diff --git a/src/main/java/fr/xephi/authme/settings/SettingsMigrationService.java b/src/main/java/fr/xephi/authme/settings/SettingsMigrationService.java index 07d3531e6..529327704 100644 --- a/src/main/java/fr/xephi/authme/settings/SettingsMigrationService.java +++ b/src/main/java/fr/xephi/authme/settings/SettingsMigrationService.java @@ -32,9 +32,7 @@ import static fr.xephi.authme.settings.properties.RestrictionSettings.FORCE_SPAW */ public class SettingsMigrationService extends PlainMigrationService { - @Inject - @DataFolder - private File pluginFolder; + private final File pluginFolder; // Stores old commands that need to be migrated to the new commands configuration // We need to store it in here for retrieval when we build the CommandConfig. Retrieving it from the config.yml is @@ -45,7 +43,9 @@ public class SettingsMigrationService extends PlainMigrationService { private List onRegisterCommands = Collections.emptyList(); private List onRegisterConsoleCommands = Collections.emptyList(); - SettingsMigrationService() { + @Inject + SettingsMigrationService(@DataFolder File pluginFolder) { + this.pluginFolder = pluginFolder; } @Override @@ -169,7 +169,7 @@ public class SettingsMigrationService extends PlainMigrationService { } /** - * Detect old "force spawn loc on join" and "force spawn on these worlds" settings and moves them + * Detects old "force spawn loc on join" and "force spawn on these worlds" settings and moves them * to the new paths. * * @param resource The property resource diff --git a/src/test/java/fr/xephi/authme/settings/SettingsMigrationServiceTest.java b/src/test/java/fr/xephi/authme/settings/SettingsMigrationServiceTest.java new file mode 100644 index 000000000..af109fbec --- /dev/null +++ b/src/test/java/fr/xephi/authme/settings/SettingsMigrationServiceTest.java @@ -0,0 +1,88 @@ +package fr.xephi.authme.settings; + +import com.github.authme.configme.resource.PropertyResource; +import com.github.authme.configme.resource.YamlFileResource; +import com.google.common.io.Files; +import fr.xephi.authme.TestHelper; +import fr.xephi.authme.output.LogLevel; +import fr.xephi.authme.settings.properties.AuthMeSettingsRetriever; +import org.junit.BeforeClass; +import org.junit.Rule; +import org.junit.Test; +import org.junit.rules.TemporaryFolder; + +import java.io.File; +import java.io.IOException; +import java.nio.charset.StandardCharsets; + +import static fr.xephi.authme.TestHelper.getJarFile; +import static fr.xephi.authme.settings.properties.PluginSettings.LOG_LEVEL; +import static fr.xephi.authme.settings.properties.RegistrationSettings.DELAY_JOIN_MESSAGE; +import static fr.xephi.authme.settings.properties.RestrictionSettings.ALLOWED_NICKNAME_CHARACTERS; +import static fr.xephi.authme.settings.properties.RestrictionSettings.FORCE_SPAWN_LOCATION_AFTER_LOGIN; +import static fr.xephi.authme.settings.properties.RestrictionSettings.FORCE_SPAWN_ON_WORLDS; +import static org.hamcrest.Matchers.contains; +import static org.hamcrest.Matchers.equalTo; +import static org.junit.Assert.assertThat; + +/** + * Test for {@link SettingsMigrationService}. + */ +public class SettingsMigrationServiceTest { + + private static final String OLD_CONFIG_FILE = TestHelper.PROJECT_ROOT + "settings/config-old.yml"; + + @Rule + public TemporaryFolder temporaryFolder = new TemporaryFolder(); + + @BeforeClass + public static void setUpLogger() { + TestHelper.setupLogger(); + } + + @Test + public void shouldPerformMigrations() throws IOException { + // given + File dataFolder = temporaryFolder.newFolder(); + File configFile = new File(dataFolder, "config.yml"); + Files.copy(getJarFile(OLD_CONFIG_FILE), configFile); + PropertyResource resource = new YamlFileResource(configFile); + SettingsMigrationService migrationService = new SettingsMigrationService(dataFolder); + + // when + Settings settings = new Settings( + dataFolder, resource, migrationService, AuthMeSettingsRetriever.buildConfigurationData()); + + // then + assertThat(settings.getProperty(ALLOWED_NICKNAME_CHARACTERS), equalTo(ALLOWED_NICKNAME_CHARACTERS.getDefaultValue())); + assertThat(settings.getProperty(DELAY_JOIN_MESSAGE), equalTo(true)); + assertThat(settings.getProperty(FORCE_SPAWN_LOCATION_AFTER_LOGIN), equalTo(true)); + assertThat(settings.getProperty(FORCE_SPAWN_ON_WORLDS), contains("survival", "survival_nether", "creative")); + assertThat(settings.getProperty(LOG_LEVEL), equalTo(LogLevel.INFO)); + + // Check migration of old setting to email.html + assertThat(Files.readLines(new File(dataFolder, "email.html"), StandardCharsets.UTF_8), + contains("Dear ,

This is your new AuthMe password for the server " + + "

:



Do not forget to " + + "change password after login!
