Merge pull request #80 from awesomemoder316/master

Update to Version 2.2
2021-08-21 14:39:42 +02:00 · 2021-08-21 14:39:42 +02:00 · d0929adddd
commit d0929adddd
parent a6087d13c8 b055b9b248
19 changed files with 163 additions and 48 deletions
--- a/client/index.html
+++ b/client/index.html
@ -264,7 +264,7 @@
 		<!-- Webpage footer -->
 		<footer class="footer mt-auto py-3">
 			<div class="container">
-				<span class="text-muted">WebConsole v2.1 - <a href="https://github.com/mesacarlos/WebConsole">GitHub</a></span>
+				<span class="text-muted">WebConsole v2.2 - <a href="https://github.com/mesacarlos/WebConsole">GitHub</a></span>
 			</div>
 		</footer>
 		
@ -274,15 +274,15 @@
 		<script src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous"></script>
 		
 		<!-- WebConsole JS Objects -->
-		<script src="scripts/object/Setting.js?v=2.1.0"></script>
-		<script src="scripts/object/WSServer.js?v=2.1.0"></script>
+		<script src="scripts/object/Setting.js?v=2.2.0"></script>
+		<script src="scripts/object/WSServer.js?v=2.2.0"></script>

 		<!-- WebConsole JS Scripts -->
-		<script src="scripts/WebConsoleLanguage.js?v=2.1.0"></script>
-		<script src="scripts/WebConsoleConnector.js?v=2.1.0"></script>
-		<script src="scripts/WebConsoleManager.js?v=2.1.0"></script>
-		<script src="scripts/WebConsolePersistenceManager.js?v=2.1.0"></script>
-		<script src="scripts/WebConsole.js?v=2.1.0"></script>
-		<script src="scripts/WebConsoleJqueryHandler.js?v=2.1.0"></script>
+		<script src="scripts/WebConsoleLanguage.js?v=2.2.0"></script>
+		<script src="scripts/WebConsoleConnector.js?v=2.2.0"></script>
+		<script src="scripts/WebConsoleManager.js?v=2.2.0"></script>
+		<script src="scripts/WebConsolePersistenceManager.js?v=2.2.0"></script>
+		<script src="scripts/WebConsole.js?v=2.2.0"></script>
+		<script src="scripts/WebConsoleJqueryHandler.js?v=2.2.0"></script>
 	</body>
 </html>
--- a/phrases.properties
+++ b/phrases.properties
@ -19,7 +19,7 @@ error-disconnected-client = [WebConsole] Attempted to send a message to a discon
 cpu-usage-message = Usage is {0}%

 # ExecCommand.java
-viewer-error-console = [WebConsole] {0} tried to run {1} without permission.
+no-send-permission-console = [WebConsole] {0} tried to run {1} without permission.
 cmd-executed-console = [WebConsole] {0} executed "{1}".

 # LogInCommand.java
--- a/phrases_cs.properties
+++ b/phrases_cs.properties
@ -19,7 +19,7 @@ error-disconnected-client = [WebConsole] Pokus o odeslání zprávy odpojenému
 cpu-usage-message = Využití je {0}%

 # ExecCommand.java
-viewer-error-console = [WebConsole] {0} se pokusil spustit {1} bez povolení.
+no-send-permission-console = [WebConsole] {0} se pokusil spustit {1} bez povolení.
 cmd-executed-console = [WebConsole] {0} spustil "{1}".

 # LogInCommand.java
--- a/phrases_de.properties
+++ b/phrases_de.properties
@ -19,7 +19,7 @@ error-disconnected-client = [WebConsole] Es wurde versucht, eine Nachricht an ei
 cpu-usage-message = Die CPU Auslastung liegt bei {0}%.

 # ExecCommand.java
-viewer-error-console = [WebConsole] {0} hat versucht, {1} ohne Erlaubnis auszuführen.
+no-send-permission-console = [WebConsole] {0} hat versucht, {1} ohne Erlaubnis auszuführen.
 cmd-executed-console = [WebConsole] {0} hat "{1}" ausgeführt.

