Fixed issue with the yml list
This commit is contained in:
parent
22a24336b0
commit
8092187b26
|
@ -219,7 +219,7 @@ This was tested on Paper 1.17, 1.16 and spigot 1.17, 1.15. If there are any erro
|
|||
|
||||
- Permissions to limit the number of map/image used/owned is now possible. (permissions imageonmap.mapLimit.XX and imageonmap.imageLimit.XX where XX is an integer and will define the limit allowed for the player)
|
||||
|
||||
- Added an allowlist for trusted image hosting website (Add this in config.yml allowlist_hostingsite: , you then have to put the url of trusted websites. There is also a permission to ignore the allow list imageonmap.ignoreallowlist_hostingsite)
|
||||
- Added an allowlist for trusted image hosting website (Add this in config.yml allowlist_hostingsite: , you then have to put the url of trusted websites. There is also a permission to ignore the allow list imageonmap.bypasswhitelist)
|
||||
|
||||
- Images are now protected against non player based interaction. (Bye bye sneaky skeleton that used to grief art)
|
||||
|
||||
|
|
|
@ -62,7 +62,7 @@ public enum Permissions {
|
|||
BYPASS_IMAGE_LIMIT("imageonmap.bypassimagelimit"),
|
||||
BYPASS_MAP_LIMIT("imageonmap.bypassmaplimit"),
|
||||
GIVE("imageonmap.give"),
|
||||
IGNOREALLOWLIST("imageonmap.ignoreallowlist_hostingsite");
|
||||
BYPASS_WHITELIST("imageonmap.bypasswhitelist");
|
||||
|
||||
private final String permission;
|
||||
private final String[] aliases;
|
||||
|
|
|
@ -37,9 +37,11 @@
|
|||
package fr.moribus.imageonmap;
|
||||
|
||||
import static fr.zcraft.quartzlib.components.configuration.ConfigurationItem.item;
|
||||
import static fr.zcraft.quartzlib.components.configuration.ConfigurationItem.list;
|
||||
|
||||
import fr.zcraft.quartzlib.components.configuration.Configuration;
|
||||
import fr.zcraft.quartzlib.components.configuration.ConfigurationItem;
|
||||
import fr.zcraft.quartzlib.components.configuration.ConfigurationList;
|
||||
import java.util.Locale;
|
||||
|
||||
|
||||
|
@ -59,6 +61,7 @@ public final class PluginConfiguration extends Configuration {
|
|||
public static ConfigurationItem<Integer> LIMIT_SIZE_X = item("limit-map-size-x", 0);
|
||||
public static ConfigurationItem<Integer> LIMIT_SIZE_Y = item("limit-map-size-y", 0);
|
||||
|
||||
public static ConfigurationItem<String> ALLOWLIST_HOSTINGSITE = item("allowlist_hostingsite", "");
|
||||
public static ConfigurationList<String> IMAGES_HOSTNAMES_WHITELIST =
|
||||
list("images-hostnames-whitelist", String.class);
|
||||
|
||||
}
|
||||
|
|
|
@ -42,12 +42,12 @@ import fr.moribus.imageonmap.map.MapManager;
|
|||
import fr.zcraft.quartzlib.components.commands.Command;
|
||||
import fr.zcraft.quartzlib.components.commands.CommandException;
|
||||
import fr.zcraft.quartzlib.components.i18n.I;
|
||||
import fr.zcraft.quartzlib.tools.PluginLogger;
|
||||
import java.net.URL;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.UUID;
|
||||
import java.util.function.Consumer;
|
||||
import java.util.stream.Collectors;
|
||||
import org.bukkit.Bukkit;
|
||||
import org.bukkit.OfflinePlayer;
|
||||
import org.bukkit.entity.Player;
|
||||
|
@ -55,37 +55,33 @@ import org.bukkit.entity.Player;
|
|||
|
||||
public abstract class IoMCommand extends Command {
|
||||
|
||||
protected boolean checkHostnameWhitelist(final URL url) {
|
||||
final List<String> hostnames = PluginConfiguration.IMAGES_HOSTNAMES_WHITELIST.get()
|
||||
.stream()
|
||||
.map(String::trim)
|
||||
.filter(h -> !h.isEmpty())
|
||||
.collect(Collectors.toList());
|
||||
|
||||
protected boolean checkHostingSite(URL url) {
|
||||
String urlsString = PluginConfiguration.ALLOWLIST_HOSTINGSITE.get();
|
||||
if (urlsString.trim().isEmpty()) {
|
||||
if (hostnames.isEmpty()) {
|
||||
return true;
|
||||
}
|
||||
String[] hosts = urlsString.trim().replaceAll("https://","").split(",");
|
||||
for (String host : hosts) {
|
||||
if (url.getHost().equals(host.trim())) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
|
||||
return hostnames
