diff --git a/Plan/src/main/java/com/djrapitops/plan/Settings.java b/Plan/src/main/java/com/djrapitops/plan/Settings.java index 4a29ab0c6..2d46ee0fb 100644 --- a/Plan/src/main/java/com/djrapitops/plan/Settings.java +++ b/Plan/src/main/java/com/djrapitops/plan/Settings.java @@ -28,7 +28,6 @@ public enum Settings { SECURITY_IP_UUID("Settings.WebServer.Security.DisplayIPsAndUUIDs"), GRAPH_PLAYERS_USEMAXPLAYERS_SCALE("Customization.Graphs.PlayersOnlineGraph.UseMaxPlayersAsScale"), PLAYERLIST_SHOW_IMAGES("Customization.SmallHeadImagesOnAnalysisPlayerlist"), - EXTERNAL_WEBSERVER("Settings.WebServer.UsingExternalWebServer"), // Integer ANALYSIS_MINUTES_FOR_ACTIVE("Settings.Analysis.MinutesPlayedUntilConsidiredActive"), SAVE_CACHE_MIN("Settings.Cache.DataCache.SaveEveryXMinutes"), diff --git a/Plan/src/main/java/com/djrapitops/plan/ui/html/graphs/PlayerActivityGraphCreator.java b/Plan/src/main/java/com/djrapitops/plan/ui/html/graphs/PlayerActivityGraphCreator.java index 4a821af45..cf018cb19 100644 --- a/Plan/src/main/java/com/djrapitops/plan/ui/html/graphs/PlayerActivityGraphCreator.java +++ b/Plan/src/main/java/com/djrapitops/plan/ui/html/graphs/PlayerActivityGraphCreator.java @@ -1,6 +1,5 @@ package main.java.com.djrapitops.plan.ui.html.graphs; -import main.java.com.djrapitops.plan.Log; import main.java.com.djrapitops.plan.data.SessionData; import main.java.com.djrapitops.plan.data.TPS; import main.java.com.djrapitops.plan.utilities.MiscUtils; @@ -41,8 +40,6 @@ public class PlayerActivityGraphCreator { .map(session -> new Point[]{new Point(session.getSessionStart(), 1), new Point(session.getSessionEnd(), 0)}) .flatMap(Arrays::stream) .collect(Collectors.toList()); - - Log.debug(points.stream().map(Point::getY).collect(Collectors.toList()).toString()); return ScatterGraphCreator.scatterGraph(points, true, false); } diff --git a/Plan/src/main/java/com/djrapitops/plan/ui/webserver/WebServer.java b/Plan/src/main/java/com/djrapitops/plan/ui/webserver/WebServer.java index 12c6dcdbf..7a25022c5 100644 --- a/Plan/src/main/java/com/djrapitops/plan/ui/webserver/WebServer.java +++ b/Plan/src/main/java/com/djrapitops/plan/ui/webserver/WebServer.java @@ -75,7 +75,7 @@ public class WebServer { server = HttpServer.create(); } - HttpContext context = server.createContext("/", new HttpHandler() { + server.createContext("/", new HttpHandler() { @Override public void handle(HttpExchange xchange) throws IOException { OutputStream os = null; @@ -126,10 +126,8 @@ public class WebServer { try { List authorization = requestHeaders.get("Authorization"); if (Verify.isEmpty(authorization)) { - Log.debug("WebServer: Authorization not Found"); return null; } - Log.debug("WebServer: Found Authorization"); String auth = authorization.get(0); if (auth.contains("Basic ")) { auth = auth.split(" ")[1]; @@ -225,13 +223,18 @@ public class WebServer { } private Response getResponse(String target, WebUser user) { + if ("/favicon.ico".equals(target)) { + return new RedirectResponse("https://puu.sh/tK0KL/6aa2ba141b.ico"); + } if (usingHttps) { if (user == null) { return new PromptAuthorizationResponse(); } - if (!isAuthorized(target, user)) { - return forbiddenResponse(); + int permLevel = user.getPermLevel(); // Lower number has higher clearance. + int required = getRequiredPermLevel(target, user.getName()); + if (permLevel > required) { + return forbiddenResponse(permLevel, required); } } String[] args = target.split("/"); @@ -241,8 +244,6 @@ public class WebServer { String page = args[1]; switch (page) { - case "favicon.ico": - return new RedirectResponse("https://puu.sh/tK0KL/6aa2ba141b.ico"); case "players": return new PlayersPageResponse(plugin); case "player": @@ -254,12 +255,13 @@ public class WebServer { } } - private ForbiddenResponse forbiddenResponse() { + private ForbiddenResponse forbiddenResponse(int permLevel, int required) { ForbiddenResponse response403 = new ForbiddenResponse(); String content = "

