hedit: improve element data security

Improves the security of resource data by using the new `clientChangesPolicy` parameter where appropriate.

Author: jlillis

[gameplay]/hedit/meta.xml

@@ -1,7 +1,7 @@
 <meta>
-    <info type="script" name="Ingame Handling Editor" author="Remi-X" version="2.1.5" description="The first ingame handling editor for MTA!" />
+    <info type="script" name="Ingame Handling Editor" author="Remi-X, MTA contributors (github.com/multitheftauto/mtasa-resources)" version="2.1.6" description="The first ingame handling editor for MTA!" />
     <oop>true</oop>
-    <min_mta_version server="1.4.0" client="1.4.0" />
+    <min_mta_version server="1.6.0-9.22815" client="1.6.0-9.22815" />
 
     <!-- SHARED -->
     <script src="shared/variables/general.lua"      type="shared" />

[gameplay]/hedit/server/core.lua

@@ -7,8 +7,6 @@ addEventHandler ( "onResourceStart", resourceRoot, function ( )
 
     local resName = getResourceName ( resource )
 
-	setElementData(resourceRoot, "resourceVersion", getResourceInfo(resource, "version"))
-
     if resName ~= "hedit" and not DEBUGMODE then
         print ( "[HEDIT] Please rename resource '"..resName.."' to 'hedit' to use the handling editor.")
         return cancelEvent ( true, "Rename the handling editor resource to 'hedit' in order to use the resource." )
@@ -23,7 +21,7 @@ addEventHandler ( "onResourceStart", resourceRoot, function ( )
 	addEventHandler("onSettingChange", root, parseMetaSettings)
 
 	for model=400,611 do
-        setElementData ( root, "originalHandling."..tostring ( model ), getOriginalHandling ( model, true ) )
+        setElementData ( resourceRoot, "hedit:originalHandling."..tostring ( model ), getOriginalHandling ( model, true ), true, "deny" )
     end
 
     --initiateCFGLoader ( )

[gameplay]/hedit/server/logmanager.lua

@@ -1,7 +1,7 @@
 local vehicleLogs = {}
 
 function loadHandlingLog ( )
-    local data = getElementData ( root, "hedit:vehicleLogs" )
+    local data = getElementData ( root, "hedit:vehicleLogs" ) -- retrieve stashed vehicleLogs from root element data (if it exists)
 
     if data then
         vehicleLogs = data
@@ -12,7 +12,7 @@ end
 
 
 function unloadHandlingLog ( )
-    setElementData ( root, "hedit:vehicleLogs", vehicleLogs, false )
+    setElementData ( root, "hedit:vehicleLogs", vehicleLogs, false, "deny") -- stash vehicleLogs as root element data so it can be recovered on next start
 
     return true
 end
@@ -109,7 +109,7 @@ function uploadFullLog ( vehicle )
         return false
     end
 
-    triggerClientEvent ( client, "receiveFullLog", client, getElementData(root,"hedit:vehicleLogs")[vehicle] )
+    triggerClientEvent ( client, "receiveFullLog", client, vehicleLogs[vehicle] )
     return true
 end
 addEvent ( "requestFullLog", true )

[gameplay]/hedit/server/utils.lua

@@ -127,5 +127,5 @@ function parseMetaSettings()
 			outputDebugString("Missing setting for "..handlingProperty..", defaulting to false.", 2)
 		end
 	end
-	setElementData(resourceRoot, "propertySettings", propertySettings)
+	setElementData(resourceRoot, "hedit:propertySettings", propertySettings, true, "deny")
 end

[gameplay]/hedit/shared/utils.lua

@@ -136,7 +136,7 @@ end
 --This function returns true if a setting is enabled in the meta, false otherwise.
 function isHandlingPropertyEnabled(property)
 	if getLocalPlayer then
-		return (getElementData(resourceRoot, "propertySettings", false)[property]) or true
+		return (getElementData(resourceRoot, "hedit:propertySettings", false)[property]) or true
 	else
 		return tobool(get("*enable_"..property))
 	end
@@ -330,7 +330,7 @@ function getHandlingPreviousValue ( vehicle, property )
         return false
     end
 
-    return getElementData ( vehicle, "hedit:vehiclepreviousvalue."..property )
+    return getElementData ( vehicle, "hedit:vehiclepreviousvalue."..property, false )
 end
 
 
@@ -344,7 +344,7 @@ function setVehicleSaved ( vehicle, saved )
         return true
     end
 
-    setElementData ( vehicle, "hedit:saved", tostring ( saved ) )
+    setElementData ( vehicle, "hedit:saved", tostring ( saved ), true, "deny" )
 
     local occupants = getVehicleOccupants ( vehicle )
     local seats = getVehicleMaxPassengers ( vehicle )
@@ -370,8 +370,8 @@ function isVehicleSaved ( vehicle )
         return false
     end
 
-    if not getElementData ( vehicle, "hedit:saved" ) then
-        setElementData ( vehicle, "hedit:saved", "true" )
+    if not getElementData ( vehicle, "hedit:saved", false ) then
+        setElementData ( vehicle, "hedit:saved", "true", true, "deny" )
     end
 
     return tobool ( getElementData ( vehicle, "hedit:saved" ) )

[gameplay]/hedit/shared/wrappers/handling.lua

@@ -175,7 +175,7 @@ function setVehicleHandling ( vehicle, property, value, withLog )
     end
 
 
-    setElementData ( vehicle, "hedit:vehiclepreviousvalue."..property, oldValue )
+    setElementData ( vehicle, "hedit:vehiclepreviousvalue."..property, oldValue, true, "deny" )
 
     triggerEvent ( "onVehicleHandlingChange", client, vehicle, property, oldValue, value )
 
@@ -197,7 +197,7 @@ function getOriginalHandling ( model, force )
         return nil
     end
 
-    local data = getElementData ( root, "originalHandling."..tostring(model) )
+    local data = getElementData ( resourceRoot, "hedit:originalHandling."..tostring(model), false )
     if not data or force then
         data = conformHandlingTable ( _getOriginalHandling ( model ), model )
     end