Fix minor errors breaking ACL groups

* ACL groups incorrectly instantiated without userid -1 leading to many spurious SuperUser ACLs * Regular user anti-lockout had incorrect logic
2025-12-19 21:59:59 -08:00 · 2020-06-10 21:50:56 +02:00 · 2020-06-10 21:50:56 +02:00 · 7ecc4d724f
commit 7ecc4d724f
parent 6f8c2bf2f5
2 changed files with 4 additions and 2 deletions
--- a/cmd/grumble/freeze.go
+++ b/cmd/grumble/freeze.go
@ -262,7 +262,7 @@ func (c *Channel) Unfreeze(fc *freezer.Channel) {
 			if fgrp.Name == nil {
 				continue
 			}
-			g := acl.Group{}
+			g := acl.EmptyGroupWithName(fgrp.GetName())
 			if fgrp.Inherit != nil {
 				g.Inherit = *fgrp.Inherit
 			}
--- a/cmd/grumble/message.go
+++ b/cmd/grumble/message.go
@ -1211,6 +1211,7 @@ func (server *Server) handleAclMessage(client *Client, msg *Message) {
 			if pbacl.UserId != nil {
 				chanacl.UserId = int(*pbacl.UserId)
 			} else {
+				chanacl.UserId = -1
 				chanacl.Group = *pbacl.Group
 			}
 			chanacl.Deny = acl.Permission(*pbacl.Deny & acl.AllPermissions)
@ -1223,13 +1224,14 @@ func (server *Server) handleAclMessage(client *Client, msg *Message) {
 		server.ClearCaches()

 		// Regular user?
-		if !acl.HasPermission(&channel.ACL, client, acl.WritePermission) && client.IsRegistered() || client.HasCertificate() {
+		if !acl.HasPermission(&channel.ACL, client, acl.WritePermission) && (client.IsRegistered() || client.HasCertificate()) {
 			chanacl := acl.ACL{}
 			chanacl.ApplyHere = true
 			chanacl.ApplySubs = false
 			if client.IsRegistered() {
 				chanacl.UserId = client.UserId()
 			} else if client.HasCertificate() {
+				chanacl.UserId = -1
 				chanacl.Group = "$" + client.CertHash()
 			}
 			chanacl.Deny = acl.Permission(acl.NonePermission)