From 395655ba19a3a2e2b348a19348d2de2efaf12b4b Mon Sep 17 00:00:00 2001 From: ElgarL Date: Wed, 22 May 2013 10:37:24 +0100 Subject: Check subgroup permissions with an equal priority so no one subgroup is higher ranked than another. --- EssentialsGroupManager/src/Changelog.txt | 3 ++- .../permissions/AnjoPermissionsHandler.java | 17 +++++++++++++++-- 2 files changed, 17 insertions(+), 3 deletions(-) (limited to 'EssentialsGroupManager/src') diff --git a/EssentialsGroupManager/src/Changelog.txt b/EssentialsGroupManager/src/Changelog.txt index f7c66782a..885aff9ca 100644 --- a/EssentialsGroupManager/src/Changelog.txt +++ b/EssentialsGroupManager/src/Changelog.txt @@ -219,4 +219,5 @@ v 2.0: - Don't allow adding a node with '/manuaddp' and '/mangaddp' which is already negated. - Warn when adding a node where an exception already exist. - Only prevent adding nodes with '/manuaddp' and '/mangaddp' if they are exact matches (not wildcards). - - Store worldSelection indexed on the senders name rather than the object (fixes commandblocks using manselect). \ No newline at end of file + - Store worldSelection indexed on the senders name rather than the object (fixes commandblocks using manselect). + - Check subgroup permissions with an equal priority so no one subgroup is higher ranked than another. \ No newline at end of file diff --git a/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java b/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java index bef2fb713..3a6adee2e 100644 --- a/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java +++ b/EssentialsGroupManager/src/org/anjocaido/groupmanager/permissions/AnjoPermissionsHandler.java @@ -849,13 +849,26 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface { // SUBGROUPS CHECK for (Group subGroup : user.subGroupListCopy()) { PermissionCheckResult resultSubGroup = checkGroupPermissionWithInheritance(subGroup, targetPermission); + + if (resultSubGroup.resultType != PermissionCheckResult.Type.NOTFOUND) { - resultSubGroup.accessLevel = targetPermission; - return resultSubGroup; + + if ((resultSubGroup.resultType == PermissionCheckResult.Type.FOUND) && (result.resultType != PermissionCheckResult.Type.NEGATION)) { + resultSubGroup.accessLevel = targetPermission; + result = resultSubGroup; + } else if (resultSubGroup.resultType == PermissionCheckResult.Type.EXCEPTION) { + resultSubGroup.accessLevel = targetPermission; + return resultSubGroup; + } else if (resultSubGroup.resultType == PermissionCheckResult.Type.NEGATION) { + resultSubGroup.accessLevel = targetPermission; + result = resultSubGroup; + } + } } // THEN IT RETURNS A NOT FOUND + // OR THE RESULT OF THE SUBGROUP SEARCH. return result; } -- cgit v1.2.3