 # LogInCommand.java
--- a/phrases_en.properties
+++ b/phrases_en.properties
@ -19,7 +19,7 @@ error-disconnected-client = [WebConsole] Attempted to send a message to a discon
 cpu-usage-message = Usage is {0}%

 # ExecCommand.java
-viewer-error-console = [WebConsole] {0} tried to run {1} without permission.
+no-send-permission-console = [WebConsole] {0} tried to run {1} without permission.
 cmd-executed-console = [WebConsole] {0} executed "{1}".

 # LogInCommand.java
--- a/phrases_es.properties
+++ b/phrases_es.properties
@ -19,7 +19,7 @@ error-disconnected-client = [WebConsole] Se intentó enviar un mensaje a un clie
 cpu-usage-message = En uso {0}%

 # ExecCommand.java
-viewer-error-console = [WebConsole] {0} intentó ejecutar {1} sin permiso.
+no-send-permission-console = [WebConsole] {0} intentó ejecutar {1} sin permiso.
 cmd-executed-console = [WebConsole] {0} ejecutó "{1}".

 # LogInCommand.java
--- a/phrases_fr.properties
+++ b/phrases_fr.properties
@ -19,7 +19,7 @@ error-disconnected-client = [WebConsole] Vous avez tenté d'envoyer un message
 cpu-usage-message = L'utilisation est {0}%

 # ExecCommand.java
-viewer-error-console = [WebConsole] {0} a tenté d'exécuter {1} sans autorisation.
+no-send-permission-console = [WebConsole] {0} a tenté d'exécuter {1} sans autorisation.
 cmd-executed-console = [WebConsole] {0} a exécuté "{1}".

 # LogInCommand.java
--- a/phrases_it.properties
+++ b/phrases_it.properties
@ -19,7 +19,7 @@ error-disconnected-client = [WebConsole] Tentativo di inviare un messaggio a un
 cpu-usage-message = L''uso è {0}%

 # ExecCommand.java
-viewer-error-console = [WebConsole] {0} ha provato a eseguire {1} senza autorizzazione.
+no-send-permission-console = [WebConsole] {0} ha provato a eseguire {1} senza autorizzazione.
 cmd-executed-console = [WebConsole] {0} eseguito "{1}".

 # LogInCommand.java
--- a/phrases_ko.properties
+++ b/phrases_ko.properties
@ -19,7 +19,7 @@ error-disconnected-client = [WebConsole] 연결이 끊긴 WebSocket 클라이언
 cpu-usage-message = 사용량은 {0}%입니다

 # ExecCommand.java
-viewer-error-console = [WebConsole] {0}이(가) {1}을(를) 권한 없이 실행하려고 했습니다.
+no-send-permission-console = [WebConsole] {0}이(가) {1}을(를) 권한 없이 실행하려고 했습니다.
 cmd-executed-console = [WebConsole] {0}이(가) "{1}"을(를) 실행하였습니다.

 # LogInCommand.java
--- a/phrases_nl.properties
+++ b/phrases_nl.properties
@ -19,7 +19,7 @@ error-disconnected-client = [WebConsole] Poging om een bericht te sturen naar ee
 cpu-usage-message = Verbruik is {0}%

 # ExecCommand.java
-viewer-error-console = [WebConsole] {0} heeft geprobeerd {1} uit te voeren zonder toestemming.
+no-send-permission-console = [WebConsole] {0} heeft geprobeerd {1} uit te voeren zonder toestemming.
 cmd-executed-console = [WebConsole] {0} voerde "{1}" uit.

 # LogInCommand.java
--- a/phrases_pt.properties
+++ b/phrases_pt.properties
@ -19,7 +19,7 @@ error-disconnected-client = [WebConsole] Tentativa de enviar uma mensagem para u
 cpu-usage-message = Consumindo {0}%

 # ExecCommand.java
-viewer-error-console = [WebConsole] {0} tentou executar o {1} sem permissão.
+no-send-permission-console = [WebConsole] {0} tentou executar o {1} sem permissão.
 cmd-executed-console = [WebConsole] {0} executou "{1}".

