckResult.Type.EXCEPTION)) {
 					resultNow.accessLevel = targetPermission;
+					GroupManager.logger.fine("Found an " + resultNow.resultType + " for " + targetPermission + " in group " + resultNow.owner.getLastName());
 					return resultNow;
 				}
 				
-				if (!result.resultType.equals(PermissionCheckResult.Type.NEGATION)) {
+				/*
+				 * Store the first found permission only.
+				 * This will prevent inherited permission negations overriding higher level perms.
+				 */
+				if (result.resultType.equals(PermissionCheckResult.Type.NOTFOUND)) {
 					// No Negation found so store for later
 					// as we need to continue looking for an Exception.
+					GroupManager.logger.fine("Found an " + resultNow.resultType + " for " + targetPermission + " in group " + resultNow.owner.getLastName());
 					result = resultNow;
 				}
 			}
-- 
cgit v1.2.3