From 7ecc4d724f015face89f2d38e207923e476ed3ef Mon Sep 17 00:00:00 2001 From: rubenseyer Date: Wed, 10 Jun 2020 21:50:56 +0200 Subject: [PATCH] Fix minor errors breaking ACL groups * ACL groups incorrectly instantiated without userid -1 leading to many spurious SuperUser ACLs * Regular user anti-lockout had incorrect logic --- cmd/grumble/freeze.go | 2 +- cmd/grumble/message.go | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/cmd/grumble/freeze.go b/cmd/grumble/freeze.go index a8dbcfe..2da2b72 100644 --- a/cmd/grumble/freeze.go +++ b/cmd/grumble/freeze.go @@ -262,7 +262,7 @@ func (c *Channel) Unfreeze(fc *freezer.Channel) { if fgrp.Name == nil { continue } - g := acl.Group{} + g := acl.EmptyGroupWithName(fgrp.GetName()) if fgrp.Inherit != nil { g.Inherit = *fgrp.Inherit } diff --git a/cmd/grumble/message.go b/cmd/grumble/message.go index 417faba..cd4497a 100644 --- a/cmd/grumble/message.go +++ b/cmd/grumble/message.go @@ -1211,6 +1211,7 @@ func (server *Server) handleAclMessage(client *Client, msg *Message) { if pbacl.UserId != nil { chanacl.UserId = int(*pbacl.UserId) } else { + chanacl.UserId = -1 chanacl.Group = *pbacl.Group } chanacl.Deny = acl.Permission(*pbacl.Deny & acl.AllPermissions) @@ -1223,13 +1224,14 @@ func (server *Server) handleAclMessage(client *Client, msg *Message) { server.ClearCaches() // Regular user? - if !acl.HasPermission(&channel.ACL, client, acl.WritePermission) && client.IsRegistered() || client.HasCertificate() { + if !acl.HasPermission(&channel.ACL, client, acl.WritePermission) && (client.IsRegistered() || client.HasCertificate()) { chanacl := acl.ACL{} chanacl.ApplyHere = true chanacl.ApplySubs = false if client.IsRegistered() { chanacl.UserId = client.UserId() } else if client.HasCertificate() { + chanacl.UserId = -1 chanacl.Group = "$" + client.CertHash() } chanacl.Deny = acl.Permission(acl.NonePermission)