ULX

Author Topic: Banid and kickid don't check can target  (Read 3276 times)

0 Members and 1 Guest are viewing this topic.

Offline BigBrainAFK

  • Newbie
  • *
  • Posts: 15
  • Karma: 0
Banid and kickid don't check can target
« on: April 25, 2015, 02:08:15 PM »
Hello,

as I mentioned in another thread I have the problem that everyone with banid / kickid rights can ban / kick every SteamID even if the SteamID is from an user in a group that he can't target.

Offline MrPresident

  • Ulysses Team Member
  • Hero Member
  • *****
  • Posts: 2728
  • Karma: 430
    • |G4P| Gman4President
Re: Banid and kickid don't check can target
« Reply #1 on: April 25, 2015, 03:32:28 PM »
When you ban or kick an ID, it just does it. It doesn't reverse check the ID and compare it against a possible list of users and their groups.

An ID is an ID, it's not a player and therefor doesn't have a group for ULX to check against.
If you have people abusing kickid and banid then revoke their access to that command.

I may not speak for the rest of the team, but we're not going to go out of the way and make things more complicated because server owners are giving command access to players who are abusing them.

Offline Bytewave

  • Respected Community Member
  • Hero Member
  • *****
  • Posts: 718
  • Karma: 116
  • :)
    • My Homepage
Re: Banid and kickid don't check can target
« Reply #2 on: April 25, 2015, 03:34:20 PM »
This is a known feature of ULX/ULib (if you're speaking of 'ulx banid').
Commands involving SteamIDs do NOT check for a player/group's can_target value, as it would be a waste of resources. If you don't want people to be able to ban SteamIDs they're not meant to, don't give them access to 'ulx banid'.

If you're talking about the stock Source kickid/banid, those commands are not touched by ULX/ULib, and therefore do not check can_target.

Pre-Post Edit: Mr. Pres, ya beat me to it.
When you ban or kick an ID, it just does it. It doesn't reverse check the ID and compare it against a possible list of users and their groups.

An ID is an ID, it's not a player and therefor doesn't have a group for ULX to check against.
If you have people abusing kickid and banid then revoke their access to that command.

I may not speak for the rest of the team, but we're not going to go out of the way and make things more complicated because server owners are giving command access to players who are abusing them.
bw81@ulysses-forums ~ % whoami
Homepage

Offline JamminR

  • Ulysses Team Member
  • Hero Member
  • *****
  • Posts: 8096
  • Karma: 390
  • Sertafide Ulysses Jenius
    • Team Ulysses [ULib/ULX, other fine releases]
Re: Banid and kickid don't check can target
« Reply #3 on: April 25, 2015, 04:37:29 PM »
BigBrain, apologies for not recognizing what you were asking sooner in another thread.
What they said - we wrote in ulx banid to allow superadmins to ban people who had, mostly, left the server, or might not even have ever joined (forums sometimes share bad troublemaker steamids)
That 'todo' is still extremely low on our priorities.
http://forums.ulyssesmod.net/index.php/topic,6906.msg34062.html#msg34062

"Though a program be but three lines long, someday it will have to be maintained." -- The Tao of Programming

Offline BigBrainAFK

  • Newbie
  • *
  • Posts: 15
  • Karma: 0
Re: Banid and kickid don't check can target
« Reply #4 on: April 25, 2015, 04:44:53 PM »
I don't know if implementing a groupcheck is that hard cause you gave me a simple solution that works pretty well (and no I don't have a server with just 50 or 60 players in ULib :D).

I would recommend to add a controlbox so you can switch on/off the check at banid

Offline MrPresident

  • Ulysses Team Member
  • Hero Member
  • *****
  • Posts: 2728
  • Karma: 430
    • |G4P| Gman4President
Re: Banid and kickid don't check can target
« Reply #5 on: April 25, 2015, 05:29:53 PM »
I'm going to work on this. I'll post once I have an update for you.

