diff --git a/domain-server/resources/describe-settings.json b/domain-server/resources/describe-settings.json
index 2b7cfc9a74..bb067877aa 100644
--- a/domain-server/resources/describe-settings.json
+++ b/domain-server/resources/describe-settings.json
@@ -463,7 +463,7 @@
"span": 2
},
{
- "label": "Permissions ?",
+ "label": "Permissions ?",
"span": 6
}
],
@@ -639,7 +639,7 @@
"span": 1
},
{
- "label": "Permissions ?",
+ "label": "Permissions ?",
"span": 6
}
],
diff --git a/domain-server/src/DomainGatekeeper.cpp b/domain-server/src/DomainGatekeeper.cpp
index eb311d3aa7..f8d63201be 100644
--- a/domain-server/src/DomainGatekeeper.cpp
+++ b/domain-server/src/DomainGatekeeper.cpp
@@ -126,37 +126,37 @@ NodePermissions DomainGatekeeper::applyPermissionsForUser(bool isLocalUser,
if (isLocalUser) {
userPerms |= _server->_settingsManager.getStandardPermissionsForName(NodePermissions::standardNameLocalhost);
- #ifdef WANT_DEBUG
+#ifdef WANT_DEBUG
qDebug() << "| user-permissions: is local user, so:" << userPerms;
- #endif
+#endif
}
if (verifiedUsername.isEmpty()) {
userPerms |= _server->_settingsManager.getStandardPermissionsForName(NodePermissions::standardNameAnonymous);
- #ifdef WANT_DEBUG
+#ifdef WANT_DEBUG
qDebug() << "| user-permissions: unverified or no username for" << userPerms.getID() << ", so:" << userPerms;
- #endif
+#endif
} else {
if (_server->_settingsManager.havePermissionsForName(verifiedUsername)) {
userPerms = _server->_settingsManager.getPermissionsForName(verifiedUsername);
userPerms.setVerifiedUserName(verifiedUsername);
- #ifdef WANT_DEBUG
+#ifdef WANT_DEBUG
qDebug() << "| user-permissions: specific user matches, so:" << userPerms;
- #endif
+#endif
} else {
userPerms.setVerifiedUserName(verifiedUsername);
// they are logged into metaverse, but we don't have specific permissions for them.
userPerms |= _server->_settingsManager.getStandardPermissionsForName(NodePermissions::standardNameLoggedIn);
- #ifdef WANT_DEBUG
+#ifdef WANT_DEBUG
qDebug() << "| user-permissions: user is logged-into metaverse, so:" << userPerms;
- #endif
+#endif
// if this user is a friend of the domain-owner, give them friend's permissions
if (_domainOwnerFriends.contains(verifiedUsername)) {
userPerms |= _server->_settingsManager.getStandardPermissionsForName(NodePermissions::standardNameFriends);
- #ifdef WANT_DEBUG
+#ifdef WANT_DEBUG
qDebug() << "| user-permissions: user is friends with domain-owner, so:" << userPerms;
- #endif
+#endif
}
// if this user is a known member of a group, give them the implied permissions
@@ -166,10 +166,10 @@ NodePermissions DomainGatekeeper::applyPermissionsForUser(bool isLocalUser,
userPerms |= _server->_settingsManager.getPermissionsForGroup(groupID, rankID);
GroupRank rank = _server->_settingsManager.getGroupRank(groupID, rankID);
- #ifdef WANT_DEBUG
+#ifdef WANT_DEBUG
qDebug() << "| user-permissions: user is in group:" << groupID << " rank:"
<< rank.name << "so:" << userPerms;
- #endif
+#endif
}
}
@@ -182,19 +182,19 @@ NodePermissions DomainGatekeeper::applyPermissionsForUser(bool isLocalUser,
userPerms &= ~_server->_settingsManager.getForbiddensForGroup(groupID, rankID);
GroupRank rank = _server->_settingsManager.getGroupRank(groupID, rankID);
- #ifdef WANT_DEBUG
+#ifdef WANT_DEBUG
qDebug() << "| user-permissions: user is in blacklist group:" << groupID << " rank:" << rank.name
<< "so:" << userPerms;
- #endif
+#endif
}
}
}
}
}
- #ifdef WANT_DEBUG
+#ifdef WANT_DEBUG
qDebug() << "| user-permissions: final:" << userPerms;
- #endif
+#endif
return userPerms;
}
@@ -529,7 +529,7 @@ void DomainGatekeeper::requestUserPublicKey(const QString& username) {
// public-key request for this username is already flight, not rerequesting
return;
}
- _inFlightPublicKeyRequests[lowerUsername] = true;
+ _inFlightPublicKeyRequests += lowerUsername;
// even if we have a public key for them right now, request a new one in case it has just changed
JSONCallbackParameters callbackParams;
@@ -721,35 +721,6 @@ void DomainGatekeeper::processICEPingReplyPacket(QSharedPointer
}
}
-// void DomainGatekeeper::getGroupMemberships(const QString& username) {
-// // loop through the groups mentioned on the settings page and ask if this user is in each. The replies
-// // will be received asynchronously and permissions will be updated as the answers come in.
