Andreas/evennia
1
0
Fork 0
mirror of https://github.com/evennia/evennia.git synced 2026-03-24 00:36:30 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Check non-hierarchical perms on both account and puppet. Resolve #2351.

Browse source
This commit is contained in:
Griatch 2021-08-07 09:32:46 +02:00
parent 37072686fc
commit 01eeaccfdc
1 changed files with 10 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

11
evennia/locks/lockfuncs.py
View file

@ -96,6 +96,9 @@ def perm(accessing_obj, accessed_obj, *args, **kwargs):
(this is order to avoid Accounts potentially escalating their own permissions
by use of a higher-level Object)
For non-hierarchical permissions, a puppeted object's account is checked first,
followed by the puppet (unless quelled, when only puppet's access is checked).
"""
# this allows the perm_above lockfunc to make use of this function too
try:
@ -169,11 +172,17 @@ def perm(accessing_obj, accessed_obj, *args, **kwargs):
else:
# no hierarchy match - check direct matches
if account:
# account exists, check it first unless quelled
# account exists
if is_quell and permission in perms_object:
# if quelled, first check object
return True
elif permission in perms_account:
# unquelled - check account
return True
else:
# no account-pass, check object pass
return permission in perms_object
elif permission in perms_object:
return True