/changepassword newPassword")); + } + + @Test + public void shouldKeepOldForceCommandSettings() throws IOException { + // given + File dataFolder = temporaryFolder.newFolder(); + File configFile = new File(dataFolder, "config.yml"); + Files.copy(getJarFile(OLD_CONFIG_FILE), configFile); + PropertyResource resource = new YamlFileResource(configFile); + SettingsMigrationService migrationService = new SettingsMigrationService(dataFolder); + + // when + migrationService.performMigrations(resource, AuthMeSettingsRetriever.buildConfigurationData().getProperties()); + + // then + assertThat(migrationService.getOnLoginCommands(), contains("spawn")); + assertThat(migrationService.getOnLoginConsoleCommands(), contains("sethome %p:lastloc", "msg %p Welcome back")); + assertThat(migrationService.getOnRegisterCommands(), contains("me registers", "msg CONSOLE hi")); + assertThat(migrationService.getOnRegisterConsoleCommands(), contains("sethome %p:regloc")); + } +} diff --git a/src/test/resources/fr/xephi/authme/settings/config-old.yml b/src/test/resources/fr/xephi/authme/settings/config-old.yml new file mode 100644 index 000000000..ff2b2918e --- /dev/null +++ b/src/test/resources/fr/xephi/authme/settings/config-old.yml @@ -0,0 +1,414 @@ +# Old default config file, based on commit 1f001f2 (2015-12-06) + +DataSource: + # What type of database do you want to use? + # Valid values: sqlite, mysql + backend: sqlite + # Enable database caching, should improve database performance + caching: true + # Database location + mySQLHost: 127.0.0.1 + # Database Port + mySQLPort: '3306' + # Username about Database Connection Infos + mySQLUsername: authme + # Password about Database Connection Infos + mySQLPassword: '12345' + # Database Name, use with converters or as SQLITE database name + mySQLDatabase: authme + # Table of the database + mySQLTablename: authme + # Column of IDs to sort data + mySQLColumnId: id + # Column for storing or checking players nickname + mySQLColumnName: username + # Column for storing players passwords + mySQLColumnPassword: password + # Column for storing players emails + mySQLColumnEmail: email + # Column for Saving if a player is logged in or not + mySQLColumnLogged: isLogged + # Column for storing players IPs + mySQLColumnIp: ip + # Column for storing players lastlogins + mySQLColumnLastLogin: lastlogin + # Column for SaveQuitLocation - X + mySQLlastlocX: x + # Column for SaveQuitLocation - Y + mySQLlastlocY: y + # Column for SaveQuitLocation - Z + mySQLlastlocZ: z + # Column for SaveQuitLocation - World name + mySQLlastlocWorld: world + # Column for RealName + mySQLRealName: realname + # Enable this when you allow registration through a website + mySQLWebsite: false +settings: + # The name shown in the help messages. + helpHeader: AuthMeReloaded + sessions: + # Do you want to enable the session feature? + # If enabled, when a player authenticates successfully, + # his IP and his nickname is saved. + # The next time the player joins the server, if his IP + # is the same of the last time, and the timeout time + # hasn't expired, he will not need to authenticate. + enabled: false + # After how many minutes a session should expire? + # 0 for unlimited time (Very dangerous, use it at your own risk!) + # Consider that session will end only after the timeout time, and + # if the player's ip has changed but the timeout hasn't expired, + # player will be kicked out of sever due to invalidSession! + timeout: 10 + # Should the session expire if the player try to login with an + # another IP Address? + sessionExpireOnIpChange: true + restrictions: + # Can not authenticated players chat and see the chat log? + # Care that this feature blocks also all the commands not + # listed in the list below. + allowChat: false + # Commands allowed when a player is not authenticated + allowCommands: + - /login + - /register + - /l + - /reg + - /email + - /captcha + # Max number of allowed registrations per IP (default: 1) + maxRegPerIp: 1 + # Max allowed username length + maxNicknameLength: 16 + # When this setting is enabled, online players can't be kicked out + # due to "Logged in from another Location" + # This setting will prevent potetial security exploits. + ForceSingleSession: true + # If enabled, every player will be teleported to the world spawnpoint + # after