From fac3a70634ef2941b70fd1a91864f48fb996e149 Mon Sep 17 00:00:00 2001 From: Gabriele C Date: Sun, 9 Dec 2018 19:03:51 +0100 Subject: [PATCH] Requested changes --- .../authme/command/CommandDescription.java | 7 +- .../authme/command/CommandInitializer.java | 18 ++-- .../authme/initialization/OnStartupTasks.java | 2 +- .../fr/xephi/authme/output/ConsoleFilter.java | 2 + .../fr/xephi/authme/output/Log4JFilter.java | 1 + .../{output => service}/LogFilterService.java | 5 +- .../authme/output/LogFilterHelperTest.java | 89 ------------------- 7 files changed, 18 insertions(+), 106 deletions(-) rename src/main/java/fr/xephi/authme/{output => service}/LogFilterService.java (91%) delete mode 100644 src/test/java/fr/xephi/authme/output/LogFilterHelperTest.java diff --git a/src/main/java/fr/xephi/authme/command/CommandDescription.java b/src/main/java/fr/xephi/authme/command/CommandDescription.java index 72d78de8e..8177f33bb 100644 --- a/src/main/java/fr/xephi/authme/command/CommandDescription.java +++ b/src/main/java/fr/xephi/authme/command/CommandDescription.java @@ -302,13 +302,12 @@ public class CommandDescription { } /** - * Defines if the command contains sensitive data + * Defines that the command contains sensitive data * - * @param sensitive The sensitive data flag * @return The builder */ - public CommandBuilder sensitive(boolean sensitive) { - this.sensitive = sensitive; + public CommandBuilder sensitive() { + this.sensitive = true; return this; } } diff --git a/src/main/java/fr/xephi/authme/command/CommandInitializer.java b/src/main/java/fr/xephi/authme/command/CommandInitializer.java index 5ebb10d73..ba9151fb7 100644 --- a/src/main/java/fr/xephi/authme/command/CommandInitializer.java +++ b/src/main/java/fr/xephi/authme/command/CommandInitializer.java @@ -94,7 +94,7 @@ public class CommandInitializer { .detailedDescription("Command to log in using AuthMeReloaded.") .withArgument("password", "Login password", MANDATORY) .permission(PlayerPermission.LOGIN) - .sensitive(true) + .sensitive() .executableCommand(LoginCommand.class) .register(); @@ -117,7 +117,7 @@ public class CommandInitializer { .withArgument("password", "Password", OPTIONAL) .withArgument("verifyPassword", "Verify password", OPTIONAL) .permission(PlayerPermission.REGISTER) - .sensitive(true) + .sensitive() .executableCommand(RegisterCommand.class) .register(); @@ -141,7 +141,7 @@ public class CommandInitializer { .withArgument("oldPassword", "Old password", MANDATORY) .withArgument("newPassword", "New password", MANDATORY) .permission(PlayerPermission.CHANGE_PASSWORD) - .sensitive(true) + .sensitive() .executableCommand(ChangePasswordCommand.class) .register(); @@ -200,7 +200,7 @@ public class CommandInitializer { .withArgument("player", "Player name", MANDATORY) .withArgument("password", "Password", MANDATORY) .permission(AdminPermission.REGISTER) - .sensitive(true) + .sensitive() .executableCommand(RegisterAdminCommand.class) .register(); @@ -235,7 +235,7 @@ public class CommandInitializer { .withArgument("player", "Player name", MANDATORY) .withArgument("pwd", "New password", MANDATORY) .permission(AdminPermission.CHANGE_PASSWORD) - .sensitive(true) + .sensitive() .executableCommand(ChangePasswordAdminCommand.class) .register(); @@ -545,7 +545,7 @@ public class CommandInitializer { .detailedDescription("Set a new password after successfully recovering your account.") .withArgument("password", "New password", MANDATORY) .permission(PlayerPermission.RECOVER_EMAIL) - .sensitive(true) + .sensitive() .executableCommand(EmailSetPasswordCommand.class) .register(); @@ -574,7 +574,7 @@ public class CommandInitializer { .description("Command for logging in") .detailedDescription("Processes the two-factor authentication code during login.") .withArgument("code", "The TOTP code to use to log in", MANDATORY) - .sensitive(true) + .sensitive() .executableCommand(TotpCodeCommand.class) .register(); @@ -596,7 +596,7 @@ public class CommandInitializer { .detailedDescription("Saves the generated TOTP secret after confirmation.") .withArgument("code", "Code from the given secret from /totp add", MANDATORY) .permission(PlayerPermission.ENABLE_TWO_FACTOR_AUTH) - .sensitive(true) + .sensitive() .executableCommand(ConfirmTotpCommand.class) .register(); @@ -608,7 +608,7 @@ public class CommandInitializer { .detailedDescription("Disables two-factor authentication for your account.") .withArgument("code", "Current 2FA code", MANDATORY) .permission(PlayerPermission.DISABLE_TWO_FACTOR_AUTH) - .sensitive(true) + .sensitive() .executableCommand(RemoveTotpCommand.class) .register(); diff --git a/src/main/java/fr/xephi/authme/initialization/OnStartupTasks.java b/src/main/java/fr/xephi/authme/initialization/OnStartupTasks.java index 26d5dd342..1e920c0f8 100644 --- a/src/main/java/fr/xephi/authme/initialization/OnStartupTasks.java +++ b/src/main/java/fr/xephi/authme/initialization/OnStartupTasks.java @@ -7,7 +7,7 @@ import fr.xephi.authme.message.MessageKey; import fr.xephi.authme.message.Messages; import fr.xephi.authme.output.ConsoleFilter; import fr.xephi.authme.output.Log4JFilter; -import fr.xephi.authme.output.LogFilterService; +import fr.xephi.authme.service.LogFilterService; import