From 85febebd09d0fa417c69d51b01c19a20cd0e55ef Mon Sep 17 00:00:00 2001
From: Zak Shearman <shearmanzak@gmail.com>
Date: Mon, 1 May 2023 14:06:48 +0100
Subject: [PATCH 1/3] Fix nullability for Player shoulder entity data (#1834)

---
 .../net/minestom/server/entity/metadata/PlayerMeta.java     | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/main/java/net/minestom/server/entity/metadata/PlayerMeta.java b/src/main/java/net/minestom/server/entity/metadata/PlayerMeta.java
index af5c7b21a..a0f7342bd 100644
--- a/src/main/java/net/minestom/server/entity/metadata/PlayerMeta.java
+++ b/src/main/java/net/minestom/server/entity/metadata/PlayerMeta.java
@@ -6,6 +6,8 @@ import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
 import org.jglrxavpok.hephaistos.nbt.NBT;
 
+import java.util.Map;
+
 public class PlayerMeta extends LivingEntityMeta {
     public static final byte OFFSET = LivingEntityMeta.MAX_OFFSET;
     public static final byte MAX_OFFSET = OFFSET + 1;
@@ -108,6 +110,8 @@ public class PlayerMeta extends LivingEntityMeta {
     }
 
     public void setLeftShoulderEntityData(@Nullable NBT value) {
+        if (value == null) value = NBT.Compound(Map.of());
+
         super.metadata.setIndex(OFFSET + 4, Metadata.NBT(value));
     }
 
@@ -117,6 +121,8 @@ public class PlayerMeta extends LivingEntityMeta {
     }
 
     public void setRightShoulderEntityData(@Nullable NBT value) {
+        if (value == null) value = NBT.Compound(Map.of());
+
         super.metadata.setIndex(OFFSET + 5, Metadata.NBT(value));
     }
 

From 1d6ff874f89a6a1b1c7dec9479caa5b9c4a7a3c4 Mon Sep 17 00:00:00 2001
From: Hydrogen <96733109+dev-hydrogen@users.noreply.github.com>
Date: Tue, 9 May 2023 15:43:44 +0300
Subject: [PATCH 2/3] Add permissions wildcard support to no-verifier
 hasPermission (#1319)

* Add permission wildcard support to no-verifier hasPermission

* add one more assertion

* check permissionLoop NOT permission

* Add all permissions wildcard test

* Add proper pattern matching with tests

* Sanitize regex

* Clean up code

* Add to other hasPermission method aswell
---
 .../server/permission/PermissionHandler.java  | 14 +++++
 .../server/permission/TestPermissions.java    | 55 ++++++++++++++++++-
 2 files changed, 68 insertions(+), 1 deletion(-)

diff --git a/src/main/java/net/minestom/server/permission/PermissionHandler.java b/src/main/java/net/minestom/server/permission/PermissionHandler.java
index 290dc9bde..50ce3fac8 100644
--- a/src/main/java/net/minestom/server/permission/PermissionHandler.java
+++ b/src/main/java/net/minestom/server/permission/PermissionHandler.java
@@ -6,6 +6,7 @@ import org.jglrxavpok.hephaistos.nbt.NBTCompound;
 import org.jglrxavpok.hephaistos.parser.SNBTParser;
 
 import java.util.Set;
+import java.util.regex.Pattern;
 
 /**
  * Represents an object which can have permissions.
@@ -56,6 +57,8 @@ public interface PermissionHandler {
 