 # LogInCommand.java
--- a/phrases_ru.properties
+++ b/phrases_ru.properties
@ -19,7 +19,7 @@ error-disconnected-client = [WebConsole] Попытка отправить со
 cpu-usage-message = Использование {0}%

 # ExecCommand.java
-viewer-error-console = [WebConsole] {0} попытался запустить {1} без разрешения.
+no-send-permission-console = [WebConsole] {0} попытался запустить {1} без разрешения.
 cmd-executed-console = [WebConsole] {0} выполнил "{1}".

 # LogInCommand.java
--- a/phrases_tr.properties
+++ b/phrases_tr.properties
@ -19,7 +19,7 @@ error-disconnected-client = [WebConsole] Bağlantısı kesilmiş bir WebSocket'a
 cpu-usage-message = Şuanki kullanım %{0}

 # ExecCommand.java
-viewer-error-console = [WebConsole] {0}, {1}'ı yetkisiz olarak çalıştırmayı denedi.
+no-send-permission-console = [WebConsole] {0}, {1}'ı yetkisiz olarak çalıştırmayı denedi.
 cmd-executed-console = [WebConsole] {0}, "{1}" çalıştırdı.

 # LogInCommand.java
--- a/phrases_zh.properties
+++ b/phrases_zh.properties
@ -19,7 +19,7 @@ error-disconnected-client = [WebConsole] 尝试向断开连接的WebSocket客户
 cpu-usage-message = 已使用 {0}%

 # ExecCommand.java
-viewer-error-console = [WebConsole] {0}试图未经许可而运行{1}。
+no-send-permission-console = [WebConsole] {0}试图未经许可而运行{1}。
 cmd-executed-console = [網站控制台] {0} 執行 '{1}'.

 # LogInCommand.java
--- a/plugin.yml
+++ b/plugin.yml
@ -1,7 +1,7 @@
 name: WebConsole
 main: es.mesacarlos.webconsole.WebConsole
 api-version: 1.13
-version: 2.1
+version: 2.2
 description: WebSocket-based web console
 author: Carlos Mesa
 commands:
--- a/pom.xml
+++ b/pom.xml
@ -4,7 +4,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>WebConsole</groupId>
 	<artifactId>WebConsole</artifactId>
-	<version>2.1</version>
+	<version>2.2</version>
 	<build>
 		<sourceDirectory>src</sourceDirectory>
 		<plugins>
--- a/src/es/mesacarlos/webconsole/config/ConfigManager.java
+++ b/src/es/mesacarlos/webconsole/config/ConfigManager.java
@ -1,9 +1,7 @@
 package es.mesacarlos.webconsole.config;

 import java.net.InetSocketAddress;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Map;
+import java.util.*;

 import org.bukkit.Bukkit;
 import org.bukkit.configuration.ConfigurationSection;
@ -44,11 +42,44 @@ public class ConfigManager {
 		// Language config
 		config.addDefault("language", "en");
 		
-		if(config.getConfigurationSection("passwords") == null) {
-			ConfigurationSection passwordsSection = config.createSection("passwords");
-			ConfigurationSection adminPasswordSection = passwordsSection.createSection("admin");
-			adminPasswordSection.addDefault("user1", "mySecurePassword");
-			passwordsSection.createSection("viewer");
+		//Create passwords section if it does not exist
+		ConfigurationSection passwordsSection = config.getConfigurationSection("passwords");
+		if(passwordsSection == null) {
+			passwordsSection = config.createSection("passwords");
+		}
+		
+		//Create passwords.admin section if it does not exist
+		ConfigurationSection adminPasswordSection = passwordsSection.getConfigurationSection("admin");
+		if(adminPasswordSection == null) {
+			adminPasswordSection = passwordsSection.createSection("admin");
+			adminPasswordSection.createSection("user1");
+		}
+		
+		//For each admin user, create the password value and the commandWhitelist section if it does not exist
+		Set<String> adminUsersSections = adminPasswordSection.getKeys(false);
+		for (String adminUserSectionName : adminUsersSections) {
+			ConfigurationSection userSection = adminPasswordSection.getConfigurationSection(adminUserSectionName);
+			if(userSection == null) {
+				//If userSection is null, that means that the config file is prior to v2.2. We need to update the file to v2.2 by replacing the "user:password" value to a new section for each user.
+				String userPasswordFromOldConfig = adminPasswordSection.getString(adminUserSectionName);
+				userSection = adminPasswordSection.createSection(adminUserSectionName);
+				userSection.set("password", userPasswordFromOldConfig);
+			}
+			userSection.addDefault("password", "mySecurePassword");
+			
+			ConfigurationSection commandWhitelist = userSection.getConfigurationSection("commandWhitelist");
+			if(commandWhitelist == null) {
+				commandWhitelist = userSection.createSection("commandWhitelist");
+				commandWhitelist.addDefault("enabled", false);
+				commandWhitelist.addDefault("commandWhitelistActsAsBlacklist", false);
+				commandWhitelist.addDefault("whitelist", Arrays.asList("whisper", "gamemode survival"));
+			}
+		}
+		
+		//Create passwords.viewer section if it does not exist
+		ConfigurationSection viewerPasswordSection = passwordsSection.getConfigurationSection("viewer");
+		if(viewerPasswordSection == null) {
+			viewerPasswordSection = passwordsSection.createSection("viewer");
 		}
 		
