Fixed disguise options permissions being bypassable in some instances, including capitalization

src/main/java/me/libraryaddict/disguise/DisguiseListener.java

@@ -537,8 +537,9 @@ public class DisguiseListener implements Listener {
             }
 
             try {
-                DisguiseParser.callMethods(p, disguise, perms, disguisePerm, new ArrayList<>(Arrays.asList(options)),
-                        options);
+                DisguiseParser
+                        .callMethods(p, disguise, perms, disguisePerm, new ArrayList<>(Arrays.asList(options)), options,
+                                "DisguiseModifyEntity");
                 p.sendMessage(LibsMsg.LISTENER_MODIFIED_DISG.get());
             }
             catch (DisguiseParseException ex) {

src/main/java/me/libraryaddict/disguise/commands/DisguiseModifyCommand.java

@@ -58,7 +58,8 @@ public class DisguiseModifyCommand extends DisguiseBaseCommand implements TabCom
         options = DisguiseParser.parsePlaceholders(options, sender, sender);
 
         try {
-            DisguiseParser.callMethods(sender, disguise, permissions, disguisePerm, new ArrayList<>(), options);
+            DisguiseParser.callMethods(sender, disguise, permissions, disguisePerm, new ArrayList<>(), options,
+                    "DisguiseModify");
         }
         catch (DisguiseParseException ex) {
             if (ex.getMessage() != null) {

src/main/java/me/libraryaddict/disguise/commands/DisguiseModifyPlayerCommand.java

@@ -87,7 +87,8 @@ public class DisguiseModifyPlayerCommand extends DisguiseBaseCommand implements
         options = DisguiseParser.parsePlaceholders(options, sender, entityTarget);
 
         try {
-            DisguiseParser.callMethods(sender, disguise, permissions, disguisePerm, new ArrayList<>(), options);
+            DisguiseParser.callMethods(sender, disguise, permissions, disguisePerm, new ArrayList<>(), options,
+                    "DisguiseModifyPlayer");
         }
         catch (DisguiseParseException ex) {
             if (ex.getMessage() != null) {

src/main/java/me/libraryaddict/disguise/commands/DisguiseModifyRadiusCommand.java

@@ -154,7 +154,8 @@ public class DisguiseModifyRadiusCommand extends DisguiseBaseCommand implements
             tempArgs = DisguiseParser.parsePlaceholders(tempArgs, sender, entity);
 
             try {
-                DisguiseParser.callMethods(sender, disguise, permissions, disguisePerm, new ArrayList<>(), tempArgs);
+                DisguiseParser.callMethods(sender, disguise, permissions, disguisePerm, new ArrayList<>(), tempArgs,
+                        "DisguiseModifyRadius");
                 modifiedDisguises++;
             }
             catch (DisguiseParseException ex) {

src/main/java/me/libraryaddict/disguise/utilities/parser/DisguiseParser.java

@@ -335,6 +335,7 @@ public class DisguiseParser {
      * Returns if command user can access the disguise creation permission type
      */
     private static boolean hasPermissionOption(HashMap<String, Boolean> disguiseOptions, String string) {
+        string = string.toLowerCase();
         // If no permissions were defined, return true
         if (disguiseOptions.isEmpty()) {
             return true;
@@ -712,18 +713,19 @@ public class DisguiseParser {
         String[] newArgs = new String[args.length - toSkip];
         System.arraycopy(args, toSkip, newArgs, 0, args.length - toSkip);
 
-        callMethods(sender, disguise, permissions, disguisePerm, usedOptions, newArgs);
+        callMethods(sender, disguise, permissions, disguisePerm, usedOptions, newArgs, permNode);
 
         // Alright. We've constructed our disguise.
         return disguise;
     }
 
     public static void callMethods(CommandSender sender, Disguise disguise, DisguisePermissions disguisePermission,
-            DisguisePerm disguisePerm, Collection<String> usedOptions,
-            String[] args) throws IllegalAccessException, IllegalArgumentException, InvocationTargetException,
+            DisguisePerm disguisePerm, Collection<String> usedOptions, String[] args,
+            String permNode) throws IllegalAccessException, IllegalArgumentException, InvocationTargetException,
             DisguiseParseException {
         Method[] methods = ParamInfoManager.getDisguiseWatcherMethods(disguise.getWatcher().getClass());
         List<String> list = new ArrayList<>(Arrays.asList(args));
+        HashMap<String, Boolean> disguiseOptions = null;
 
         for (int argIndex = 0; argIndex < args.length; argIndex++) {
             // This is the method name they provided
@@ -788,6 +790,22 @@ public class DisguiseParser {
                 usedOptions.add(methodToUse.getName().toLowerCase());
             }
 
+            if (methodToUse.getName().equalsIgnoreCase("setpainting") ||
+                    methodToUse.getName().equalsIgnoreCase("setpotionid") ||
+                    methodToUse.getName().equalsIgnoreCase("setitemstack") ||
+                    methodToUse.getName().equalsIgnoreCase("setblock")) {
+                if (disguiseOptions == null) {
+                    disguiseOptions = getDisguiseOptions(sender, permNode, disguisePerm);
+                }
+
+                String stringValue = ParamInfoManager.toString(valueToSet);
+
+                if (!hasPermissionOption(disguiseOptions, valueToSet + "")) {
+                    throw new DisguiseParseException(LibsMsg.PARSE_NO_PERM_PARAM, stringValue,
+                            disguisePerm.toReadable());
+                }
+            }
+
             doCheck(sender, disguisePermission, disguisePerm, usedOptions);
 
             if (FlagWatcher.class.isAssignableFrom(methodToUse.getDeclaringClass())) {