-// QList groupIDs = _server->_settingsManager.getGroupIDs() + _server->_settingsManager.getBlacklistGroupIDs();
-// // TODO -- use alternative that allows checking entire group list in one call
-// foreach (QUuid groupID, groupIDs) {
-// if (groupID.isNull()) {
-// continue;
-// }
-// getIsGroupMember(username, groupID);
-// }
-// }
-
-// void DomainGatekeeper::getIsGroupMember(const QString& username, const QUuid groupID) {
-// JSONCallbackParameters callbackParams;
-// callbackParams.jsonCallbackReceiver = this;
-// callbackParams.jsonCallbackMethod = "getIsGroupMemberJSONCallback";
-// callbackParams.errorCallbackReceiver = this;
-// callbackParams.errorCallbackMethod = "getIsGroupMemberErrorCallback";
-
-// const QString GET_IS_GROUP_MEMBER_PATH = "api/v1/groups/%1/members/%2";
-// QString groupIDStr = groupID.toString().mid(1,36);
-// DependencyManager::get()->sendRequest(GET_IS_GROUP_MEMBER_PATH.arg(groupIDStr).arg(username),
-// AccountManagerAuth::Required,
-// QNetworkAccessManager::GetOperation, callbackParams);
-// }
-
-
-
void DomainGatekeeper::getGroupMemberships(const QString& username) {
// loop through the groups mentioned on the settings page and ask if this user is in each. The replies
// will be received asynchronously and permissions will be updated as the answers come in.
@@ -839,7 +810,7 @@ void DomainGatekeeper::getDomainOwnerFriendsListJSONCallback(QNetworkReply& requ
QJsonArray friends = jsonObject["data"].toObject()["users"].toArray();
for (int i = 0; i < friends.size(); i++) {
QString friendUserName = friends.at(i).toObject()["username"].toString();
- _domainOwnerFriends[friendUserName] = true;
+ _domainOwnerFriends += friendUserName;
}
} else {
qDebug() << "getDomainOwnerFriendsList api call returned:" << QJsonDocument(jsonObject).toJson(QJsonDocument::Compact);
@@ -859,8 +830,8 @@ void DomainGatekeeper::refreshGroupsCache() {
nodeList->eachNode([&](const SharedNodePointer& node) {
if (!node->getPermissions().isAssignment) {
// this node is an agent
- QString verifiedUserName = node->getPermissions().getVerifiedUserName();
- if (verifiedUserName != "") {
+ const QString& verifiedUserName = node->getPermissions().getVerifiedUserName();
+ if (verifiedUserName.isEmpty()) {
getGroupMemberships(verifiedUserName);
}
agentCount++;
@@ -873,7 +844,7 @@ void DomainGatekeeper::refreshGroupsCache() {
updateNodePermissions();
- #if WANT_DEBUG
+#if WANT_DEBUG
_server->_settingsManager.debugDumpGroupsState();
- #endif
+#endif
}
diff --git a/domain-server/src/DomainGatekeeper.h b/domain-server/src/DomainGatekeeper.h
index a18554338a..a10db7420d 100644
--- a/domain-server/src/DomainGatekeeper.h
+++ b/domain-server/src/DomainGatekeeper.h
@@ -102,8 +102,8 @@ private:
QHash _connectionTokenHash;
QHash _userPublicKeys;
- QHash _inFlightPublicKeyRequests; // keep track of which we've already asked for
- QHash _domainOwnerFriends; // keep track of friends of the domain owner
+ QSet _inFlightPublicKeyRequests; // keep track of which we've already asked for
+ QSet _domainOwnerFriends; // keep track of friends of the domain owner
NodePermissions applyPermissionsForUser(bool isLocalUser, NodePermissions userPerms, QString verifiedUsername);
void getGroupMemberships(const QString& username);
diff --git a/domain-server/src/DomainServerSettingsManager.cpp b/domain-server/src/DomainServerSettingsManager.cpp