successful authentication. + # The quit location of the player will be overwritten. + # This is different from "teleportUnAuthedToSpawn" that teleport player + # back to his quit location after the authentication. + ForceSpawnLocOnJoinEnabled: true + # This option will save the quit location of the players. + SaveQuitLocation: false + # To activate the restricted user feature you need + # to enable this option and configure the + # AllowedRestrctedUser field. + AllowRestrictedUser: false + # The restricted user feature will kick players listed below + # if they dont match of the defined ip address. + # Example: + # AllowedRestrictedUser: + # - playername;127.0.0.1 + AllowedRestrictedUser: + - playername;127.0.0.1 + # Should unregistered players be kicked immediatly? + kickNonRegistered: false + # Should players be kicked on wrong password? + kickOnWrongPassword: false + # Should not logged in players be teleported to the spawn? + # After the authentication they will be teleported back to + # their normal position. + teleportUnAuthedToSpawn: false + # Minimum allowed nick length + minNicknameLength: 4 + # Can unregistered players walk around? + allowMovement: false + # Should not authenticated players have speed = 0? + # This will reset the fly/walk speed to default value after the login. + removeSpeed: true + # After how many time players who fail to login or register + # should be kicked? Set to 0 to disable. + timeout: 30 + # Regex sintax of allowed characters in the player name. + allowedNicknameCharacters: '[a-zA-Z0-9_?]*' + # How far can unregistered players walk? Set to 0 + # for unlimited radius + allowedMovementRadius: 100 + # Enable double check of password when you register + # when it's true, registration require that kind of command: + # /register + enablePasswordVerifier: true + # Should we protect the player inventory before logging in? + ProtectInventoryBeforeLogIn: true + # Should we display all other accounts from a player when he joins? + # permission: /authme.admin.accounts + displayOtherAccounts: true + # WorldNames where we need to force the spawn location for ForceSpawnLocOnJoinEnabled + # CASE SENSITIVE + ForceSpawnOnTheseWorlds: + - survival + - survival_nether + - creative + # Ban ip when the ip is not the ip registered in database + banUnsafedIP: false + # Spawn Priority, Values : authme, essentials, multiverse, default + spawnPriority: authme,essentials,multiverse,default + # Maximum Login authorized by IP + maxLoginPerIp: 0 + # Maximum Join authorized by IP + maxJoinPerIp: 0 + # AuthMe will NEVER teleport players ! + noTeleport: false + # Regex sintax for allowed Chars in passwords. + allowedPasswordCharacters: '[\x21-\x7E]*' + GameMode: + # ForceSurvivalMode to player when join ? + ForceSurvivalMode: false + # if player join with CreativeMode and ForceSurvivalMode: true + # inventory will be wipped + ResetInventoryIfCreative: false + # Do we need to force the survival mode ONLY after /login process ? + ForceOnlyAfterLogin: false + security: + # minimum Length of password + minPasswordLength: 5 + # this is very important options, + # every time player join the server, + # if they are registered, AuthMe will switch him + # to unLoggedInGroup, this + # should prevent all major exploit. + # So you can set up on your Permission Plugin + # this special group with 0 permissions, or permissions to chat, + # or permission to + # send private message or all other perms that you want, + # the better way is to set up + # this group with few permissions, + # so if player try to exploit some account, + # they can + # do anything except what you set in perm Group. + # After a correct logged-in player will be + # moved to his correct permissions group! + # Pay attention group name is case sensitive, + # so Admin is different from admin, + # otherwise your group will be wiped, + # and player join in default group []! + # Example unLoggedinGroup: NotLogged + unLoggedinGroup: unLoggedinGroup + # possible values: MD5, SHA1, SHA256, WHIRLPOOL, XAUTH, MD5VB, PHPBB, + # PLAINTEXT ( unhashed password), + # MYBB, IPB3, PHPFUSION, SMF, XENFORO, SALTED2MD5, JOOMLA, BCRYPT, WBB3, SHA512, + # DOUBLEMD5, PBKDF2, PBKDF2DJANGO, WORDPRESS, ROYALAUTH, CUSTOM(for developpers only) + passwordHash: SHA256 + # salt length for the SALTED2MD5 