 		config.options().copyDefaults(true);
@ -96,11 +127,19 @@ public class ConfigManager {
 	 * @return list of admin users
 	 */
 	private List<UserData> getAdmins() {
-		Map<String, Object> passwords = plugin.getConfig().getConfigurationSection("passwords").getConfigurationSection("admin").getValues(false);
-		List<UserData> adminUsers = new ArrayList<UserData>();
+		Set<String> adminConfig = plugin.getConfig().getConfigurationSection("passwords").getConfigurationSection("admin").getKeys(false);

-		for(Map.Entry<String, Object> entry : passwords.entrySet())
-			adminUsers.add(new UserData(entry.getKey(), entry.getValue().toString(), UserType.ADMIN));
+		List<UserData> adminUsers = new ArrayList<>();
+		
+		for(String username : adminConfig) {
+			adminUsers.add(new UserData(
+					username,
+					plugin.getConfig().getString("passwords.admin." + username + ".password"),
+					UserType.ADMIN,
+					plugin.getConfig().getBoolean("passwords.admin." + username + ".commandWhitelist.enabled"),
+					plugin.getConfig().getBoolean("passwords.admin." + username + ".commandWhitelist.commandWhitelistActsAsBlacklist"),
+					plugin.getConfig().getStringList("passwords.admin." + username + ".commandWhitelist.whitelist")));
+		}
 		
 		return adminUsers;
 	}
@ -111,10 +150,10 @@ public class ConfigManager {
 	 */
 	private List<UserData> getViewers() {
 		Map<String, Object> passwords = plugin.getConfig().getConfigurationSection("passwords").getConfigurationSection("viewer").getValues(false);
-		List<UserData> viewerUsers = new ArrayList<UserData>();
+		List<UserData> viewerUsers = new ArrayList<>();
 		
 		for(Map.Entry<String, Object> entry : passwords.entrySet())
-			viewerUsers.add(new UserData(entry.getKey(), entry.getValue().toString(), UserType.VIEWER));
+			viewerUsers.add(new UserData(entry.getKey(), entry.getValue().toString(), UserType.VIEWER, false, false, new ArrayList<>()));
 		
 		return viewerUsers;
 	}
--- a/src/es/mesacarlos/webconsole/config/UserData.java
+++ b/src/es/mesacarlos/webconsole/config/UserData.java
@ -1,14 +1,23 @@
 package es.mesacarlos.webconsole.config;

+import java.util.List;
+
 public class UserData {
 	private String username;
 	private String password;
 	private UserType userType;
+	private boolean isWhitelistEnabled;
+	private boolean isWhitelistActsAsBlacklist;
+	private List<String> whitelistedCommands;
 	