     /**
      * Gets if this handler has the permission {@code permission}.
+     * This method will also pattern match for wildcards. For example, if this handler has the permission {@code "*"}, this method will always return true.
+     * However, if this handler has the permission {@code "foo.b*r.baz"}, this method will return true if {@code permission} is {@code "foo.baaar.baz"} or {@code "foo.br.baz}, but not {@code "foo.bar.bz"}.
      * <p>
      * Uses {@link Permission#equals(Object)} internally.
      *
@@ -67,6 +70,15 @@ public interface PermissionHandler {
             if (permissionLoop.equals(permission)) {
                 return true;
             }
+            String permissionLoopName = permissionLoop.getPermissionName();
+            if (permissionLoopName.contains("*")) {
+                // Sanitize permissionLoopName
+                String regexSanitized = Pattern.quote(permissionLoopName).replace("*", "\\E(.*)\\Q"); // Replace * with regex
+                // pattern matching for wildcards, where foo.b*r.baz matches foo.baaaar.baz or foo.bar.baz
+                if (permission.getPermissionName().matches(regexSanitized)) {
+                    return true;
+                }
+            }
         }
         return false;
     }
@@ -103,6 +115,8 @@ public interface PermissionHandler {
         final Permission permission = getPermission(permissionName);
 
         if (permission != null) {
+            // If no permission verifier, hand off to no-verifier hasPermission for wildcard support
+            if(permissionVerifier == null) { return hasPermission(permission); }
             // Verify using the permission verifier
             return permissionVerifier == null || permissionVerifier.isValid(permission.getNBTData());
         }
diff --git a/src/test/java/net/minestom/server/permission/TestPermissions.java b/src/test/java/net/minestom/server/permission/TestPermissions.java
index 6cd4da472..30840900a 100644
--- a/src/test/java/net/minestom/server/permission/TestPermissions.java
+++ b/src/test/java/net/minestom/server/permission/TestPermissions.java
@@ -18,7 +18,7 @@ public class TestPermissions {
 
     private Player player;
 
-    private Permission permission1, permission2;
+    private Permission permission1, permission2, permission3, wildcard;
 
     @BeforeEach
     public void init() {
@@ -42,6 +42,10 @@ public class TestPermissions {
         );
 
         permission2 = new Permission("perm.name2");
+
+        permission3 = new Permission("perm.name2.sub.sub2");
+
+        wildcard = new Permission("*");
     }
 
     @Test
@@ -76,6 +80,55 @@ public class TestPermissions {
         assertFalse(player.hasPermission("perm.name2", Objects::nonNull));
     }
 
+    @Test
+    public void hasPatternMatchingWildcard() {
+        Permission permission = new Permission("foo.b*r.baz");
+        Permission match = new Permission("foo.baaar.baz");
+        Permission match2 = new Permission("foo.br.baz");
+        Permission nomatch = new Permission("foo.br.bz");
+        Permission nomatch2 = new Permission("foo.b.baz");
+        assertFalse(player.hasPermission(match));
+        assertFalse(player.hasPermission(match2));
+        assertFalse(player.hasPermission(nomatch));
+        assertFalse(player.hasPermission(nomatch2));
+
+        player.addPermission(permission);
+
+        assertTrue(player.hasPermission(match));
+        assertTrue(player.hasPermission(match2));
+        assertFalse(player.hasPermission(nomatch));
+        assertFalse(player.hasPermission(nomatch2));
+    }
+
+    @Test
+    public void hasPermissionWildcard() {
+        Permission permission = new Permission("foo.b*");
+        Permission match = new Permission("foo.baaar.baz");
+        Permission match2 = new Permission("foo.b");
+        Permission nomatch = new Permission("foo.");
+        Permission nomatch2 = new Permission("foo/b");
+        assertFalse(player.hasPermission(match));
+        assertFalse(player.hasPermission(match2));
+        assertFalse(player.hasPermission(nomatch));
+        assertFalse(player.hasPermission(nomatch2));
+
+        player.addPermission(permission);
+
+        assertTrue(player.hasPermission(match));
+        assertTrue(player.hasPermission(match2));
+        assertFalse(player.hasPermission(nomatch));
+        assertFalse(player.hasPermission(nomatch2));
+    }
+
+    @Test
+    public void hasAllPermissionsWithWildcard() {
+        assertFalse(player.hasPermission(permission2));
+        assertFalse(player.hasPermission(permission3));
+        player.addPermission(wildcard);
+        assertTrue(player.hasPermission(permission2));
+        assertTrue(player.hasPermission(permission3));
+    }
+
     @AfterEach
     public void cleanup() {
 

