- Separate FieldInjection from default fallback for no-Inject public no-args constructor classes
- Make CommandInitializer a normal, instantiable service
- Add various injections instead of fetching through command service
- Classes still won't be present in JAR but classes will be automatically compiled by Maven inside of the test scope, facilitating the execution of tool tasks
- Stop registration and issue an error if the email address setting is empty for email registration
- Refactor register command into smaller portions
- Create tests
- Move console initialization for tests into TestHelper
- Remove unused properties in legacy Settings
- Add issue number to TODO comments where applicable
- Remove redundant uses of WrapperMock
- Use assertThat() from JUnit, not hamcrest
- Use hamcrest Matchers everywhere (not BaseMatchers etc.)
- Favor Mockito's argThat() over using ArgumentCaptor (more succinct)
- Delete useless test classes
- Create validation service; fixes same code being duplicated in four places
- Goal is to remove Utils class, by moving methods to validation service or other services
- Remove unused properties in legacy settings
- Pass PropertyMap to settings class from the outside
- Fix tests not being reentrant due to real file writes
- Improve Node (internal tree for PropertyMap) interface
- Add code coverage for private constructors
- Rename *taskId methods to *task to reflect what they handle
- Remove usages of Wrapper where applicable
- Replace some uses of legacy Settings with NewSetting calls
- Adjust javadoc
- Remove unused PlayerAuth constructor
- Replace legacy Settings with NewSetting calls
- Add process service to all (a)sync processes
- Change IP manager to only cache the calls to the VeryGames API
- Create IP address manager for handling and caching IP addresses -> outside of the manager I do not want to care about caching details
- Make more processes use the ProcessService in favor of statically injected objects
- Generic test for MySQL and SQLite checking that all generated (Prepared)Statement and ResultSet instances are closed afterwards
- Fix offending code for test to pass
- Change ForceFlatToSqlite converter to use a generic datasource destination (i.e. can be used for Flat2MySQL later)
- Add tests, including for FlatFile
- Check that user is not present in destination datasource before adding
- Persist last location from flatfile as well
- Move certain permission nodes outside of the authme.player branch
- Update classes / permissions list
- Remove wildcard node from code completely (since not used)
- Old, deprecated property now exists again -> stop checking for its presence as a reason for migration
- Create test for SettingsMigrationService to detect such issues in the future
- Check also in admin command that email is not already used
- Misc bug fixing (logic errors, changes lost during large merge)
- Use "email" and "setemail" as main labels for /authme subcommands
- Create SettingsMigrationService#copyFileFromResource (inspired from CustomSettings)
- Use new method to copy missing files in plugin folder from JAR
- Create YamlFileConfiguration inside NewSetting: FileConfiguration object provided by JavaPlugin#getConfig() sets default values from the JAR's config.yml :(
- Change ConsoleLogger to take logger from plugin (work in progress)
- Change ReloadCommand to use the new setting functionality
- Check and construct the messages file in NewSetting
- Unrelated: change MessagesManager not to extend CustomConfiguration anymore
- Update BCrypt implementation version
- Separate third-party BCrypt implementation from our BCRYPT EncryptionMethod extension
- Fix WBB4: ensure password is hashed with bcrypt twice and that we check accordingly
- Fix check that discards potentially trying all encryption methods if password didn't match
- Wrap call to encryption method properly to avoid calling methods with hasSeparateSalt() = true and a null salt
- Inject permission manager into command service explicitly via constructor
- Change command mapper to only care about generating FoundCommandResult objects, and command handler to worry about dealing with it later on
- Adjust NewSetting constructor to match needs in AuthMe
- Add NewSetting to the command service
- See CaptchaCommand for a sample replacement from Settings to NewSetting
- Create consistency test to verify that all properties in config.yml are defined as a Property field in a SettingsClass implementation (currently fails)
- Add some missing properties
- Minor: convert tabs to spaces
- Although the class only has fields of Property type it would appear that CircleCI et al. may use libraries that add fields to classes later on, so we need to check for the field type
