From 8814c6b6cc26ba3891f66aabb4b629e907903285 Mon Sep 17 00:00:00 2001 From: Lixfel Date: Fri, 20 Dec 2019 11:07:33 +0100 Subject: [PATCH 1/2] Adding global tp command handler + security fix of /local command --- pom.xml | 1 - src/de/steamwar/bungeecore/BungeeCore.java | 9 +- .../bungeecore/commands/JoinmeCommand.java | 20 +-- .../bungeecore/commands/TpCommand.java | 116 ++++++++++++++---- .../bungeecore/listeners/ChatListener.java | 45 +++++-- 5 files changed, 148 insertions(+), 43 deletions(-) diff --git a/pom.xml b/pom.xml index a3c934a..cd9bacf 100644 --- a/pom.xml +++ b/pom.xml @@ -60,7 +60,6 @@ steamwar PersistentBungeeCore 1.0 - jar provided diff --git a/src/de/steamwar/bungeecore/BungeeCore.java b/src/de/steamwar/bungeecore/BungeeCore.java index 933db5d..157048b 100644 --- a/src/de/steamwar/bungeecore/BungeeCore.java +++ b/src/de/steamwar/bungeecore/BungeeCore.java @@ -56,7 +56,13 @@ public class BungeeCore extends Plugin { new ChatListener(); new BanListener(); - commands.put("/bau", ""); + commands.put("/b", null); + commands.put("/gs", null); + commands.put("/bau", null); + commands.put("/tp", null); + commands.put("/bc", null); + commands.put("/bauchat", null); + commands.put("/local", null); new TeamchatCommand(); new MsgCommand(); @@ -66,6 +72,7 @@ public class BungeeCore extends Plugin { new AlertCommand(); new KickCommand(); new JoinmeCommand(); + new TpCommand(); new FightCommand(); new HelpCommand(); new BanCommand(); diff --git a/src/de/steamwar/bungeecore/commands/JoinmeCommand.java b/src/de/steamwar/bungeecore/commands/JoinmeCommand.java index 6e41ee6..23a13dd 100644 --- a/src/de/steamwar/bungeecore/commands/JoinmeCommand.java +++ b/src/de/steamwar/bungeecore/commands/JoinmeCommand.java @@ -18,7 +18,7 @@ public class JoinmeCommand extends BasicCommand { private static final String DENY_MESSAGE = "§cDu kannst diesem Spieler derzeit nicht folgen."; public JoinmeCommand() { - super("join", "", "joinme"); + super("joinme", ""); } @Override @@ -34,14 +34,14 @@ public class JoinmeCommand extends BasicCommand { } else if (args.length == 1) { ProxiedPlayer target = ProxyServer.getInstance().getPlayer(args[0]); if(target == null || !target.isConnected()){ - player.sendMessage(BungeeCore.CHAT_PREFIX + "§cDieser Spieler ist offline."); + BungeeCore.send(player, BungeeCore.CHAT_PREFIX + "§cDieser Spieler ist offline."); return; }else if(target.equals(player)){ - player.sendMessage(BungeeCore.CHAT_PREFIX + "§cSei eins mit dir selbst!"); + BungeeCore.send(player, BungeeCore.CHAT_PREFIX + "§cSei eins mit dir selbst!"); return; } ServerInfo server = target.getServer().getInfo(); - String ServerPerm = BungeeCore.serverPermissions.get(server.getName()); + String serverPerm = BungeeCore.serverPermissions.get(server.getName()); Subserver subserver = Subserver.getSubserver(target); if(subserver != null) { @@ -55,18 +55,18 @@ public class JoinmeCommand extends BasicCommand { subserver.sendPlayer(player); } else { SubserverSystem.sendDeniedMessage(player, bauserver.getOwner()); - player.sendMessage(BungeeCore.CHAT_PREFIX + DENY_MESSAGE); + BungeeCore.send(player, BungeeCore.CHAT_PREFIX + DENY_MESSAGE); } } - }else if(ServerPerm != null && !player.hasPermission(ServerPerm)){ - player.sendMessage(BungeeCore.CHAT_PREFIX + DENY_MESSAGE); - }else if(ServerPerm == null && !player.getGroups().contains("team")) { - player.sendMessage(BungeeCore.CHAT_PREFIX + DENY_MESSAGE); + }else if(serverPerm != null && !player.hasPermission(serverPerm)){ + BungeeCore.send(player, BungeeCore.CHAT_PREFIX + DENY_MESSAGE); + }else if(serverPerm == null && !player.getGroups().contains("team")) { + BungeeCore.send(player, BungeeCore.CHAT_PREFIX + DENY_MESSAGE); }else{ player.connect(server); } } else { - player.sendMessage(BungeeCore.CHAT_PREFIX + "§7Mit §8/§ejoin §8[§eSpieler§8] §7kannst du einem Spieler folgen §8(z.B. in eine Arena)§7."); + BungeeCore.send(player, BungeeCore.CHAT_PREFIX + "§7Mit §8/§ejoin §8[§eSpieler§8] §7kannst du einem Spieler folgen §8(z.B. in eine Arena)§7."); } } } diff --git a/src/de/steamwar/bungeecore/commands/TpCommand.java b/src/de/steamwar/bungeecore/commands/TpCommand.java index e78fdcd..3aa7335 100644 --- a/src/de/steamwar/bungeecore/commands/TpCommand.java +++ b/src/de/steamwar/bungeecore/commands/TpCommand.java @@ -1,44 +1,116 @@ package de.steamwar.bungeecore.commands; -import de.steamwar.bungeecore.BungeeCore; +import de.steamwar.bungeecore.*; +import de.steamwar.bungeecore.sql.BauweltMember; +import de.steamwar.bungeecore.sql.Event; import de.steamwar.bungeecore.sql.SteamwarUser; +import de.steamwar.bungeecore.sql.Team; +import net.md_5.bungee.api.CommandSender; import net.md_5.bungee.api.ProxyServer; +import net.md_5.bungee.api.config.ServerInfo; import net.md_5.bungee.api.connection.ProxiedPlayer; import net.md_5.bungee.api.event.ChatEvent; -public class TpCommand { +import java.util.ArrayList; +import java.util.Arrays; - private TpCommand(){} +public class TpCommand extends BasicCommand { + + private static final String DENY_MESSAGE = "§cDu kannst diesem Spieler derzeit nicht folgen."; public static void onTp(ChatEvent e, String[] command){ if(!(e.getSender() instanceof ProxiedPlayer)) return; - ProxiedPlayer player = (ProxiedPlayer) e.getSender(); - - if(command.length == 1){ - BungeeCore.send(player, BungeeCore.CHAT_PREFIX + "§c/tp [Spieler]"); + if(onTp((ProxiedPlayer) e.getSender(), Arrays.copyOfRange(command, 1, command.length))) e.setCancelled(true); + } + + public TpCommand(){ + super("join", null); + } + + @Override + public void execute(CommandSender sender, String[] args) { + if(!(sender instanceof ProxiedPlayer)) return; + if(!onTp((ProxiedPlayer) sender, args)) + BungeeCore.send(sender, BungeeCore.CHAT_PREFIX + "§cKonnte das angegebene Ziel nicht finden."); + } + + @Override + public Iterable onTabComplete(CommandSender commandSender, String[] args) { + if(args.length == 1){ + return allPlayers(args[0]); + } + return new ArrayList<>(); + } + + private static boolean onTp(ProxiedPlayer player, String[] args){ + if(args.length == 0){ + if(Event.get() == null) + BungeeCore.send(player, BungeeCore.CHAT_PREFIX + "§8/§etp §8[§7Spieler§8]"); + else + BungeeCore.send(player, BungeeCore.CHAT_PREFIX + "§8/§etp §8[§7Spieler §8oder §7Team§8]"); + return true; } - SteamwarUser user = SteamwarUser.get(player); - if(user == null){ - BungeeCore.send(player, BungeeCore.CHAT_PREFIX + "§cUnbekannter Spieler"); - e.setCancelled(true); - return; + //Get target player server + ServerInfo server = getTargetPlayer(args[0]); + + //Get target team event arena + if(server == null){ + Team team = Team.get(args[0]); + if(team != null){ + Subserver eventArena = EventStarter.getEventServer().get(team); + if(eventArena != null && Subserver.getServerList().contains(eventArena)) + server = eventArena.getServer(); + } } + //Give control of teleport command to server + if(server == null || server == player.getServer().getInfo()) + return false; + + teleport(player, server); + return true; + } + + private static ServerInfo getTargetPlayer(String