Bypass permission when execute a command

Discussion in 'Spigot Plugin Development' started by TheDarkSword01, Aug 7, 2018.

  1. I have developed a permission management plugin, I would like to know how to make the player that has permission * run any command. (It is not an option Op the player in the PlayerCommandPreprocessEvent event).
    Thanks in advance.
     
  2. To my knowledge, this can't be done. The asterisk (*) has no special meaning to permission resolution; it is not an actual wildcard. It's a custom that plugins may define the asterisk permission to give all plugin perms, for example "yourplugin.*". To do so, they have have to set up child permissions accordingly in the plugin.yml.
    Code (Text):
    permissions:
      yourplugin.*:
        children:
        - yourplugin.user
        - yourplugin.cmd
        - yourplugin.admin
        etc.
    So this setup would make it so "yourplugin.*" implies all the child permission. Child permissions don't have to be granted if the asterisk permission is granted instead. Spigot makes that happen with their internal permission routines.

    I believe that PermissionsEx accomplished the asterisk permission to be treated as an actual wildcard by injecing their own permisson check into Bukkit, but I would not recommend doing that.

    Edit: Or, if you only care about the command and not so much about doing permissions right, you could listen for PlayerCommandPreprocessEvent and parse the input manually, find the command via Server#getPluginCommand, then execute it manually. I bet it would work, but it strikes me as very bad style. I don't recommend it.
     
    #2 StarTux, Aug 7, 2018
    Last edited: Aug 7, 2018
  3. I had tried long ago to give permission of all plugins when permission was given * but it did not work on all plugins as some of them do not handle them from the plugin.yml but internally
     
  4. If you mean that you made a permission plugin and can't make the wildcard * work, then that is the fault of Bukkit. The way permission plugins do it is they make a class which extends PermissibleBase and then inject that to each player that joins. Then you have full control over the hasPermission method.