Don't rez own avatar entities if don't have permission

interface/src/avatar/MyAvatar.cpp

@@ -278,6 +278,9 @@ MyAvatar::MyAvatar(QThread* thread) :
     // when we leave a domain we lift whatever restrictions that domain may have placed on our scale
     connect(&domainHandler, &DomainHandler::disconnectedFromDomain, this, &MyAvatar::leaveDomain);
 
+    auto nodeList = DependencyManager::get<NodeList>();
+    connect(nodeList.data(), &NodeList::canRezAvatarEntitiesChanged, this, &MyAvatar::handleCanRezAvatarEntitiesChanged);
+
     _bodySensorMatrix = deriveBodyFromHMDSensor();
 
     using namespace recording;
@@ -1533,6 +1536,11 @@ void MyAvatar::storeAvatarEntityDataPayload(const QUuid& entityID, const QByteAr
 
 void MyAvatar::clearAvatarEntity(const QUuid& entityID, bool requiresRemovalFromTree) {
     // NOTE: the requiresRemovalFromTree argument is unused
+    if (!DependencyManager::get<NodeList>()->getThisNodeCanRezAvatarEntities()) {
+        // Don't delete potentially non-rezzed avatar entities, otherwise they're removed from settings.
+        return;
+    }
+
     AvatarData::clearAvatarEntity(entityID);
     _avatarEntitiesLock.withWriteLock([&] {
         _cachedAvatarEntityBlobsToDelete.push_back(entityID);
@@ -1564,6 +1572,25 @@ void MyAvatar::sanitizeAvatarEntityProperties(EntityItemProperties& properties)
     properties.markAllChanged();
 }
 
+void MyAvatar::addAvatarEntitiesToTree() {
+    AvatarEntityMap::const_iterator constItr = _cachedAvatarEntityBlobs.begin();
+    while (constItr != _cachedAvatarEntityBlobs.end()) {
+        QUuid id = constItr.key();
+        _entitiesToAdd.push_back(id);  // worked once: hat shown. then unshown when permissions removed but then entity was deleted somewhere along the line!
+        ++constItr;
+    }
+}
+
+void MyAvatar::handleCanRezAvatarEntitiesChanged(bool canRezAvatarEntities) {
+    if (canRezAvatarEntities) {
+        // Start displaying avatar entities.
+        addAvatarEntitiesToTree();
+    } else {
+        // Stop displaying avatar entities.
+        removeAvatarEntitiesFromTree();
+    }
+}
+
 void MyAvatar::handleChangedAvatarEntityData() {
     // NOTE: this is a per-frame update
     if (getID().isNull() ||

interface/src/avatar/MyAvatar.h

@@ -2656,6 +2656,7 @@ private slots:
 
 protected:
     void handleChangedAvatarEntityData();
+    void handleCanRezAvatarEntitiesChanged(bool canRezAvatarEntities);
     virtual void beParentOfChild(SpatiallyNestablePointer newChild) const override;
     virtual void forgetChild(SpatiallyNestablePointer newChild) const override;
     virtual void recalculateChildCauterization() const override;
@@ -2710,6 +2711,7 @@ private:
     void attachmentDataToEntityProperties(const AttachmentData& data, EntityItemProperties& properties);
     AttachmentData entityPropertiesToAttachmentData(const EntityItemProperties& properties) const;
     bool findAvatarEntity(const QString& modelURL, const QString& jointName, QUuid& entityID);
+    void addAvatarEntitiesToTree();
 
     bool cameraInsideHead(const glm::vec3& cameraPosition) const;
 

libraries/networking/src/NodeList.cpp

@@ -1385,10 +1385,6 @@ void NodeList::startThread() {
 void NodeList::adjustCanRezAvatarEntitiesPermissions(const QJsonObject& domainSettingsObject,
         NodePermissions& permissions, bool notify) {
 
-    if (domainSettingsObject.isEmpty()) {
-        // We don't have the information necessary to adjust permissions, yet.
-        return;
-    }
 
     const double CANREZAVATARENTITIES_INTRODUCED_VERSION = 2.5;
     auto version = domainSettingsObject.value("version");