playerName){ + SteamwarUser user = SteamwarUser.get(playerName); + if(user == null) + return null; + ProxiedPlayer target = ProxyServer.getInstance().getPlayer(user.getUuid()); - if(target == null){ - BungeeCore.send(player, BungeeCore.CHAT_PREFIX + "§cDieser Spieler ist derzeit offline"); - e.setCancelled(true); - return; + if(target == null) + return null; + + return target.getServer().getInfo(); + } + + private static void teleport(ProxiedPlayer player, ServerInfo server){ + String serverPerm = BungeeCore.serverPermissions.get(server.getName()); + Subserver subserver = Subserver.getSubserver(server); + + if(subserver != null) { + Servertype type = subserver.getType(); + if (type == Servertype.ARENA) { + subserver.sendPlayer(player); + } else if (type == Servertype.BAUSERVER) { + Bauserver bauserver = (Bauserver) subserver; + if (bauserver.getOwner().equals(player.getUniqueId()) || + BauweltMember.getBauMember(bauserver.getOwner(), player.getUniqueId()) != null) { + subserver.sendPlayer(player); + } else { + SubserverSystem.sendDeniedMessage(player, bauserver.getOwner()); + BungeeCore.send(player, BungeeCore.CHAT_PREFIX + DENY_MESSAGE); + } + } + }else if(serverPerm != null && !player.hasPermission(serverPerm)){ + BungeeCore.send(player, BungeeCore.CHAT_PREFIX + DENY_MESSAGE); + }else if(serverPerm == null && !player.getGroups().contains("team")) { + BungeeCore.send(player, BungeeCore.CHAT_PREFIX + DENY_MESSAGE); + }else{ + player.connect(server); } - - if(target.getServer() == player.getServer()) - return; - - e.setCancelled(true); - //TODO: Implement Joinme-Command Option } } diff --git a/src/de/steamwar/bungeecore/listeners/ChatListener.java b/src/de/steamwar/bungeecore/listeners/ChatListener.java index 646dc0d..614d0f6 100644 --- a/src/de/steamwar/bungeecore/listeners/ChatListener.java +++ b/src/de/steamwar/bungeecore/listeners/ChatListener.java @@ -4,6 +4,7 @@ import de.steamwar.bungeecore.BungeeCore; import de.steamwar.bungeecore.Servertype; import de.steamwar.bungeecore.Subserver; import de.steamwar.bungeecore.commands.BauCommand; +import de.steamwar.bungeecore.commands.TpCommand; import de.steamwar.bungeecore.sql.SteamwarUser; import de.steamwar.bungeecore.sql.Team; import net.md_5.bungee.api.ChatColor; @@ -11,6 +12,7 @@ import net.md_5.bungee.api.ChatMessageType; import net.md_5.bungee.api.ProxyServer; import net.md_5.bungee.api.Title; import net.md_5.bungee.api.chat.TextComponent; +import net.md_5.bungee.api.connection.Connection; import net.md_5.bungee.api.connection.ProxiedPlayer; import net.md_5.bungee.api.event.ChatEvent; import net.md_5.bungee.api.event.TabCompleteEvent; @@ -35,16 +37,27 @@ public class ChatListener extends BasicListener { private void onCommand(ChatEvent e){ String [] command = e.getMessage().split(" "); - if(command[0].contains(":")){ + if(isBadCommand(e.getSender(), command[0])){ e.setCancelled(true); - if(e.getSender() instanceof ProxiedPlayer){ - ProxiedPlayer sender = (ProxiedPlayer) e.getSender(); - BungeeCore.send(sender, BungeeCore.CHAT_PREFIX + "§cUnbekannter Befehl."); - } - }else if((command[0].equalsIgnoreCase("/bau") || command[0].equalsIgnoreCase("/b") || command[0].equalsIgnoreCase("/gs")) && e.getSender() instanceof ProxiedPlayer){ - BauCommand.onBau(e, command); - }else if(command[0].equalsIgnoreCase("/bc") || command[0].equalsIgnoreCase("/bauchat") || command[0].equalsIgnoreCase("/local")){ - localChat(e, command); + return; + } + + switch(command[0].toLowerCase()){ + case "/bau": + case "/b": + case "/gs": + BauCommand.onBau(e, command); + break; + case "/bc": + case "/bauchat": + case "/local": + localChat(e, command); + break; + case "/tp": + TpCommand.onTp(e, command); + break; + default: + //do nothing, let the normal command handlers proceed } } @@ -136,9 +149,23 @@ public class ChatListener extends BasicListener { return; } + if(isBadCommand(sender, command[1])){ + e.setCancelled(true); + return; + } + e.setMessage(e.getMessage().substring(command[0].length() + 1)); } + private boolean isBadCommand(Connection connection, String command){ + if(command.startsWith("/") && command.contains(":")){ + if(connection instanceof ProxiedPlayer) + BungeeCore.send((ProxiedPlayer) connection, BungeeCore.CHAT_PREFIX + "§cUnbekannter Befehl."); + return true; + } + return false; + } + @EventHandler public void onTabCompleteEvent(TabCompleteEvent e){ List suggestions = e.getSuggestions(); -- 2.39.5 From 1bf9f480bc01938bf75d6d59df2fc033b9258cd0 Mon Sep 17 00:00:00 2001 From: Lixfel Date: Fri, 20 Dec 2019 11:10:17 +0100 Subject: [PATCH 2/2] Fixing completely /local security --- .../bungeecore/listeners/ChatListener.java | 19 ++++++------------- 1 file changed, 6 insertions(+), 13 deletions(-) diff --git a/src/de/steamwar/bungeecore/listeners/ChatListener.java b/src/de/steamwar/bungeecore/listeners/ChatListener.java index 614d0f6..036ff5a 100644 --- a/src/de/steamwar/bungeecore/listeners/ChatListener.java +++ b/src/de/steamwar/bungeecore/listeners/ChatListener.java @@ -12,7 +12,6 @@ import net.md_5.bungee.api.ChatMessageType; import net.md_5.bungee.api.ProxyServer; import net.md_5.bungee.api.Title; import net.md_5.bungee.api.chat.TextComponent; -import net.md_5.bungee.api.connection.Connection; import net.md_5.bungee.api.connection.ProxiedPlayer; import net.md_5.bungee.api.event.ChatEvent; import net.md_5.bungee.api.event.TabCompleteEvent; @@ -25,7 +24,7 @@ import java.util.concurrent.TimeUnit; public class ChatListener extends BasicListener { - private static Title LIXFEL = ProxyServer.getInstance().createTitle().fadeIn(5).fadeOut(20).stay(30).title(TextComponent.fromLegacyText("§4§lLIXFEL")); + private static final Title LIXFEL = ProxyServer.getInstance().createTitle().fadeIn(5).fadeOut(20).stay(30).title(TextComponent.fromLegacyText("§4§lLIXFEL")); @EventHandler public void onChatEvent(ChatEvent e){ @@ -37,7 +36,9 @@ public class ChatListener extends BasicListener { private void onCommand(ChatEvent e){ String [] command = e.getMessage().split(" "); - if(isBadCommand(e.getSender(), command[0])){ + if(command[0].contains(":")){ + if(e.getSender() instanceof ProxiedPlayer) + BungeeCore.send((ProxiedPlayer) e.getSender(), BungeeCore.CHAT_PREFIX + "§cUnbekannter Befehl."); e.setCancelled(true); return; } @@ -149,7 +150,8 @@ public class ChatListener extends BasicListener { return; } - if(isBadCommand(sender, command[1])){ + if(command[1].startsWith("/")){ + BungeeCore.send(sender, "§Keine Befehle mit /local möglich."); e.setCancelled(true); return; } @@ -157,15 +159,6 @@ public class ChatListener extends BasicListener { e.setMessage(e.getMessage().substring(command[0].length() + 1)); } - private boolean isBadCommand(Connection connection, String command){ - if(command.startsWith("/") && command.contains(":")){ - if(connection instanceof ProxiedPlayer) - BungeeCore.send((ProxiedPlayer) connection, BungeeCore.CHAT_PREFIX + "§cUnbekannter Befehl."); - return true; - } - return false; - } - @EventHandler public void onTabCompleteEvent(TabCompleteEvent e){ List suggestions = e.getSuggestions(); -- 2.39.5