|
||||
.stream()
|
||||
.map(h -> h.replaceAll("https://", "").replaceAll("http://", ""))
|
||||
.anyMatch(h -> h.equalsIgnoreCase(url.getHost()));
|
||||
}
|
||||
|
||||
protected void retrieveUUID(String arg, Consumer<UUID> consumer) {
|
||||
UUID uuid;
|
||||
OfflinePlayer offlinePlayer;
|
||||
|
||||
offlinePlayer = Bukkit.getOfflinePlayer(arg);//If it is being removed we may have to use mojang services
|
||||
uuid = offlinePlayer.getUniqueId();
|
||||
|
||||
consumer.accept(uuid);
|
||||
|
||||
protected void retrieveUUID(final String arg, final Consumer<UUID> consumer) {
|
||||
// If it is being removed we may have to use Mojang services
|
||||
consumer.accept(Bukkit.getOfflinePlayer(arg).getUniqueId());
|
||||
}
|
||||
|
||||
protected ImageMap getMapFromArgs() throws CommandException {
|
||||
return getMapFromArgs(playerSender(), 0, true);
|
||||
}
|
||||
|
||||
protected ImageMap getMapFromArgs(Player player, int index, boolean expand) throws CommandException {
|
||||
protected ImageMap getMapFromArgs(final Player player, final int index, boolean expand) throws CommandException {
|
||||
if (args.length <= index) {
|
||||
throwInvalidArgument(I.t("You need to give a map name."));
|
||||
}
|
||||
|
|
|
@ -111,7 +111,7 @@ public class NewCommand extends IoMCommand {
|
|||
}
|
||||
try {
|
||||
url = new URL(args[0]);
|
||||
if (!Permissions.IGNOREALLOWLIST.grantedTo(player) && !checkHostingSite(url)) {
|
||||
if (!Permissions.BYPASS_WHITELIST.grantedTo(player) && !checkHostnameWhitelist(url)) {
|
||||
throwInvalidArgument(I.t("This hosting website is not trusted, if you think that this is an error "
|
||||
+ " contact your server administrator"));
|
||||
return;
|
||||
|
|
|
@ -36,7 +36,6 @@
|
|||
|
||||
package fr.moribus.imageonmap.commands.maptool;
|
||||
|
||||
import fr.moribus.imageonmap.ImageOnMap;
|
||||
import fr.moribus.imageonmap.Permissions;
|
||||
import fr.moribus.imageonmap.commands.IoMCommand;
|
||||
import fr.moribus.imageonmap.image.ImageRendererExecutor;
|
||||
|
@ -168,7 +167,7 @@ public class UpdateCommand extends IoMCommand {
|
|||
URL url1;
|
||||
try {
|
||||
url1 = new URL(url);
|
||||
if (!Permissions.IGNOREALLOWLIST.grantedTo(playerSender) && !checkHostingSite(url1)) {
|
||||
if (!Permissions.BYPASS_WHITELIST.grantedTo(playerSender) && !checkHostnameWhitelist(url1)) {
|
||||
throwInvalidArgument(I.t("This hosting website is not trusted, if you think that this is an error "
|
||||
+ " contact your server administrator"));
|
||||
return;
|
||||
|
|
|
@ -26,6 +26,14 @@ limit-map-size-y: 0
|
|||
# Should the full image be saved when a map is rendered?
|
||||
save-full-image: false
|
||||
|
||||
# Give the name of trusted image hosting website
|
||||
#Example allowlist_hostingsite: https://imgur.com/, https://i.imgur.com/, https://cdn.discordapp.com
|
||||
allowlist_hostingsite:
|
||||
|
||||
# If you want to restrict what domains can be used to download images from, list them below.
|
||||
# If you don't, leave the list empty.
|
||||
# Example:
|
||||
#
|
||||
# images-hostnames-whitelist:
|
||||
# - imgur.com
|
||||
# - i.imgur.com
|
||||
# - cdn.discordapp.com
|
||||
images-hostnames-whitelist:
|
||||
|
||||
|
|
|
@ -40,7 +40,7 @@ permissions:
|
|||
imageonmap.updateother: false
|
||||
imageonmap.bypassmaplimit: false
|
||||
imageonmap.bypassimagelimit: false
|
||||
imageonmap.ignoreallowlist_hostingsite: true
|
||||
imageonmap.bypasswhitelist: true
|
||||
imageonmap.placeinvisiblesplattermap: true
|
||||
|
||||
imageonmap.userender:
|
||||
|
@ -123,7 +123,7 @@ permissions:
|
|||
description: "Allows you to bypass permission node check for the number of images in the playerMapStore (by default users have an unlimited amount of images)."
|
||||
default: op
|
||||
|
||||
imageonmap.ignoreallowlist_hostingsite:
|
||||
imageonmap.bypasswhitelist:
|
||||
description: "Allows you to ignore the restriction on the allow list for image hosting website."
|
||||
default: true
|
||||
|
||||
|
|
Loading…
Reference in New Issue