WIP: Not reviewed, but should fix Ownerships and Items useage bypass
This commit is contained in:
parent
0a41d15a0b
commit
66fba62b0f
@ -333,16 +333,17 @@ public class Conf {
|
|||||||
public static transient char[] mapKeyChrs = "\\/#$%=&^ABCDEFGHJKLMNOPQRSTUVWXYZ1234567890abcdeghjmnopqrsuvwxyz?".toCharArray();
|
public static transient char[] mapKeyChrs = "\\/#$%=&^ABCDEFGHJKLMNOPQRSTUVWXYZ1234567890abcdeghjmnopqrsuvwxyz?".toCharArray();
|
||||||
|
|
||||||
|
|
||||||
// Default Options
|
// Default Options - Is this even shown on the Conf.json?
|
||||||
public static boolean useCustomDefaultPermissions = false;
|
public static boolean useCustomDefaultPermissions = false;
|
||||||
public static boolean usePermissionHints = false;
|
public static boolean usePermissionHints = false;
|
||||||
public static HashMap<String, DefaultPermissions> defaultFactionPermissions = new HashMap<>();
|
public static HashMap<String, DefaultPermissions> defaultFactionPermissions = new HashMap<>();
|
||||||
// Custom Ranks
|
// Custom Ranks - Oof I forgot I was doing this _SvenjaReissaus_
|
||||||
//public static boolean enableCustomRanks = false; // We will disable it by default to avoid any migration error
|
//public static boolean enableCustomRanks = false; // We will disable it by default to avoid any migration error
|
||||||
//public static int maxCustomRanks = 2; // Setting this to -1 will allow unlimited custom ranks
|
//public static int maxCustomRanks = 2; // Setting this to -1 will allow unlimited custom ranks
|
||||||
// -------------------------------------------- //
|
// -------------------------------------------- //
|
||||||
// Persistance
|
// Persistance
|
||||||
// -------------------------------------------- //
|
// -------------------------------------------- //
|
||||||
|
|
||||||
private static transient Conf i = new Conf();
|
private static transient Conf i = new Conf();
|
||||||
|
|
||||||
static {
|
static {
|
||||||
|
@ -18,9 +18,6 @@ public class CmdShowClaims extends FCommand {
|
|||||||
this.senderMustBePlayer = true;
|
this.senderMustBePlayer = true;
|
||||||
this.senderMustBeMember = true;
|
this.senderMustBeMember = true;
|
||||||
this.senderMustBeModerator = false;
|
this.senderMustBeModerator = false;
|
||||||
this.senderMustBePlayer = true;
|
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
@ -133,20 +133,7 @@ public class FactionsBlockListener implements Listener {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Check the permission just after making sure the land isn't owned by someone else to avoid bypass.
|
// Check the permission just after making sure the land isn't owned by someone else to avoid bypass.
|
||||||
|
return CheckPlayerAccess(player, me, loc, myFaction, access, PermissableAction.fromString(action));
|
||||||
if (access != Access.ALLOW && me.getRole() != Role.LEADER) {
|
|
||||||
// TODO: Update this once new access values are added other than just allow / deny.
|
|
||||||
if (access == Access.DENY) {
|
|
||||||
if (!justCheck)
|
|
||||||
me.msg(TL.GENERIC_NOPERMISSION, action);
|
|
||||||
return false;
|
|
||||||
} else if (myFaction.getOwnerListString(loc) != null && !myFaction.getOwnerListString(loc).isEmpty() && !myFaction.getOwnerListString(loc).contains(player.getName())) {
|
|
||||||
if (!justCheck)
|
|
||||||
me.msg("<b>You can't " + action + " in this territory, it is owned by: " + myFaction.getOwnerListString(loc));
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return true;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@EventHandler(priority = EventPriority.NORMAL, ignoreCancelled = true)
|
@EventHandler(priority = EventPriority.NORMAL, ignoreCancelled = true)
|
||||||
@ -519,4 +506,32 @@ public class FactionsBlockListener implements Listener {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// <summary>
|
||||||
|
/// This checks if the current player can execute an action based on it's factions access and surroundings
|
||||||
|
/// It will grant access in the following priorities:
|
||||||
|
/// - If Faction Land is Owned and the Owner is the current player, or player is faction leader.
