[FIXED] /BanIP bans untouchable players

Fixed bugs, solved problems, and old reports.
Locked
User avatar
Hellenion
Offline
Posts: 220
Joined: October 20th, 2011, 9:20 am
Location: Subnet
Contact:

[FIXED] /BanIP bans untouchable players

Post by Hellenion »

Once a player gets the BanIP permission, any limit on their banning capabilities is nullified, since they can simply ban the IP address of any player, including, for example, the Owner's IP.

When banning an IP address, any players on that IP address that you should not be able to affect must get a ban exemption. Likewise with /Banall
A = {x ∈ P(U) | x ∉ x}
Mods:
  1. /Su - Allows players to temporarily become a different rank
  2. /Snap - Like /Line but only draws straight or diagonal lines.
  3. pre-0.630 skip/none block

User avatar
fragmer
fCraft Developer
Offline
Posts: 1386
Joined: May 21st, 2011, 10:53 pm

Re: /BanIP bans untouchable players

Post by fragmer »

Since fCraft 0.600, there have been checks in place to prevent what you are describing. IPBanList.BanIP (/banip <ip>), IPBanList.BanAll (/banall <ip>), PlayerInfo.BanIP (/banip <player>), and PlayerInfo.BanAll (/banall <player>) all perform this check.

If player who wrote the command does not have permission to ban ANYONE on the given IP address, the ban is denied.

Relevant bits of code (0.630_r1711):

Code: Select all

// IPBanList.BanIP - IPBanList.cs:280-285
// Check if any high-ranked players use this address
PlayerInfo infoWhomPlayerCantBan = PlayerDB.FindPlayers( targetAddress )
                                           .FirstOrDefault( info => !player.Can( Permission.Ban, info.Rank ) );
if( infoWhomPlayerCantBan != null ) {
    PlayerOpException.ThrowPermissionLimitIP( player, infoWhomPlayerCantBan, targetAddress );
}

Code: Select all

// IPBanList.BanAll - IPBanList.cs:430-435
// Check if any high-ranked players use this address
PlayerInfo[] allPlayersOnIP = PlayerDB.FindPlayers( targetAddress );
PlayerInfo infoWhomPlayerCantBan = allPlayersOnIP.FirstOrDefault( info => !player.Can( Permission.Ban, info.Rank ) );
if( infoWhomPlayerCantBan != null ) {
    PlayerOpException.ThrowPermissionLimitIP( player, infoWhomPlayerCantBan, targetAddress );
}

Code: Select all

// PlayerInfo.BanIP - PlayerInfo.Actions.cs:171-176
// Check if any high-ranked players use this address
PlayerInfo unbannable = PlayerDB.FindPlayers( address )
                                .FirstOrDefault( info => !player.Can( Permission.Ban, info.Rank ) );
if( unbannable != null ) {
    PlayerOpException.ThrowPermissionLimitIP( player, unbannable, address );
}

Code: Select all

// PlayerInfo.BanAll - PlayerInfo.Actions.cs:365-370
// Check if any high-ranked players use this address
PlayerInfo[] allPlayersOnIP = PlayerDB.FindPlayers( address );
PlayerInfo infoWhomPlayerCantBan = allPlayersOnIP.FirstOrDefault( info => !player.Can( Permission.Ban, info.Rank ) );
if( infoWhomPlayerCantBan != null ) {
    PlayerOpException.ThrowPermissionLimitIP( player, infoWhomPlayerCantBan, address );
}

Locked