Fixed a permission bug
This commit is contained in:
WolverinDEV
@@ -3426,46 +3426,57 @@ CommandResult ConnectedClient::handleCommandSetClientChannelGroup(Command &cmd)
|
||||
CMD_CHK_AND_INC_FLOOD_POINTS(25);
|
||||
|
||||
auto serverGroup = this->server->groups->findGroup(cmd["cgid"].as<GroupId>());
|
||||
if (!serverGroup && cmd["gcid"].as<GroupId>() == 0)
|
||||
if (!serverGroup && cmd["cgid"].as<GroupId>() == 0)
|
||||
serverGroup = this->server->groups->defaultGroup(GroupTarget::GROUPTARGET_CHANNEL);
|
||||
|
||||
if (!serverGroup || serverGroup->target() != GROUPTARGET_CHANNEL)
|
||||
return {findError("parameter_invalid"), "invalid channel group id"};
|
||||
|
||||
shared_lock server_channel_lock(this->server->channel_tree_lock); /* ensure we dont get moved or somebody could move us */
|
||||
std::shared_ptr<BasicChannel> channel = this->server->channelTree->findChannel(cmd["cid"].as<ChannelId>());
|
||||
auto channel_id = cmd["cid"].as<ChannelId>();
|
||||
auto channel = this->server->channelTree->findChannel(channel_id);
|
||||
if (!channel) return {findError("channel_invalid_id"), "Cant resolve channel"};
|
||||
|
||||
auto target_cldbid = cmd["cldbid"].as<ClientDbId>();
|
||||
{
|
||||
|
||||
if(!serverGroup->permission_granted(permission::i_channel_group_member_add_power, this->calculate_permission_value(permission::i_channel_group_member_add_power, -1), true)) {
|
||||
auto channel_group_member_add_power = this->calculate_permission_value(permission::i_channel_group_member_add_power, channel_id);
|
||||
if(!serverGroup->permission_granted(permission::i_channel_group_needed_member_add_power, channel_group_member_add_power, true)) {
|
||||
if(target_cldbid != this->getClientDatabaseId())
|
||||
return CommandResultPermissionError{permission::i_channel_group_member_add_power};
|
||||
if(!serverGroup->permission_granted(permission::i_channel_group_member_add_power, this->calculate_permission_value(permission::i_channel_group_self_add_power, -1), true))
|
||||
|
||||
auto channel_group_self_add_power = this->calculate_permission_value(permission::i_channel_group_self_add_power, channel_id);
|
||||
if(!serverGroup->permission_granted(permission::i_channel_group_needed_member_add_power, channel_group_self_add_power, true))
|
||||
return CommandResultPermissionError{permission::i_channel_group_self_add_power};
|
||||
}
|
||||
|
||||
|
||||
auto needed_client_permission = this->server->calculatePermission(permission::PERMTEST_ORDERED, target_cldbid, permission::i_client_needed_permission_modify_power, ClientType::CLIENT_TEAMSPEAK,nullptr);
|
||||
if(needed_client_permission != permNotGranted) {
|
||||
if(!this->permission_granted(this->permissionValue(permission::i_client_permission_modify_power), needed_client_permission))
|
||||
return CommandResultPermissionError{permission::i_client_needed_permission_modify_power};
|
||||
}
|
||||
auto client_permission_modify_power = this->calculate_permission_value(permission::i_client_permission_modify_power, channel_id);
|
||||
auto client_needed_permission_modify_power = this->server->calculatePermission2(
|
||||
permission::i_client_needed_permission_modify_power, target_cldbid, ClientType::CLIENT_TEAMSPEAK, channel_id);
|
||||
|
||||
|
||||
if(client_needed_permission_modify_power.has_value) {
|
||||
if(!this->permission_granted(client_permission_modify_power, client_needed_permission_modify_power.value, true))
|
||||
return CommandResultPermissionError{permission::i_client_permission_modify_power};
|
||||
}
|
||||
}
|
||||
|
||||
auto oldGroup = this->server->groups->getChannelGroupExact(target_cldbid, channel, false);
|
||||
if(oldGroup) {
|
||||
if(!serverGroup->permission_granted(permission::i_channel_group_member_remove_power, this->calculate_permission_value(permission::i_channel_group_member_remove_power, -1), true)) {
|
||||
if(target_cldbid != this->getClientDatabaseId())
|
||||
return CommandResultPermissionError{permission::i_channel_group_member_remove_power};
|
||||
if(!serverGroup->permission_granted(permission::i_channel_group_member_remove_power, this->calculate_permission_value(permission::i_channel_group_self_remove_power, -1), true))
|
||||
return CommandResultPermissionError{permission::i_channel_group_self_remove_power};
|
||||
{
|
||||
auto old_group = this->server->groups->getChannelGroupExact(target_cldbid, channel, false);
|
||||
if(old_group) {
|
||||
auto channel_group_member_remove_power = this->calculate_permission_value(permission::i_channel_group_member_remove_power, channel_id);
|
||||
if(!serverGroup->permission_granted(permission::i_channel_group_needed_member_remove_power, channel_group_member_remove_power, true)) {
|
||||
if(target_cldbid != this->getClientDatabaseId())
|
||||
return CommandResultPermissionError{permission::i_channel_group_member_remove_power};
|
||||
|
||||
auto channel_group_self_remove_power = this->calculate_permission_value(permission::i_channel_group_self_remove_power, channel_id);
|
||||
if(!serverGroup->permission_granted(permission::i_channel_group_needed_member_remove_power, channel_group_self_remove_power, true))
|
||||
return CommandResultPermissionError{permission::i_channel_group_self_remove_power};
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
this->server->groups->setChannelGroup(target_cldbid, serverGroup, channel);
|
||||
|
||||
for (const auto &targetClient : this->server->findClientsByCldbId(target_cldbid)) {
|
||||
unique_lock client_channel_lock_w(targetClient->channel_lock);
|
||||
auto updates = this->server->groups->update_server_group_property(targetClient, false, targetClient->getChannel()); /* needs a write lock */
|
||||
|
||||
Reference in New Issue
Block a user