|
||||||
|
/// - If Faction Land is not Owned and my access value is not set to DENY
|
||||||
|
/// - If none of the filters above matches, then we consider access is set to ALLOW|UNDEFINED
|
||||||
|
/// This check does not performs any kind of bypass check (i.e.: me.isAdminBypassing())
|
||||||
|
/// </summary>
|
||||||
|
/// <param name="player">The player entity which the check will be made upon</param>
|
||||||
|
/// <param name="me">The Faction player object related to the player</param>
|
||||||
|
/// <param name="loc">The World location where the action is being executed</param>
|
||||||
|
/// <param name="myFaction">The faction of the player being checked</param>
|
||||||
|
/// <param name="access">The current's faction access permission for the action</param>
|
||||||
|
private static boolean CheckPlayerAccess(Player player, FPlayer me, FLocation loc, Faction myFaction, Access access, PermissableAction action) {
|
||||||
|
if (access == null) access = Access.DENY; // Let's deny by default
|
||||||
|
boolean landOwned = (myFaction.doesLocationHaveOwnersSet(loc) && !myFaction.getOwnerList(loc).isEmpty());
|
||||||
|
if (landOwned && myFaction.getOwnerListString(loc).contains(player.getName()) || me.getRole() == Role.LEADER) return true;
|
||||||
|
else if (landOwned && !myFaction.getOwnerListString(loc).contains(player.getName())) {
|
||||||
|
me.msg("<b>You can't " + action + " in this territory, it is owned by: " + myFaction.getOwnerListString(loc));
|
||||||
|
return false;
|
||||||
|
} else if (!landOwned && access == Access.DENY) { // If land is not owned but access is set to DENY anyway
|
||||||
|
me.msg(TL.GENERIC_NOPERMISSION, action);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
// We assume faction land is not owned, and the access is not set to DENY, so we allow to execute the action
|
||||||
|
return true;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -60,6 +60,7 @@ public class FactionsChatListener implements Listener {
|
|||||||
// Just in case player gets demoted while in faction chat.
|
// Just in case player gets demoted while in faction chat.
|
||||||
me.msg(TL.COMMAND_CHAT_MOD_ONLY);
|
me.msg(TL.COMMAND_CHAT_MOD_ONLY);
|
||||||
event.setCancelled(true);
|
event.setCancelled(true);
|
||||||
|
me.setChatMode(ChatMode.FACTION);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -148,20 +148,7 @@ public class FactionsPlayerListener implements Listener {
|
|||||||
}
|
}
|
||||||
|
|
||||||
Access access = otherFaction.getAccess(me, PermissableAction.ITEM);
|
Access access = otherFaction.getAccess(me, PermissableAction.ITEM);
|
||||||
if (access != null && access != Access.UNDEFINED) {
|
return CheckPlayerAccess(player, me, loc, myFaction, access, PermissableAction.ITEM);
|
||||||
// TODO: Update this once new access values are added other than just allow / deny.
|
|
||||||
if ((myFaction.getOwnerListString(loc) != null && !myFaction.getOwnerListString(loc).isEmpty() && myFaction.getOwnerListString(loc).contains(player.getName()))) {
|
|
||||||
return true;
|
|
||||||
} else if (myFaction.getOwnerListString(loc) != null && !myFaction.getOwnerListString(loc).isEmpty() && !myFaction.getOwnerListString(loc).contains(player.getName())) {
|
|
||||||
me.msg("<b>You can't use items in this territory, it is owned by: " + myFaction.getOwnerListString(loc));
|
|
||||||
return false;
|
|
||||||
} else if (access == Access.DENY) {
|
|
||||||
me.msg(TL.GENERIC_NOPERMISSION, PermissableAction.ITEM);
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return true;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@SuppressWarnings("deprecation")
|
@SuppressWarnings("deprecation")
|
||||||
@ -356,21 +343,10 @@ public class FactionsPlayerListener implements Listener {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (access != Access.ALLOW && me.getRole() != Role.LEADER) {
|
return CheckPlayerAccess(player, me, loc, myFaction, access, PermissableAction.CONTAINER);
|
||||||
// TODO: Update this once new access values are added other than just allow / deny.
