mirror of
https://github.com/plan-player-analytics/Plan.git
synced 2024-12-27 19:47:49 +01:00
Fixed Forbidden pages due to wrong order for a boolean (#521 / 2)
This commit is contained in:
parent
a78060acf9
commit
466f37ca8f
@ -4,21 +4,17 @@
|
||||
*/
|
||||
package com.djrapitops.plan.data;
|
||||
|
||||
import com.djrapitops.plan.Plan;
|
||||
import com.djrapitops.plan.PlanBungee;
|
||||
import com.djrapitops.plan.data.container.GeoInfo;
|
||||
import com.djrapitops.plan.data.container.PlayerKill;
|
||||
import com.djrapitops.plan.data.container.Session;
|
||||
import com.djrapitops.plan.data.container.TPS;
|
||||
import com.djrapitops.plan.data.time.WorldTimes;
|
||||
import com.djrapitops.plan.system.info.server.ServerInfo;
|
||||
import com.djrapitops.plan.system.settings.Settings;
|
||||
import com.djrapitops.plan.utilities.analysis.AnalysisUtils;
|
||||
import com.djrapitops.plan.utilities.analysis.MathUtils;
|
||||
import com.djrapitops.plan.utilities.comparators.PlayerProfileLastPlayedComparator;
|
||||
import com.djrapitops.plan.utilities.comparators.TPSComparator;
|
||||
import com.djrapitops.plan.utilities.html.tables.PlayersTableCreator;
|
||||
import com.djrapitops.plugin.api.Check;
|
||||
import com.djrapitops.plugin.api.TimeAmount;
|
||||
|
||||
import java.util.*;
|
||||
@ -109,18 +105,6 @@ public class ServerProfile {
|
||||
return total;
|
||||
}
|
||||
|
||||
public static int getPlayersOnline() {
|
||||
if (Check.isBungeeAvailable()) {
|
||||
return PlanBungee.getInstance().getProxy().getOnlineCount();
|
||||
} else {
|
||||
return Plan.getInstance().getServer().getOnlinePlayers().size();
|
||||
}
|
||||
}
|
||||
|
||||
public static int getPlayersMax() {
|
||||
return ServerInfo.getServerProperties().getMaxPlayers();
|
||||
}
|
||||
|
||||
public static long serverDownTime(List<TPS> tpsData) {
|
||||
long lastDate = -1;
|
||||
long downTime = 0;
|
||||
|
@ -9,6 +9,8 @@ import com.djrapitops.plan.data.container.TPS;
|
||||
import com.djrapitops.plan.data.element.AnalysisContainer;
|
||||
import com.djrapitops.plan.data.plugin.PluginData;
|
||||
import com.djrapitops.plan.data.time.WorldTimes;
|
||||
import com.djrapitops.plan.system.info.server.ServerInfo;
|
||||
import com.djrapitops.plan.system.info.server.ServerProperties;
|
||||
import com.djrapitops.plan.system.settings.Settings;
|
||||
import com.djrapitops.plan.system.settings.theme.Theme;
|
||||
import com.djrapitops.plan.system.settings.theme.ThemeVal;
|
||||
@ -84,8 +86,9 @@ public class AnalysisData extends RawData {
|
||||
addValue("tpsMedium", Settings.THEME_GRAPH_TPS_THRESHOLD_MED.getNumber());
|
||||
addValue("tpsHigh", Settings.THEME_GRAPH_TPS_THRESHOLD_HIGH.getNumber());
|
||||
|
||||
addValue("playersMax", ServerProfile.getPlayersMax());
|
||||
addValue("playersOnline", ServerProfile.getPlayersOnline());
|
||||
ServerProperties serverProperties = ServerInfo.getServerProperties();
|
||||
addValue("playersMax", serverProperties.getMaxPlayers());
|
||||
addValue("playersOnline", serverProperties.getOnlinePlayers());
|
||||
}
|
||||
|
||||
public void analyze(ServerProfile profile) {
|
||||
|
@ -47,6 +47,7 @@ public class RequestHandler implements HttpHandler {
|
||||
if (response instanceof PromptAuthorizationResponse) {
|
||||
responseHeaders.set("WWW-Authenticate", "Basic realm=\"/\";");
|
||||
}
|
||||
|
||||
response.setResponseHeaders(responseHeaders);
|
||||
response.send(exchange);
|
||||
} catch (Exception e) {
|
||||
|
@ -117,7 +117,7 @@ public class ResponseHandler extends TreePageHandler {
|
||||
if (webServer.isUsingHTTPS()) {
|
||||
return DefaultResponses.BASIC_AUTH.get();
|
||||
} else {
|
||||
return forbiddenResponse(0, 0);
|
||||
return forbiddenResponse();
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -132,17 +132,15 @@ public class ResponseHandler extends TreePageHandler {
|
||||
return DefaultResponses.NOT_FOUND.get();
|
||||
} else {
|
||||