From 2c3e38b178b45ed8e331f3d16c4b33114e7323be Mon Sep 17 00:00:00 2001
From: Hydrogen <96733109+dev-hydrogen@users.noreply.github.com>
Date: Wed, 10 May 2023 01:51:06 +0300
Subject: [PATCH 3/3] Null verifier wildcard fix (#1849)

* fix hasPermission(String, PermissionVerifier) Behavior

* add test cases
---
 .../server/permission/PermissionHandler.java     | 16 +++++++++-------
 .../server/permission/TestPermissions.java       |  8 ++++++++
 2 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/src/main/java/net/minestom/server/permission/PermissionHandler.java b/src/main/java/net/minestom/server/permission/PermissionHandler.java
index 50ce3fac8..0683e3497 100644
--- a/src/main/java/net/minestom/server/permission/PermissionHandler.java
+++ b/src/main/java/net/minestom/server/permission/PermissionHandler.java
@@ -112,15 +112,17 @@ public interface PermissionHandler {
      * @return true if the handler has the permission, false otherwise
      */
     default boolean hasPermission(@NotNull String permissionName, @Nullable PermissionVerifier permissionVerifier) {
-        final Permission permission = getPermission(permissionName);
+        Permission permission = getPermission(permissionName);
 
-        if (permission != null) {
-            // If no permission verifier, hand off to no-verifier hasPermission for wildcard support
-            if(permissionVerifier == null) { return hasPermission(permission); }
-            // Verify using the permission verifier
-            return permissionVerifier == null || permissionVerifier.isValid(permission.getNBTData());
+        if (permission == null && permissionVerifier == null) {
+            permission = new Permission(permissionName, null);
+        } else if (permission == null) {
+            return false;
         }
-        return false;
+        // If no permission verifier, hand off to no-verifier hasPermission for wildcard support
+        if(permissionVerifier == null) { return hasPermission(permission); }
+        // Verify using the permission verifier
+        return permissionVerifier.isValid(permission.getNBTData());
     }
 
     /**
diff --git a/src/test/java/net/minestom/server/permission/TestPermissions.java b/src/test/java/net/minestom/server/permission/TestPermissions.java
index 30840900a..c5604540d 100644
--- a/src/test/java/net/minestom/server/permission/TestPermissions.java
+++ b/src/test/java/net/minestom/server/permission/TestPermissions.java
@@ -85,6 +85,8 @@ public class TestPermissions {
         Permission permission = new Permission("foo.b*r.baz");
         Permission match = new Permission("foo.baaar.baz");
         Permission match2 = new Permission("foo.br.baz");
+        String match3 = "foo.br.baz";
+        String match4 = "foo.baaar.baz";
         Permission nomatch = new Permission("foo.br.bz");
         Permission nomatch2 = new Permission("foo.b.baz");
         assertFalse(player.hasPermission(match));
@@ -96,6 +98,8 @@ public class TestPermissions {
 
         assertTrue(player.hasPermission(match));
         assertTrue(player.hasPermission(match2));
+        assertTrue(player.hasPermission(match3));
+        assertTrue(player.hasPermission(match4));
         assertFalse(player.hasPermission(nomatch));
         assertFalse(player.hasPermission(nomatch2));
     }
@@ -105,6 +109,8 @@ public class TestPermissions {
         Permission permission = new Permission("foo.b*");
         Permission match = new Permission("foo.baaar.baz");
         Permission match2 = new Permission("foo.b");
+        String match3 = "foo.b";
+        String match4 = "foo.baaar.baz";
         Permission nomatch = new Permission("foo.");
         Permission nomatch2 = new Permission("foo/b");
         assertFalse(player.hasPermission(match));
@@ -116,6 +122,8 @@ public class TestPermissions {
 
         assertTrue(player.hasPermission(match));
         assertTrue(player.hasPermission(match2));
+        assertTrue(player.hasPermission(match3));
+        assertTrue(player.hasPermission(match4));
         assertFalse(player.hasPermission(nomatch));
         assertFalse(player.hasPermission(nomatch2));
     }