Some more blank permission handling/comments

bootstrap/bungeecord/src/main/java/org/geysermc/geyser/platform/bungeecord/command/BungeeCommandSource.java

@@ -97,7 +97,7 @@ public class BungeeCommandSource implements GeyserCommandSource {
 
     @Override
     public boolean hasPermission(String permission) {
-        // Handle blank permissions ourselves, as cloud only handles empty ones
+        // Handle blank permissions ourselves, as bungeecord only handles empty ones
         return permission.isBlank() || handle.hasPermission(permission);
     }
 

bootstrap/mod/neoforge/src/main/java/org/geysermc/geyser/platform/neoforge/GeyserNeoForgeCommandRegistry.java

@@ -93,8 +93,7 @@ public class GeyserNeoForgeCommandRegistry extends CommandRegistry {
         // We can't realistically ensure that every permission is registered (calls by API users), so we catch this.
         // This works for our calls, but not for cloud's internal usage. For that case, see above.
         try {
-            // Handle blank permissions ourselves, as cloud only handles empty ones
-            return permission.isBlank() || super.hasPermission(source, permission);
+            return super.hasPermission(source, permission);
         } catch (PermissionNotRegisteredException e) {
             return false;
         }

bootstrap/spigot/src/main/java/org/geysermc/geyser/platform/spigot/command/SpigotCommandSource.java

@@ -100,6 +100,7 @@ public class SpigotCommandSource implements GeyserCommandSource {
 
     @Override
     public boolean hasPermission(String permission) {
-        return handle.hasPermission(permission);
+        // Don't trust Spigot to handle blank permissions
+        return permission.isBlank() || handle.hasPermission(permission);
     }
 }

bootstrap/velocity/src/main/java/org/geysermc/geyser/platform/velocity/command/VelocityCommandSource.java

@@ -93,7 +93,7 @@ public class VelocityCommandSource implements GeyserCommandSource {
 
     @Override
     public boolean hasPermission(String permission) {
-        // Handle blank permissions ourselves, as cloud only handles empty ones
+        // Handle blank permissions ourselves, as velocity only handles empty ones
         return permission.isBlank() || handle.hasPermission(permission);
     }
 

core/src/main/java/org/geysermc/geyser/command/GeyserCommand.java

@@ -91,7 +91,10 @@ public abstract class GeyserCommand implements org.geysermc.geyser.api.command.C
             throw new IllegalArgumentException("Command cannot be null or blank!");
         }
         if (permission.isBlank()) {
-            permission = ""; // Cloud treats empty permissions as available to everyone, but not blank permissions.
+            // Cloud treats empty permissions as available to everyone, but not blank permissions.
+            // When registering commands, we must convert ALL whitespace permissions into empty ones,
+            // because we cannot override permission checks that Cloud itself performs
+            permission = "";
             permissionDefault = null;
         }
 

core/src/main/java/org/geysermc/geyser/command/standalone/StandaloneCloudCommandManager.java

@@ -107,7 +107,7 @@ public class StandaloneCloudCommandManager extends CommandManager<GeyserCommandS
             return true;
         }
 
-        // Handle blank permissions ourselves, as cloud only handles empty ones
+        // An empty or blank permission is treated as a lack of permission requirement
         if (permission.isBlank()) {
             return true;
         }