MD5(MD5(password)+salt) + doubleMD5SaltLength: 8 + # If password checking return false , do we need to check with all + # other password algorithm to check an old password ? + # AuthMe will update the password to the new passwordHash ! + supportOldPasswordHash: false + # Cancel unsafe passwords for being used, put them on lowercase! + #unsafePasswords: + #- '123456' + #- 'password' + unsafePasswords: + - '123456' + - 'password' + - 'qwerty' + - '12345' + - '54321' + registration: + # enable registration on the server? + enabled: true + # Send every X seconds a message to a player to + # remind him that he has to login/register + messageInterval: 5 + # Only registered and logged in players can play. + # See restrictions for exceptions + force: true + # Does we replace password registration by an Email registration method ? + enableEmailRegistrationSystem: false + # Enable double check of email when you register + # when it's true, registration require that kind of command: + # /register + doubleEmailCheck: false + # Do we force kicking player after a successful registration ? + # Do not use with login feature below + forceKickAfterRegister: false + # Does AuthMe need to enforce a /login after a successful registration ? + forceLoginAfterRegister: false + unrestrictions: + # below you can list all your account name, that + # AuthMe will ignore for registration or login, configure it + # at your own risk!! Remember that if you are going to add + # nickname with [], you have to delimit name with ' '. + # this option add compatibility with BuildCraft and some + # other mods. + # It is CaseSensitive! + UnrestrictedName: [] + # Message language, available : en, de, br, cz, pl, fr, ru, hu, sk, es, zhtw, fi, zhcn, lt, it, ko, pt + messagesLanguage: en + # Force these commands after /login, without any '/', use %p for replace with player name + forceCommands: + - spawn + # Force these commands after /login as a server console, without any '/', use %p for replace with player name + forceCommandsAsConsole: + - sethome %p:lastloc + - msg %p Welcome back + # Force these commands after /register, without any '/', use %p for replace with player name + forceRegisterCommands: + - me registers + - msg CONSOLE hi + # Force these commands after /register as a server console, without any '/', use %p for replace with player name + forceRegisterCommandsAsConsole: + - sethome %p:regloc + # Do we need to display the welcome message (welcome.txt) after a register or a login? + # You can use colors in this welcome.txt + some replaced strings : + # {PLAYER} : player name, {ONLINE} : display number of online players, {MAXPLAYERS} : display server slots, + # {IP} : player ip, {LOGINS} : number of players logged, {WORLD} : player current world, {SERVER} : server name + # {VERSION} : get current bukkit version, {COUNTRY} : player country + useWelcomeMessage: true + # Do we need to broadcast the welcome message to all server or only to the player? set true for server or false for player + broadcastWelcomeMessage: false + # Do we need to delay the join/leave message to be displayed only when the player is authenticated ? + delayJoinLeaveMessages: true + # Do we need to add potion effect Blinding before login/register ? + applyBlindEffect: false +ExternalBoardOptions: + # MySQL column for the salt , needed for some forum/cms support + mySQLColumnSalt: '' + # MySQL column for the group, needed for some forum/cms support + mySQLColumnGroup: '' + # -1 mean disabled. If u want that only + # activated player can login in your server + # u can put in this options the group number + # of unactivated user, needed for some forum/cms support + nonActivedUserGroup: -1 + # Other MySQL columns where we need to put the Username (case sensitive) + mySQLOtherUsernameColumns: [] + # How much Log to Round needed in BCrypt(do not change it if you do not know what's your doing) + bCryptLog2Round: 10 + # phpBB prefix defined during phpbb installation process + phpbbTablePrefix: 'phpbb_' + # phpBB activated group id , 2 is default registered group defined by phpbb + phpbbActivatedGroupId: 2 + # WordPress prefix defined during WordPress installation process + wordpressTablePrefix: 'wp_' +permission: + # Take care with this options, if you dont want + # to use Vault and Group Switching of + # AuthMe for unloggedIn