if (authentication.isPresent() && pageHandler.isAuthorized(authentication.get(), target)) {
|
||||
return forbiddenResponse(0, 0);
|
||||
return pageHandler.getResponse(request, target);
|
||||
}
|
||||
return pageHandler.getResponse(request, target);
|
||||
return forbiddenResponse();
|
||||
}
|
||||
}
|
||||
|
||||
public Response forbiddenResponse(int required, int permLevel) {
|
||||
return ResponseCache.loadResponse(PageId.FORBIDDEN.of(required + "/" + permLevel), () ->
|
||||
public Response forbiddenResponse() {
|
||||
return ResponseCache.loadResponse(PageId.FORBIDDEN.id(), () ->
|
||||
new ForbiddenResponse("Unauthorized User.<br>"
|
||||
+ "Make sure your user has the correct access level.<br>"
|
||||
+ "This page requires permission level of " + required + ",<br>"
|
||||
+ "This user has permission level of " + permLevel));
|
||||
+ "Make sure your user has the correct access level."));
|
||||
}
|
||||
}
|
@ -31,6 +31,7 @@ public class BasicAuthentication implements Authentication {
|
||||
@Override
|
||||
public WebUser getWebUser() throws WebUserAuthException {
|
||||
String decoded = Base64Util.decode(authenticationString);
|
||||
|
||||
String[] userInfo = decoded.split(":");
|
||||
if (userInfo.length != 2) {
|
||||
throw new WebUserAuthException(FailReason.USER_AND_PASS_NOT_SPECIFIED);
|
||||
|
@ -28,6 +28,6 @@ public class DebugPageHandler extends PageHandler {
|
||||
@Override
|
||||
public boolean isAuthorized(Authentication auth, List<String> target) throws WebUserAuthException {
|
||||
WebUser webUser = auth.getWebUser();
|
||||
return webUser.getPermLevel() == 0;
|
||||
return webUser.getPermLevel() <= 0;
|
||||
}
|
||||
}
|
@ -53,7 +53,7 @@ public class RootPageHandler extends PageHandler {
|
||||
case 2:
|
||||
return responseHandler.getPageHandler("player").getResponse(request, Collections.singletonList(webUser.getName()));
|
||||
default:
|
||||
return responseHandler.forbiddenResponse(permLevel, 0);
|
||||
return responseHandler.forbiddenResponse();
|
||||
}
|
||||
} catch (WebUserAuthException e) {
|
||||
Log.toLog(this.getClass(), e);
|
||||
|
@ -13,7 +13,8 @@ public class ForbiddenResponse extends ErrorResponse {
|
||||
}
|
||||
|
||||
public ForbiddenResponse(String msg) {
|
||||
this();
|
||||
super.setHeader("HTTP/1.1 403 Forbidden");
|
||||
super.setTitle(Html.FONT_AWESOME_ICON.parse("hand-stop-o") + " 403 Forbidden - Access Denied");
|
||||
super.setParagraph(msg);
|
||||
super.replacePlaceholders();
|
||||
}
|
||||
|
@ -0,0 +1,138 @@
|
||||
package com.djrapitops.plan.system.webserver;
|
||||
|
||||
import com.djrapitops.plan.Plan;
|
||||
import com.djrapitops.plan.api.exceptions.connection.*;
|
||||
import com.djrapitops.plan.data.WebUser;
|
||||
import com.djrapitops.plan.system.BukkitSystem;
|
||||
import com.djrapitops.plan.system.settings.Settings;
|
||||
import com.djrapitops.plan.utilities.Base64Util;
|
||||
import com.djrapitops.plan.utilities.PassEncryptUtil;
|
||||
import org.junit.*;
|
||||
import org.junit.rules.TemporaryFolder;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.mockito.junit.MockitoJUnitRunner;
|
||||
import utilities.Teardown;
|
||||
import utilities.mocks.BukkitMockUtil;
|
||||
|
||||
import javax.net.ssl.*;
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.net.HttpURLConnection;
|
||||
import java.net.URL;
|
||||
import java.security.KeyManagementException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
|
||||
@RunWith(MockitoJUnitRunner.Silent.class)
|
||||
public class HTTPSWebServerAuthTest {
|
||||
|
||||
@ClassRule
|
||||
public static TemporaryFolder temporaryFolder = new TemporaryFolder();
|
||||
private static BukkitSystem bukkitSystem;
|
||||
|
||||
@BeforeClass
|
||||
public static void setUpClass() throws Exception {
|
||||
BukkitMockUtil mockUtil = BukkitMockUtil.setUp()
|
||||
.withDataFolder(temporaryFolder.getRoot())
|
||||
.withLogging()
|
||||
.withPluginDescription()
|
||||
.withResourceFetchingFromJar()
|
||||
