mirror of
https://github.com/essentials/Essentials.git
synced 2025-08-11 17:15:07 +02:00
Prevent inherited group permission negations overriding higher level group perms.
This commit is contained in:
ElgarL
@@ -235,4 +235,5 @@ v2.1:
|
||||
- Prevent GM's own permission tests from allowing inherited permissions to override inherited negations (caused when we added the exception override for sub groups).
|
||||
- Add internal name to UUID resolution to speed data lookups.
|
||||
- Convert all User lookups and commands to use UUIDs where possible.
|
||||
- Fix Overloaded and non-overloaded users to report correctly for group tests.
|
||||
- Fix Overloaded and non-overloaded users to report correctly for group tests.
|
||||
- Prevent inherited group permission negations overriding higher level group perms.
|
||||
@@ -1069,12 +1069,18 @@ public class AnjoPermissionsHandler extends PermissionsReaderInterface {
|
||||
|
||||
if (resultNow.resultType.equals(PermissionCheckResult.Type.EXCEPTION)) {
|
||||
resultNow.accessLevel = targetPermission;
|
||||
GroupManager.logger.fine("Found an " + resultNow.resultType + " for " + targetPermission + " in group " + resultNow.owner.getLastName());
|
||||
return resultNow;
|
||||
}
|
||||
|
||||
if (!result.resultType.equals(PermissionCheckResult.Type.NEGATION)) {
|
||||
/*
|
||||
* Store the first found permission only.
|
||||
* This will prevent inherited permission negations overriding higher level perms.
|
||||
*/
|
||||
if (result.resultType.equals(PermissionCheckResult.Type.NOTFOUND)) {
|
||||
// No Negation found so store for later
|
||||
// as we need to continue looking for an Exception.
|
||||
GroupManager.logger.fine("Found an " + resultNow.resultType + " for " + targetPermission + " in group " + resultNow.owner.getLastName());
|
||||
result = resultNow;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user