Fixed re invite spam to already invited member and enhanced kick permission check

This commit is contained in:
Svenja Reissaus 2018-08-02 11:13:16 -03:00
parent 8deb02f29f
commit cbb7d478a7
3 changed files with 18 additions and 21 deletions

View File

@ -48,12 +48,17 @@ public class CmdInvite extends FCommand {
return;
}
Access access = myFaction.getAccess(fme, PermissableAction.INVITE);
if (access == Access.DENY || (access == Access.UNDEFINED && !assertMinRole(Role.MODERATOR))) {
fme.msg(TL.GENERIC_FPERM_NOPERMISSION, "invite");
if (!fme.isAdminBypassing()) {
Access access = myFaction.getAccess(fme, PermissableAction.INVITE);
if (access == Access.DENY || (access == Access.UNDEFINED && !assertMinRole(Role.MODERATOR))) {
fme.msg(TL.GENERIC_FPERM_NOPERMISSION, "invite");
return;
}
}
if (myFaction.isInvited(target)) {
fme.msg(TL.COMMAND_INVITE_ALREADYINVITED, target.getName());
return;
}
if (myFaction.isBanned(target)) {
fme.msg(TL.COMMAND_INVITE_BANNED, target.getName());
return;

View File

@ -73,40 +73,31 @@ public class CmdKick extends FCommand {
return;
}
// players with admin-level "disband" permission can bypass these requirements
if (!Permission.KICK_ANY.has(sender)) {
// This permission check has been cleaned to be more understandable and logical
// Unless is admin,
// - Check for the kick permission.
// - Make sure the player is in the faction.
// - Make sure the kicked player has lower rank than the kicker.
if (!fme.isAdminBypassing()) {
Access access = myFaction.getAccess(fme, PermissableAction.KICK);
if (access == Access.DENY || (access == Access.UNDEFINED && !assertMinRole(Role.MODERATOR))) {
if (access != Access.ALLOW && fme.getRole() != Role.ADMIN) {
fme.msg(TL.GENERIC_NOPERMISSION, "kick");
return;
}
if (toKickFaction != myFaction) {
msg(TL.COMMAND_KICK_NOTMEMBER, toKick.describeTo(fme, true), myFaction.describeTo(fme));
return;
}
// Check for Access before we check for Role.
if (access != Access.ALLOW && toKick.getRole().value >= fme.getRole().value) {
if (toKick.getRole().value >= fme.getRole().value) {
msg(TL.COMMAND_KICK_INSUFFICIENTRANK);
return;
}
if (!Conf.canLeaveWithNegativePower && toKick.getPower() < 0) {
msg(TL.COMMAND_KICK_NEGATIVEPOWER);
return;
}
}
Access access = myFaction.getAccess(fme, PermissableAction.KICK);
// This statement allows us to check if they've specifically denied it, or default to
// the old setting of allowing moderators to kick
if (access == Access.DENY || (access == Access.UNDEFINED && !assertMinRole(Role.MODERATOR))) {
fme.msg(TL.GENERIC_NOPERMISSION, "kick");
return;
}
// if economy is enabled, they're not on the bypass list, and this command has a cost set, make sure they can pay
if (!canAffordCommand(Conf.econCostKick, TL.COMMAND_KICK_TOKICK.toString())) {
return;

View File

@ -329,6 +329,7 @@ public enum TL {
COMMAND_INVITE_INVITEDYOU("&chas invited you to join "),
COMMAND_INVITE_INVITED("&c&l[!]&7 &c%1$s&7 invited &c%2$s&7 to your faction."),
COMMAND_INVITE_ALREADYMEMBER("&c&l[!]&7 &c%1$s&7 is already a member of&c %2$s"),
COMMAND_INVITE_ALREADYINVITED("&c&l[!]&7 &c%1$s&7 has already been invited"),
COMMAND_INVITE_DESCRIPTION("Invite a player to your faction"),
COMMAND_INVITE_BANNED("&c&l[!]&7 &7%1$s &cis banned &7from your Faction. &cNot &7sending an invite."),