Distinguish domain groups with a leading "@"

2025-08-09 07:19:05 +02:00 · 2020-08-04 21:31:13 +12:00 · 2020-08-04 21:31:13 +12:00 · 6f9b47c07d
commit 6f9b47c07d
parent 60048162c0
4 changed files with 14 additions and 7 deletions
--- a/domain-server/src/DomainGatekeeper.cpp
+++ b/domain-server/src/DomainGatekeeper.cpp
@ -181,7 +181,7 @@ NodePermissions DomainGatekeeper::setPermissionsForUser(bool isLocalUser, QStrin
        auto userGroups = _domainGroupMemberships[verifiedDomainUserName];
        foreach (QString userGroup, userGroups) {
            // Domain groups may be specified as comma- and/or space-separated lists of group names.
-            // For example, "silver gold, platinum".
+            // For example, "@silver @Gold, @platinum".
            auto domainGroups = _server->_settingsManager.getDomainGroupNames()
                .filter(QRegularExpression("^(.*[\\s,])?" + userGroup + "([\\s,].*)?$", 
                    QRegularExpression::CaseInsensitiveOption));
@ -302,7 +302,7 @@ NodePermissions DomainGatekeeper::setPermissionsForUser(bool isLocalUser, QStrin
        auto userGroups = _domainGroupMemberships[verifiedDomainUserName];
        foreach(QString userGroup, userGroups) {
            // Domain groups may be specified as comma- and/or space-separated lists of group names.
-            // For example, "silver gold, platinum".
+            // For example, "@silver @Gold, @platinum".
            auto domainGroups = _server->_settingsManager.getDomainBlacklistGroupNames()
                .filter(QRegularExpression("^(.*[\\s,])?" + userGroup + "([\\s,].*)?$",
                    QRegularExpression::CaseInsensitiveOption));
@ -1277,7 +1277,8 @@ void DomainGatekeeper::requestDomainUserFinished() {
            QStringList domainUserGroups;
            auto userRoles = rootObject.value("roles").toArray();
            foreach (auto role, userRoles) {
-                domainUserGroups.append(role.toString());
+                // Distinguish domain groups from metaverse groups by a leading special character.
                domainUserGroups.append(DOMAIN_GROUP_CHAR + role.toString().toLower());
            }
            _domainGroupMemberships[username] = domainUserGroups;
--- a/domain-server/src/DomainGatekeeper.h
+++ b/domain-server/src/DomainGatekeeper.h
@ -30,6 +30,8 @@
 #include "NodeConnectionData.h"
 #include "PendingAssignedNodeData.h"
 const QString DOMAIN_GROUP_CHAR = "@";
 class DomainServer;
 class DomainGatekeeper : public QObject {
--- a/domain-server/src/DomainServerSettingsManager.cpp
+++ b/domain-server/src/DomainServerSettingsManager.cpp
@ -1966,6 +1966,10 @@ void DomainServerSettingsManager::apiRefreshGroupInformation() {
    QStringList groupNames = getAllKnownGroupNames();
    foreach (QString groupName, groupNames) {
        QString lowerGroupName = groupName.toLower();
        if (lowerGroupName.contains(DOMAIN_GROUP_CHAR)) {
            // Ignore domain groups.
            return;
        }
        if (_groupIDs.contains(lowerGroupName)) {
            // we already know about this one.  recall setGroupID in case the group has been
            // added to another section (the same group is found in both groups and blacklists).
--- a/domain-server/src/DomainServerSettingsManager.h
+++ b/domain-server/src/DomainServerSettingsManager.h
@ -19,11 +19,11 @@
 #include <HifiConfigVariantMap.h>
 #include <HTTPManager.h>
 #include <ReceivedMessage.h>
 #include "NodePermissions.h"
 #include <Node.h>
 #include <ReceivedMessage.h>
 #include "DomainGatekeeper.h"
 #include "NodePermissions.h"
 const QString SETTINGS_PATHS_KEY = "paths";