players put true + # below, default is false. + EnablePermissionCheck: false +BackupSystem: + # Enable or Disable Automatic Backup + ActivateBackup: false + # set Backup at every start of Server + OnServerStart: false + # set Backup at every stop of Server + OnServerStop: true + # Windows only mysql installation Path + MysqlWindowsPath: 'C:\\Program Files\\MySQL\\MySQL Server 5.1\\' +Security: + SQLProblem: + # Stop the server if we can't contact the sql database + # Take care with this, if you set that to false, + # AuthMe automatically disable and the server is not protected! + stopServer: true + ReloadCommand: + # /reload support + useReloadCommandSupport: true + console: + # Remove spam console + noConsoleSpam: true + # Replace passwords in the console when player type a command like /login + removePassword: true + captcha: + # Player need to put a captcha when he fails too lot the password + useCaptcha: false + # Max allowed tries before request a captcha + maxLoginTry: 5 + # Captcha length + captchaLength: 5 +Converter: + Rakamak: + # Rakamak file name + fileName: users.rak + # Rakamak use ip ? + useIP: false + # IP file name for rakamak + ipFileName: UsersIp.rak + CrazyLogin: + # CrazyLogin database file + fileName: accounts.db +Email: + # Email SMTP server host + mailSMTP: smtp.gmail.com + # Email SMTP server port + mailPort: 465 + # Email account that send the mail + mailAccount: '' + # Email account password + mailPassword: '' + # Custom SenderName, that replace the mailAccount name in the email + mailSenderName: '' + # Random password length + RecoveryPasswordLength: 8 + # Email subject of password get + mailSubject: 'Your new AuthMe Password' + # Email text here + mailText: 'Dear ,

This is your new AuthMe password for the server

%servername% :



Do not forget to change password after login!
/changepassword %generatedpass% newPassword' + # Like maxRegPerIp but with email + maxRegPerEmail: 1 + # Recall players to add an email ? + recallPlayers: false + # Delay in minute for the recall scheduler + delayRecall: 5 + # Blacklist these domains for emails + emailBlacklisted: + - 10minutemail.com + # WhiteList only these domains for emails + emailWhitelisted: [] + # Do we need to send new password draw in an image ? + generateImage: false +Hooks: + # Do we need to hook with multiverse for spawn checking? + multiverse: true + # Do we need to hook with BungeeCord for get the real Player ip ? + bungeecord: false + # Do we need to disable Essentials SocialSpy on join ? + disableSocialSpy: true + # Do we need to force /motd Essentials command on join ? + useEssentialsMotd: false + # Do we need to cache custom Attributes ? + customAttributes: false +Purge: + # On Enable , does AuthMe need to purge automatically old accounts unused ? + useAutoPurge: false + # Number of Days an account become Unused + daysBeforeRemovePlayer: 60 + # Do we need to remove the player.dat file during purge process ? + removePlayerDat: false + # Do we need to remove the Essentials/users/player.yml file during purge process ? + removeEssentialsFile: false + # World where are players.dat stores + defaultWorld: 'world' + # Do we need to remove LimitedCreative/inventories/player.yml , player_creative.yml files during purge process ? + removeLimitedCreativesInventories: false + # Do we need to remove the AntiXRayData/PlayerData/player file during purge process ? + removeAntiXRayFile: false + # Do we need to remove permissions ? + removePermissions: false +Protection: + # Enable some servers protection ( country based login, antibot ) + enableProtection: false + # Countries allowed to join the server and register, see http://dev.bukkit.org/bukkit-plugins/authme-reloaded/pages/countries-codes/ for countries' codes + # PLEASE USE QUOTES! + countries: + - 'US' + - 'GB' + # Countries blacklisted automatically ( without any needed to enable protection ) + # PLEASE USE QUOTES! + countriesBlacklist: + - 'A1' + # Do we need to enable automatic antibot system? + enableAntiBot: false + # Max number of player allowed to login in 5 secs before enable AntiBot system automatically + antiBotSensibility: 5 + # Duration in minutes of the antibot automatic system + antiBotDuration: 10 +VeryGames: + # These features are only available on VeryGames Server Provider + enableIpCheck: false +