-	public UserData(String username, String password, UserType userType) {
+	public UserData(String username, String password, UserType userType,
+					boolean isWhitelistEnabled, boolean isWhitelistActsAsBlacklist, List<String> whitelistedCommands) {
 		this.username = username;
 		this.password = password;
 		this.userType = userType;
+		this.isWhitelistEnabled = isWhitelistEnabled;
+		this.isWhitelistActsAsBlacklist = isWhitelistActsAsBlacklist;
+		this.whitelistedCommands = whitelistedCommands;
 	}

 	public String getUsername() {
@ -22,4 +31,16 @@ public class UserData {
 	public UserType getUserType() {
 		return userType;
 	}
+
+	public boolean isWhitelistEnabled() {
+		return isWhitelistEnabled;
+	}
+
+	public boolean isWhitelistActsAsBlacklist() {
+		return isWhitelistActsAsBlacklist;
+	}
+
+	public List<String> getWhitelistedCommands() {
+		return whitelistedCommands;
+	}
 }
--- a/src/es/mesacarlos/webconsole/websocket/command/ExecCommand.java
+++ b/src/es/mesacarlos/webconsole/websocket/command/ExecCommand.java
@ -2,6 +2,8 @@ package es.mesacarlos.webconsole.websocket.command;

 import java.util.concurrent.ExecutionException;

+import es.mesacarlos.webconsole.config.ConfigManager;
+import es.mesacarlos.webconsole.config.UserData;
 import org.bukkit.Bukkit;
 import org.bukkit.command.ConsoleCommandSender;
 import org.java_websocket.WebSocket;
@ -14,13 +16,20 @@ import es.mesacarlos.webconsole.util.Internationalization;
 import es.mesacarlos.webconsole.websocket.WSServer;

 public class ExecCommand implements WSCommand {
+	LoginManager loginManager = LoginManager.getInstance();

 	@Override
 	public void execute(WSServer wsServer, WebSocket conn, String command) {
 		ConnectedUser u = LoginManager.getInstance().getUser(conn.getRemoteSocketAddress());
 		if(u == null || u.getUserType() != UserType.ADMIN) {
 			if(u != null)
-				Bukkit.getLogger().warning(Internationalization.getPhrase("viewer-error-console", u, command));
+				Bukkit.getLogger().warning(Internationalization.getPhrase("no-send-permission-console", u, command));
+			return;
+		}
+
+		boolean allowCommand = checkWhitelist(conn, command);
+		if (!allowCommand) {
+			Bukkit.getLogger().warning(Internationalization.getPhrase("no-send-permission-console", u, command));
 			return;
 		}
 		
@ -37,4 +46,50 @@ public class ExecCommand implements WSCommand {

 	}
 	
+	private boolean checkWhitelist(WebSocket conn, String command) {
+		for(UserData ud : ConfigManager.getInstance().getAllUsers()) {
+			if (ud.getUsername().equals(loginManager.getUser(conn.getRemoteSocketAddress()).getUsername())) {
+
+				if (!ud.isWhitelistEnabled()) { //Skip whitelist check.
+					return true;
+				}
+
+				String[] splitCommand = command.split(" ");
+
+				for (String whitelistedCommand : ud.getWhitelistedCommands()) {
+					String[] splitWhitelistedCommand = whitelistedCommand.split(" ");
+
+					if(equalsArray(splitCommand, splitWhitelistedCommand)) {
+						//Command matches the whitelist
+						if(ud.isWhitelistActsAsBlacklist())
+							return false; //If acts as blacklist, do not allow command
+						else
+							return true; //If acts as Whitelist, allow command
+					}
+				}
+				
+				//If execution reached this point, then the command is not in the blacklist.
+				if(ud.isWhitelistActsAsBlacklist())
+					return true; //If acts as blacklist, allow command
+				else
+					return false; //If acts as Whitelist, do not allow command
+			}
+		}
+		throw new RuntimeException("No user matched the whitelist check.");
+	}
+	
+	/**
+	 * Check if the user command matches the whitelisted command
+	 * 
+	 * @param splitCommand Command sent by user
+	 * @param splitWhitelistedCommand Command in the whitelist
+	 * @return true if the user command matches the whitelist command
+	 */
+	private boolean equalsArray(String[] splitCommand, String[] splitWhitelistedCommand) {
+		for (int i = 0; i < splitWhitelistedCommand.length; i++)
+			if (!splitCommand[i].equalsIgnoreCase(splitWhitelistedCommand[i])) 
+				return false; //Does not match so far
+		return true; //Matches the command
+	}
+
 }