- Create Property class for defining config properties
- Create logic for typed retrival of properties from YAML file
- Add custom save method
- Retain comments from Comment annotations in the classes
- Write in a sorted order: first discovered properties are first written to config.yml
- Adjust properties to reflect the current config.yml
- Add sample tests for the retrieval and writing of properties with the new setup
- Ensure within PasswordSecurity that the player name is lowercase
- Remove check for MD5VB separate salt (we only generate hashes with the salt embedded, so either we need to change that or we don't need this check)
- Remove obsolete TODO
- Rename HashResult to EncryptedPassword to reflect its broader use
- Use EncryptedPassword in methods that require the hash and the salt, instead of passing them as strings separately
- Store EncryptedPassword as field in PlayerAuth; updatePassword() thus processes the entire data in the EncryptedPassword object
- Create integration test for the HashAlgorithm enum
- Create AsciiRestricted annotation and make test aware of it
- Add option to skip "same hash for same salt" test (for wordpress)
- Change some EncryptionMethods to extend from a common superclass
Rationale:
- Seems not to have been working since it was added to the codebase
- Seems not to correspond to the actual Xenforo password hashing (class does some sort of JSON extraction?)
- It would be easier to rewrite it from scratch if someone requests it later
- Add new methods temporarily to NewEncrMethod interface
- No data source access within EncryptionMethod implementations
- Generate the salt within the EncryptionMethod implementation
- Deprecate static methods on PasswordSecurity
- Adjust AbstractEncryptionMethodTest to test the classes with the new interface
- Add getter for data source instead of accessing field directly
- Create Utils class for a common implementation of md5/sha1
- Create "foolproof" way of getting the MessageDigest for md5 etc. (MessageDigestAlgorithm enum)
- Create description annotations to annotate algorithms with usage recommendation and salt type
(work in progress)
- Pass all dependencies via constructor
- Encapsulate command handling more (e.g. split CommandHandler with new CommandMapper)
- Add help command to all base commands at one central point
See AccountsCommand or HelpCommand for an example of the advantages - all necessary functions come from CommandService; objects aren't retrieved through a singleton getInstance() method anymore
- Revert commit (undo formatting changes, commented out code)
- Add ignore to not run the test due to local problems (probably because of some character encoding issue)
- Rename getHash() to computeHash(): get.. suggests it's just retrieving some field but it's really doing a computation, which is quite complex depending on the hash algorithm
- Export duplicated code into a service
- Remove canConnect attribute from AuthMe class - was unused and doesn't seem sensible
- Add consistency test for listener classes
- Fix bugs in behavior (wrong labels being shown for help)
- Change order of labels and arguments in FoundCommandResult constructors
- Move FoundResultStatus enum to its own class
- Create test class for HelpProvider
- Change interface to use (CommandSender, List<String> arguments)
- Use CommandArgumentDescription#name instead of "label" (to prevent confusion between command labels and arguments)
- Simplify command difference computation in CommandHandler (no longer consider argument difference)
- Change interface to use (CommandSender, List<String> arguments)
- Use CommandArgumentDescription#name instead of "label" (to prevent confusion between command labels and arguments)
- Simplify command difference computation in CommandHandler (no longer consider argument difference)
- Remove permission logic on command side; make PermissionsManager handle checks for all CommandSender objects (not only Player), cf. #314
- Remove unnecessary redundancies in passed arguments ("command references" that can be inferred from the FoundResult)
- Extend FoundCommandResult to represent all possible error cases
- Move permissions responsibilities from command to permissions (remove some logic from CommandPermissions, add DefaultPermission enum to permissions package)
- Start possible interface for the future per-permission system implementations of permissions managers
- Change wrong player permissions to admin permissions
- Rename command class names that were the same for the ordinary vs. admin task
- Create test to ensure that commands with OP_ONLY default require an admin permission node
