4 files changed, 43 insertions, 18 deletions

diff --git a/src/ClientTools.hx b/src/ClientTools.hx
index 26faab6..e83e450 100644
--- a/src/ClientTools.hx
+++ b/src/ClientTools.hx
@@ -1,5 +1,8 @@
 package;
 
+import Types.Permissions;
+import Types.Permission;
+
 class ClientTools {
 
 	public static function setLeader(clients:Array<Client>, name:String):Void {
@@ -25,4 +28,12 @@ class ClientTools {
 		return def;
 	}
 
+	public static function hasPermission(client:Client, permission:Permission, permissions:Permissions):Bool {
+		final p = permissions;
+		if (client.isAdmin) return p.admin.contains(permission);
+		if (client.isLeader) return p.leader.contains(permission);
+		if (client.isUser) return p.user.contains(permission);
+		return p.guest.contains(permission);
+	}
+
 }
diff --git a/src/Types.hx b/src/Types.hx
index 4061b09..02a2cee 100644
--- a/src/Types.hx
+++ b/src/Types.hx
@@ -27,17 +27,19 @@ typedef Config = {
 	templateUrl:String,
 	youtubeApiKey:String,
 	youtubePlaylistLimit:Int,
-	permissions:{
-		guest:Array<Permission>,
-		user:Array<Permission>,
-		leader:Array<Permission>,
-		admin:Array<Permission>
-	},
+	permissions:Permissions,
 	emotes:Array<Emote>,
 	filters:Array<Filter>,
 	?isVerbose:Bool,
 	?salt:String
-};
+}
+
+typedef Permissions = {
+	guest:Array<Permission>,
+	user:Array<Permission>,
+	leader:Array<Permission>,
+	admin:Array<Permission>
+}
 
 enum abstract Permission(String) {
 	var GuestPerm = "guest";
diff --git a/src/client/Main.hx b/src/client/Main.hx
index 8e20ee3..ad614c5 100644
--- a/src/client/Main.hx
+++ b/src/client/Main.hx
@@ -9,6 +9,7 @@ import js.html.Event;
 import js.html.Element;
 import js.html.VideoElement;
 import js.html.InputElement;
+import js.html.ButtonElement;
 import js.html.WebSocket;
 import js.Browser;
 import js.Browser.document;
@@ -368,14 +369,17 @@ class Main {
 			case Logout:
 				updateClients(data.logout.clients);
 				personal = new Client(data.logout.clientName, 0);
+				onUserGroupChanged();
+				showGuestLoginPanel();
 				settings.name = "";
 				settings.hash = "";
 				Settings.write(settings);
-				showGuestLoginPanel();
 
 			case UpdateClients:
 				updateClients(data.updateClients.clients);
+				final oldGroup = personal.group.toInt();
 				personal = clients.getByName(personal.name, personal);
+				if (personal.group.toInt() != oldGroup) onUserGroupChanged();
 
 			case Message:
 				addMessage(data.message.clientName, data.message.text);
@@ -522,6 +526,19 @@ class Main {
 			addMessage(message.name, message.text, message.time);
 		}
 		player.setItems(connected.videoList, connected.itemPos);
+		onUserGroupChanged();
+	}
+
+	function onUserGroupChanged():Void {
+		final button:ButtonElement = cast ge("#queue_next");
+		if (personal.hasPermission(ChangeOrderPerm, config.permissions)) {
+			button.disabled = false;
+		} else {
+			button.disabled = true;
+		}
+		final adminMenu = ge("#adminMenu");
+		if (isAdmin()) adminMenu.style.display = "block";
+		else adminMenu.style.display = "none";
 	}
 
 	public function guestLogin(name:String):Void {
@@ -602,6 +619,7 @@ class Main {
 		final newPersonal = clients.getByName(clientName);
 		if (newPersonal == null) return;
 		personal = newPersonal;
+		onUserGroupChanged();
 		hideGuestLoginPanel();
 	}
 
@@ -617,7 +635,6 @@ class Main {
 		ge("#guestpassword").style.display = "none";
 		ge("#chatbox").style.display = "flex";
 		ge("#exitBtn").textContent = Lang.get("exit");
-		if (isAdmin()) ge("#adminMenu").style.display = "block";
 	}
 
 	function showGuestPasswordPanel():Void {
diff --git a/src/server/Main.hx b/src/server/Main.hx
index 07f782a..565daab 100644
--- a/src/server/Main.hx
+++ b/src/server/Main.hx
@@ -472,6 +472,9 @@ class Main {
 					serverMessage(client, "videoLimitPerUserError");
 					return;
 				}
+				if (!data.addVideo.atEnd && !checkPermission(client, ChangeOrderPerm)) {
+					data.addVideo.atEnd = true;
+				}
 				final item = data.addVideo.item;
 				item.author = client.name;
 				final local = '$localIp:$port';
@@ -721,7 +724,7 @@ class Main {
 	}
 
 	function checkPermission(client:Client, perm:Permission):Bool {
-		final state = hasPermission(client, perm);
+		final state = client.hasPermission(perm, config.permissions);
 		if (!state) send(client, {
 			type: ServerMessage, serverMessage: {
 				textId: "accessError"
@@ -730,14 +733,6 @@ class Main {
 		return state;
 	}
 
-	function hasPermission(client:Client, perm:Permission):Bool {
-		final p = config.permissions;
-		if (client.isAdmin) return p.admin.indexOf(cast perm) != -1;
-		if (client.isLeader) return p.leader.indexOf(cast perm) != -1;
-		if (client.isUser) return p.user.indexOf(cast perm) != -1;
-		return p.guest.indexOf(cast perm) != -1;
-	}
-
 	final htmlChars = ~/[&^<>'"]/;
 
 	public function badNickName(name:String):Bool {