Solved Bypass permission check

Hey guys, I'm currently recoding my SimpleAlias plugin and I wanted to implement that players don't need to have permissions for the commands bound to the alias they're using. So my question is, is there any better solution than set the player OP before he executes the command and revoke OP afterwards? I have also tried to do something with Vault Permissions but I didn't succeed.

 

Just simply skip the check for permissions. Promoting to OP is a bad idea since it could have horrible consequences if it fails to revoke.

 

DarkBladee12 Hook into vault check permission for the command that is bound then give the player the permission when the action is over then revoke the command ?

Other option..... Use Reflection in order to bypass the need of permissions.

 

Goblom There's no easy way to find out the permission of a specific command since most plugins handle permissions for commands by themselves! (especially sub commands) What value would I need to change via reflection to bypass the permission check for a specific player?

 

DarkBladee12 Maybe forcing hasPermission to return true no matter what? (I don't know Reflection very well)

Don't know if these will help

 

Goblom Okay I'll try to find a way to override methods with reflection. I've dug around in the source of Bukkit/CraftBukkit and there's no way to override any values or other methods so I'm going to try it with the "hasPermission" method

Goblom Unfortunately it's currently not possible to override methods with the reflection API, I've also searched for a way to handle this somehow with PermissionAttachment but this won't work either! Do you have any other ideas? If not the set OP and revoke OP will be the only way to deal with that.

EDIT by Moderator: merged posts, please use the edit button instead of double posting.

 

Just use the bukkit API....

http://jd.bukkit.org/rb/apidocs/org....html#addAttachment(org.bukkit.plugin.Plugin)

 

1Rogue I want to bypass all permission checks for a player after executing commands from the alias. So this won't help me since I can't get the permission of a command...

 

DarkBladee12

What about creating a 'fake' player and giving that fake player OP.
When the normal player runs the alias command the command the alias runs goes through the fake player and all output is then relayed back to player running the alias?

 

If there is no way to get the concrete permission node which is checked (because of sub-commands) and you are now trying to let all permission checks bypass anyways, then I would keep going with the setting and revoking of OP like your are already doing it.. because there is no great difference / letting the player bypass all permissions checks has no advantages (but maybe even disadvantages because of permissions with negative effects).

 

Goblom it's not possible to give OP especially to a fake player, because it's handled by the minecraft server. So giving OP to the fake player would also make the real player OP! But it seems like this is the only way to do this for now. Thanks anyways Goblom blablubbabc

 

DarkBladee12 Maybe this can help you create that fake player. Its coming from the plugin Virtual Player

https://github.com/alkarinv/Virtual...s/src/mc/alk/virtualPlayer/VirtualPlayer.java

 

Goblom Well this would actually work, but I think if I override the "isOp" method in the fake player class it would be like he's really OP so giving OP normally and revoke it afterwards will be just fine. That's the code I'm now currently using:

Code:java

                Player p = (Player) sender;
                boolean grant = !p.isOp();
                if (grant)
                    p.setOp(true);
                PlayerCommandPreprocessEvent e = new PlayerCommandPreprocessEvent(p, "/" + command);
                Bukkit.getPluginManager().callEvent(e);
                if (!e.isCancelled())
                    try {
                        p.performCommand(StringUtil.stripFirstSlash(e.getMessage()));
                    } catch (Exception ex) {
                        // should not get here, just for safety
                    }
                if (grant)
                    p.setOp(false);