fr.xephi.authme.service.BukkitService; import fr.xephi.authme.settings.Settings; import fr.xephi.authme.settings.properties.DatabaseSettings; diff --git a/src/main/java/fr/xephi/authme/output/ConsoleFilter.java b/src/main/java/fr/xephi/authme/output/ConsoleFilter.java index 8de1744e9..8d50e701e 100644 --- a/src/main/java/fr/xephi/authme/output/ConsoleFilter.java +++ b/src/main/java/fr/xephi/authme/output/ConsoleFilter.java @@ -1,5 +1,7 @@ package fr.xephi.authme.output; +import fr.xephi.authme.service.LogFilterService; + import java.util.logging.Filter; import java.util.logging.LogRecord; diff --git a/src/main/java/fr/xephi/authme/output/Log4JFilter.java b/src/main/java/fr/xephi/authme/output/Log4JFilter.java index 09fff8191..b7627510e 100644 --- a/src/main/java/fr/xephi/authme/output/Log4JFilter.java +++ b/src/main/java/fr/xephi/authme/output/Log4JFilter.java @@ -1,5 +1,6 @@ package fr.xephi.authme.output; +import fr.xephi.authme.service.LogFilterService; import org.apache.logging.log4j.Level; import org.apache.logging.log4j.Marker; import org.apache.logging.log4j.core.LogEvent; diff --git a/src/main/java/fr/xephi/authme/output/LogFilterService.java b/src/main/java/fr/xephi/authme/service/LogFilterService.java similarity index 91% rename from src/main/java/fr/xephi/authme/output/LogFilterService.java rename to src/main/java/fr/xephi/authme/service/LogFilterService.java index 3cf2ee268..b44a9c5f1 100644 --- a/src/main/java/fr/xephi/authme/output/LogFilterService.java +++ b/src/main/java/fr/xephi/authme/service/LogFilterService.java @@ -1,4 +1,4 @@ -package fr.xephi.authme.output; +package fr.xephi.authme.service; import fr.xephi.authme.command.CommandMapper; import fr.xephi.authme.command.FoundCommandResult; @@ -36,8 +36,7 @@ public class LogFilterService { case MISSING_BASE_COMMAND: return false; default: - break; + return command.getCommandDescription().isSensitive(); } - return command.getCommandDescription().isSensitive(); } } diff --git a/src/test/java/fr/xephi/authme/output/LogFilterHelperTest.java b/src/test/java/fr/xephi/authme/output/LogFilterHelperTest.java deleted file mode 100644 index 8ef148ced..000000000 --- a/src/test/java/fr/xephi/authme/output/LogFilterHelperTest.java +++ /dev/null @@ -1,89 +0,0 @@ -package fr.xephi.authme.output; - -import com.google.common.collect.Lists; -import fr.xephi.authme.command.CommandDescription; -import fr.xephi.authme.command.CommandInitializer; -import org.junit.Test; - -import java.util.Arrays; -import java.util.List; -import java.util.stream.Collectors; - -import static org.hamcrest.Matchers.containsInAnyOrder; -import static org.junit.Assert.assertThat; - -/** - * Test for {@link LogFilterService}. - */ -public class LogFilterHelperTest { - - private static final List ALL_COMMANDS = new CommandInitializer().getCommands(); - - /** - * Checks that {@link LogFilterService#COMMANDS_TO_SKIP} contains the entries we expect - * (commands with password argument). - */ - @Test - public void shouldBlacklistAllSensitiveCommands() { - // given - List sensitiveCommands = Arrays.asList( - getCommand("register"), getCommand("login"), getCommand("changepassword"), getCommand("unregister"), - getCommand("authme", "register"), getCommand("authme", "changepassword"), - getCommand("email", "setpassword") - ); - // Build array with entries like "/register ", "/authme cp ", "/authme changepass " - String[] expectedEntries = sensitiveCommands.stream() - .map(cmd -> buildCommandSyntaxes(cmd)) - .flatMap(List::stream) - .map(syntax -> syntax + " ") - .toArray(String[]::new); - - // when / then - assertThat(LogFilterService.COMMANDS_TO_SKIP, containsInAnyOrder(expectedEntries)); - - } - - private static CommandDescription getCommand(String label) { - return findCommandWithLabel(label, ALL_COMMANDS); - } - - private static CommandDescription getCommand(String parentLabel, String childLabel) { - CommandDescription parent = getCommand(parentLabel); - return findCommandWithLabel(childLabel, parent.getChildren()); - } - - private static CommandDescription findCommandWithLabel(String label, List commands) { - return commands.stream() - .filter(cmd -> cmd.getLabels().contains(label)) - .findFirst().orElseThrow(() -> new IllegalArgumentException(label)); - } - - /** - * Returns all "command syntaxes" from which the given command can be reached. - * For example, the result might be a List containing "/authme changepassword", "/authme changepass", - * "/authme cp", "/authme:authme changepassword" etc. - * - * @param command the command to build syntaxes for - * @return command syntaxes - */ - private static List buildCommandSyntaxes(CommandDescription command) { - List prefixes = getCommandPrefixes(command); - - return command.getLabels() - .stream() - .map(label -> Lists.transform(prefixes, p -> p + label)) - .flatMap(List::stream) - .collect(Collectors.toList()); - } - - private static List getCommandPrefixes(CommandDescription command) { - if (command.getParent() == null) { - return Arrays.asList("/", "/authme:"); - } - return command.getParent().getLabels() - .stream() - .map(label -> new String[]{"/" + label + " ", "/authme:" + label + " "}) - .flatMap(Arrays::stream) - .collect(Collectors.toList()); - } -}