index 9d2d4c83ee..2012bf131f 100644
--- a/domain-server/src/DomainServerSettingsManager.cpp
+++ b/domain-server/src/DomainServerSettingsManager.cpp
@@ -1164,17 +1164,17 @@ QStringList DomainServerSettingsManager::getAllKnownGroupNames() {
// extract all the group names from the group-permissions and group-forbiddens settings
QSet result;
- QHashIterator i_permissions(_groupPermissions.get());
- while (i_permissions.hasNext()) {
- i_permissions.next();
- NodePermissionsKey key = i_permissions.key();
+ QHashIterator i(_groupPermissions.get());
+ while (i.hasNext()) {
+ i.next();
+ NodePermissionsKey key = i.key();
result += key.first;
}
- QHashIterator i_forbiddens(_groupForbiddens.get());
- while (i_forbiddens.hasNext()) {
- i_forbiddens.next();
- NodePermissionsKey key = i_forbiddens.key();
+ QHashIterator j(_groupForbiddens.get());
+ while (j.hasNext()) {
+ j.next();
+ NodePermissionsKey key = j.key();
result += key.first;
}
@@ -1186,20 +1186,20 @@ bool DomainServerSettingsManager::setGroupID(const QString& groupName, const QUu
_groupIDs[groupName.toLower()] = groupID;
_groupNames[groupID] = groupName;
- QHashIterator i_permissions(_groupPermissions.get());
- while (i_permissions.hasNext()) {
- i_permissions.next();
- NodePermissionsPointer perms = i_permissions.value();
+ QHashIterator i(_groupPermissions.get());
+ while (i.hasNext()) {
+ i.next();
+ NodePermissionsPointer perms = i.value();
if (perms->getID().toLower() == groupName.toLower() && !perms->isGroup()) {
changed = true;
perms->setGroupID(groupID);
}
}
- QHashIterator i_forbiddens(_groupForbiddens.get());
- while (i_forbiddens.hasNext()) {
- i_forbiddens.next();
- NodePermissionsPointer perms = i_forbiddens.value();
+ QHashIterator j(_groupForbiddens.get());
+ while (j.hasNext()) {
+ j.next();
+ NodePermissionsPointer perms = j.value();
if (perms->getID().toLower() == groupName.toLower() && !perms->isGroup()) {
changed = true;
perms->setGroupID(groupID);
diff --git a/libraries/networking/src/NodePermissions.h b/libraries/networking/src/NodePermissions.h
index 37aea6dd05..610d0a68aa 100644
--- a/libraries/networking/src/NodePermissions.h
+++ b/libraries/networking/src/NodePermissions.h
@@ -33,17 +33,17 @@ public:
NodePermissions(const NodePermissionsKey& key) { _id = key.first.toLower(); _rankID = key.second; }
NodePermissions(QMap perms);
- QString getID() const { return _id; } // a user-name or a group-name, not verified
+ const QString& getID() const { return _id; } // a user-name or a group-name, not verified
void setRankID(QUuid& rankID) { _rankID = rankID; }
- QUuid getRankID() const { return _rankID; }
+ const QUuid& getRankID() const { return _rankID; }
NodePermissionsKey getKey() const { return NodePermissionsKey(_id, _rankID); }
// the _id member isn't authenticated/verified and _username is.
void setVerifiedUserName(QString userName) { _verifiedUserName = userName.toLower(); }
- QString getVerifiedUserName() const { return _verifiedUserName; }
+ const QString& getVerifiedUserName() const { return _verifiedUserName; }
void setGroupID(QUuid groupID) { _groupID = groupID; if (!groupID.isNull()) { _groupIDSet = true; }}
- QUuid getGroupID() const { return _groupID; }
+ const QUuid& getGroupID() const { return _groupID; }
bool isGroup() const { return _groupIDSet; }
bool isAssignment { false };