.withServer();
|
||||
Plan planMock = mockUtil.getPlanMock();
|
||||
|
||||
URL resource = HTTPSWebServerAuthTest.class.getResource("/Cert.keystore");
|
||||
String keyStore = resource.getPath();
|
||||
String absolutePath = new File(keyStore).getAbsolutePath();
|
||||
|
||||
Settings.WEBSERVER_CERTIFICATE_PATH.setTemporaryValue(absolutePath);
|
||||
Settings.WEBSERVER_CERTIFICATE_KEYPASS.setTemporaryValue("MnD3bU5HpmPXag0e");
|
||||
Settings.WEBSERVER_CERTIFICATE_STOREPASS.setTemporaryValue("wDwwf663NLTm73gL");
|
||||
Settings.WEBSERVER_CERTIFICATE_ALIAS.setTemporaryValue("DefaultPlanCert");
|
||||
|
||||
Settings.WEBSERVER_PORT.setTemporaryValue(9000);
|
||||
|
||||
bukkitSystem = new BukkitSystem(planMock);
|
||||
bukkitSystem.enable();
|
||||
|
||||
bukkitSystem.getDatabaseSystem().getActiveDatabase().save()
|
||||
.webUser(new WebUser("test", PassEncryptUtil.createHash("testPass"), 0));
|
||||
}
|
||||
|
||||
@Before
|
||||
public void setUp() {
|
||||
Teardown.resetSettingsTempValues();
|
||||
}
|
||||
|
||||
@After
|
||||
public void tearDown() {
|
||||
if (bukkitSystem != null) {
|
||||
bukkitSystem.disable();
|
||||
}
|
||||
Teardown.resetSettingsTempValues();
|
||||
}
|
||||
|
||||
private static final TrustManager[] trustAllCerts = new TrustManager[]{
|
||||
new X509TrustManager() {
|
||||
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
|
||||
return null;
|
||||
}
|
||||
|
||||
public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
|
||||
//No need to implement.
|
||||
}
|
||||
|
||||
public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
|
||||
//No need to implement.
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
private SSLSocketFactory getRelaxedSocketFactory() throws NoSuchAlgorithmException, KeyManagementException {
|
||||
SSLContext sc = SSLContext.getInstance("SSL");
|
||||
sc.init(null, trustAllCerts, new java.security.SecureRandom());
|
||||
return sc.getSocketFactory();
|
||||
}
|
||||
|
||||
/**
|
||||
* Test case against "Perm level 0 required, got 0".
|
||||
*/
|
||||
@Test
|
||||
public void testHTTPSAuthForPages() throws IOException, WebException, KeyManagementException, NoSuchAlgorithmException {
|
||||
String address = "https://localhost:9000";
|
||||
URL url = new URL(address);
|
||||
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
|
||||
if (address.startsWith("https")) {
|
||||
HttpsURLConnection httpsConn = (HttpsURLConnection) connection;
|
||||
|
||||
// Disables unsigned certificate & hostname check, because we're trusting the user given certificate.
|
||||
// This allows https connections internally to local ports.
|
||||
httpsConn.setHostnameVerifier((hostname, session) -> true);
|
||||
httpsConn.setSSLSocketFactory(getRelaxedSocketFactory());
|
||||
}
|
||||
connection.setConnectTimeout(10000);
|
||||
connection.setInstanceFollowRedirects(false);
|
||||
connection.setRequestMethod("GET");
|
||||
connection.setUseCaches(false);
|
||||
|
||||
String user = Base64Util.encode("test:testPass");
|
||||
connection.setRequestProperty("Authorization", "Basic " + user);
|
||||
|
||||
int responseCode = connection.getResponseCode();
|
||||
|
||||
switch (responseCode) {
|
||||
case 200:
|
||||
return;
|
||||
case 400:
|
||||
throw new BadRequestException("Bad Request: " + url.toString());
|
||||
case 403:
|
||||
throw new ForbiddenException(url.toString() + " returned 403");
|
||||
case 404:
|
||||
throw new NotFoundException(url.toString() + " returned a 404, ensure that your server is connected to an up to date Plan server.");
|
||||
case 412:
|
||||
throw new UnauthorizedServerException(url.toString() + " reported that it does not recognize this server. Make sure '/plan m setup' was successful.");
|
||||
case 500:
|
||||
throw new InternalErrorException();
|
||||
default:
|
||||
throw new WebException(url.toString() + "| Wrong response code " + responseCode);
|
||||
}
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user