|
|
||||||
if ((myFaction.getOwnerListString(loc) != null && !myFaction.getOwnerListString(loc).isEmpty() && myFaction.getOwnerListString(loc).contains(player.getName()))) {
|
|
||||||
return true;
|
|
||||||
} else if (myFaction.getOwnerListString(loc) != null && !myFaction.getOwnerListString(loc).isEmpty() && !myFaction.getOwnerListString(loc).contains(player.getName())) {
|
|
||||||
me.msg("<b>You can't " + action + " in this territory, it is owned by: " + myFaction.getOwnerListString(loc));
|
|
||||||
return false;
|
|
||||||
} else if (access == Access.DENY) {
|
|
||||||
me.msg(TL.GENERIC_NOPERMISSION, action);
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return true;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
public static boolean preventCommand(String fullCmd, Player player) {
|
public static boolean preventCommand(String fullCmd, Player player) {
|
||||||
if ((Conf.territoryNeutralDenyCommands.isEmpty() && Conf.territoryEnemyDenyCommands.isEmpty() && Conf.permanentFactionMemberDenyCommands.isEmpty() && Conf.warzoneDenyCommands.isEmpty())) {
|
if ((Conf.territoryNeutralDenyCommands.isEmpty() && Conf.territoryEnemyDenyCommands.isEmpty() && Conf.permanentFactionMemberDenyCommands.isEmpty() && Conf.warzoneDenyCommands.isEmpty())) {
|
||||||
return false;
|
return false;
|
||||||
@ -1070,4 +1046,33 @@ public class FactionsPlayerListener implements Listener {
|
|||||||
return attempts;
|
return attempts;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
/// <summary>
|
||||||
|
/// This checks if the current player can execute an action based on it's factions access and surroundings
|
||||||
|
/// It will grant access in the following priorities:
|
||||||
|
/// - If Faction Land is Owned and the Owner is the current player, or player is faction leader.
|
||||||
|
/// - If Faction Land is not Owned and my access value is not set to DENY
|
||||||
|
/// - If none of the filters above matches, then we consider access is set to ALLOW|UNDEFINED
|
||||||
|
/// This check does not performs any kind of bypass check (i.e.: me.isAdminBypassing())
|
||||||
|
/// </summary>
|
||||||
|
/// <param name="player">The player entity which the check will be made upon</param>
|
||||||
|
/// <param name="me">The Faction player object related to the player</param>
|
||||||
|
/// <param name="loc">The World location where the action is being executed</param>
|
||||||
|
/// <param name="myFaction">The faction of the player being checked</param>
|
||||||
|
/// <param name="access">The current's faction access permission for the action</param>
|
||||||
|
private static boolean CheckPlayerAccess(Player player, FPlayer me, FLocation loc, Faction myFaction, Access access, PermissableAction action) {
|
||||||
|
if (access != null && access != Access.UNDEFINED) {
|
||||||
|
// TODO: Update this once new access values are added other than just allow / deny.
|
||||||
|
boolean landOwned = (myFaction.doesLocationHaveOwnersSet(loc) && !myFaction.getOwnerList(loc).isEmpty());
|
||||||
|
if (landOwned && myFaction.getOwnerListString(loc).contains(player.getName()) || me.getRole() == Role.LEADER) return true;
|
||||||
|
else if (landOwned && !myFaction.getOwnerListString(loc).contains(player.getName())) {
|
||||||
|
me.msg("<b>You can't do that in this territory, it is owned by: " + myFaction.getOwnerListString(loc));
|
||||||
|
return false;
|
||||||
|
} else if (!landOwned && access != Access.DENY) return true;
|
||||||
|
else {
|
||||||
|
me.msg(TL.GENERIC_NOPERMISSION, action);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user