Offline Aaron113

  • Hero Member
  • *****
  • Posts: 803
  • Karma: 102
Re: Banid and kickid don't check can target
« Reply #6 on: April 25, 2015, 10:25:00 PM »
Just my opinion, if someone is abusing banid on your server(s), I wouldn't even have them on your staff (I might even just ban them for it).

Offline MrPresident

  • Ulysses Team Member
  • Hero Member
  • *****
  • Posts: 2728
  • Karma: 430
    • |G4P| Gman4President
Re: Banid and kickid don't check can target
« Reply #7 on: April 25, 2015, 10:35:37 PM »
I agree Aaron113, but if it can be done, might as well.
Although, this is a bit harder than I expected it to be. There's not really a good way to get the allowed targets in ULib that I've been able to find.

Offline BigBrainAFK

  • Newbie
  • *
  • Posts: 15
  • Karma: 0
Re: Banid and kickid don't check can target
« Reply #8 on: April 25, 2015, 11:40:58 PM »
I don't know if this works but i guess it is a good way to check unless you can set more then 1 can_target group in the can target field.

Code: [Select]
function IsAllowedToTarget( ply, target_id )
-- Negate switch if can_target has !% infront of the group

-- Get the player that has the given SteamID
local target_ply = ULib.getPlyByID( tagert_id )

-- Check if can target of ply group has a !%
local can_target = ucl.getGroupCanTarget( ply:GetUserGroup )

if string.sub( can_target, 1, 2 ) == "!%" then
negate = true
can_target = string.Replace( can_target, "!%", "" )
end

-- Check if player can target all or nobody
if can_target == "*" then
return true
elseif can_target == "!%*" then
return false
end

-- Get the can target without the !%
if target_ply:CheckGroup( groupchain ) and negate = true then
return false
elseif target_ply:CheckGroup( groupchain ) and negate = false then
return true
end
end

Offline MrPresident

  • Ulysses Team Member
  • Hero Member
  • *****
  • Posts: 2728
  • Karma: 430
    • |G4P| Gman4President
Re: Banid and kickid don't check can target
« Reply #9 on: April 25, 2015, 11:52:12 PM »
You can set more than one, also this would only check if you have a blanket can_target set for a group. This wouldn't work for checking if you've blocked a certain command from being targeted on another player or group.

For instance, ulx groupallow member "ulx banid" "!%admin"

Offline BigBrainAFK

  • Newbie
  • *
  • Posts: 15
  • Karma: 0
Re: Banid and kickid don't check can target
« Reply #10 on: April 26, 2015, 12:22:18 AM »
Hm... ok could be harder then I thought... could also be because I hard coded the groups that a playerid can target because i just needed it in an external plugin.

Offline allofmywutsteam

  • Full Member
  • ***
  • Posts: 136
  • Karma: 3
  • MNWO Owner
    • MNWO Discord
Re: Banid and kickid don't check can target
« Reply #11 on: May 07, 2015, 10:32:25 AM »
I noticed this for aslayid (Tommys rdm manager) and figured it would be a problem, so I just didn't give it to the lower ranks. I did not know this could be done with any ID commands, because I give the lower staff the banid command (max 24 hours until approved for longer length).

I've had 0 problems with anyone getting banned who shouldnt have been banned. Then again, as of right now, myself and the co owner are the only ones above them (i keep my staff exclusive). So I haven't had any issues, and I don't expect to. Although the slayid I may see a few <censor> arounds here and there, but I just didn't want to bother with that situation of reprimanding for something so benign.

in any event, for the banid, i just created a thread in my staff's steam group and have them post their request for banning users, and whoever has the power to carry out the request can do so.

Example:
"Then Jesus said to his disciples, 'Whoever wants to be my disciple must deny themselves and take up their cross and follow me.'" - Matthew 16:24



MNWO: Steam | Discord | Website | Join Server