From e846ad6441ba41c355ddf0fff676877a1e6bbf71 Mon Sep 17 00:00:00 2001
From: awesomemoder316 <thesusefulthing@gmail.com>
Date: Tue, 17 Aug 2021 19:33:09 -0700
Subject: [PATCH] Added check for whitelisted/blacklisted commands.

---
 .../websocket/command/ExecCommand.java        | 36 ++++++++++++++++++-
 1 file changed, 35 insertions(+), 1 deletion(-)

diff --git a/src/es/mesacarlos/webconsole/websocket/command/ExecCommand.java b/src/es/mesacarlos/webconsole/websocket/command/ExecCommand.java
index e7ced5a..be3a34f 100644
--- a/src/es/mesacarlos/webconsole/websocket/command/ExecCommand.java
+++ b/src/es/mesacarlos/webconsole/websocket/command/ExecCommand.java
@@ -2,6 +2,8 @@ package es.mesacarlos.webconsole.websocket.command;
 
 import java.util.concurrent.ExecutionException;
 
+import es.mesacarlos.webconsole.config.ConfigManager;
+import es.mesacarlos.webconsole.config.UserData;
 import org.bukkit.Bukkit;
 import org.bukkit.command.ConsoleCommandSender;
 import org.java_websocket.WebSocket;
@@ -14,13 +16,45 @@ import es.mesacarlos.webconsole.util.Internationalization;
 import es.mesacarlos.webconsole.websocket.WSServer;
 
 public class ExecCommand implements WSCommand {
+	LoginManager loginManager = LoginManager.getInstance();
 
 	@Override
 	public void execute(WSServer wsServer, WebSocket conn, String command) {
 		ConnectedUser u = LoginManager.getInstance().getUser(conn.getRemoteSocketAddress());
 		if(u == null || u.getUserType() != UserType.ADMIN) {
 			if(u != null)
-				Bukkit.getLogger().warning(Internationalization.getPhrase("viewer-error-console", u, command));
+				Bukkit.getLogger().warning(Internationalization.getPhrase("no-send-permission-console", u, command));
+			return;
+		}
+
+		boolean allowCommand = false;
+
+		for(UserData ud : ConfigManager.getInstance().getAllUsers()) {
+			if (ud.getUsername().equals(loginManager.getUser(conn.getRemoteSocketAddress()).getUsername())) {
+
+				if (!ud.isWhitelistEnabled()) { //Skip whitelist check.
+					allowCommand = true;
+					break;
+				}
+
+				for (String whitelistedCommand : ud.getWhitelistedCommands()) {
+					if (command.toLowerCase().startsWith(whitelistedCommand)) {
+
+						if (!ud.isWhitelistActsAsBlacklist()) allowCommand = true; //cmd is whitelisted.
+
+						break;
+					}
+				}
+
+				if (!allowCommand //Check if was detected by whitelist
+						&& ud.isWhitelistActsAsBlacklist()) allowCommand = true; //cmd is not blacklisted.
+
+				break;
+			}
+		}
+
+		if (!allowCommand) {
+			Bukkit.getLogger().warning(Internationalization.getPhrase("no-send-permission-console", u, command));
 			return;
 		}