403 Forbidden - Access Denied

" + "

Unauthorized User.
" + "Make sure your user has the correct access level.
" - + "You can use /plan web check to check the permission level.

"; + + "This page requires permission level of " + String.valueOf(required) + ",
" + + "This user has permission level of " + String.valueOf(permLevel) + "

"; response403.setContent(content); return response403; } @@ -276,7 +278,7 @@ public class WebServer { case 2: return playerResponse(new String[]{"", user.getName()}); default: - return forbiddenResponse(); + return forbiddenResponse(user.getPermLevel(), 0); } } @@ -338,30 +340,33 @@ public class WebServer { return dataReqHandler; } - private boolean isAuthorized(String target, WebUser user) { - int permLevel = user.getPermLevel(); // Lower number has higher clearance. - int required = getRequiredPermLevel(target, user.getName()); - return permLevel <= required; - } - private int getRequiredPermLevel(String target, String user) { String[] t = target.split("/"); - if (t.length < 3) { + if (t.length < 2) { + return 100; + } + if (t.length > 3) { return 0; } - final String wantedUser = t[2].toLowerCase().trim(); - final String theUser = user.trim().toLowerCase(); - if (t[1].equals("players")) { - return 1; - } - if (t[1].equals("player")) { - if (wantedUser.equals(theUser)) { - return 2; - } else { + String page = t[1]; + switch (page) { + case "players": return 1; - } + case "player": + // /player/ - 404 for perm lvl 1 + if (t.length < 3) { + return 1; + } + final String wantedUser = t[2].toLowerCase().trim(); + final String theUser = user.trim().toLowerCase(); + if (wantedUser.equals(theUser)) { + return 2; + } else { + return 1; + } + default: + return 0; } - return 0; } public String getProtocol() { diff --git a/Plan/src/main/java/com/djrapitops/plan/utilities/HtmlUtils.java b/Plan/src/main/java/com/djrapitops/plan/utilities/HtmlUtils.java index ed16a57d7..7ffbcb80f 100644 --- a/Plan/src/main/java/com/djrapitops/plan/utilities/HtmlUtils.java +++ b/Plan/src/main/java/com/djrapitops/plan/utilities/HtmlUtils.java @@ -3,6 +3,7 @@ package main.java.com.djrapitops.plan.utilities; import main.java.com.djrapitops.plan.Plan; import main.java.com.djrapitops.plan.Settings; import main.java.com.djrapitops.plan.ui.html.Html; +import main.java.com.djrapitops.plan.ui.webserver.WebServer; import java.io.File; import java.io.FileNotFoundException; @@ -101,7 +102,8 @@ public class HtmlUtils { } private static String getProtocol() { - return Settings.EXTERNAL_WEBSERVER.isTrue() ? Settings.LINK_PROTOCOL.toString() : Plan.getInstance().getUiServer().getProtocol(); + WebServer uiServer = Plan.getInstance().getUiServer(); + return uiServer.isEnabled() ? uiServer.getProtocol() : Settings.LINK_PROTOCOL.toString(); } /** diff --git a/Plan/src/main/resources/config.yml b/Plan/src/main/resources/config.yml index 330c15ad9..f3f1e9e6d 100644 --- a/Plan/src/main/resources/config.yml +++ b/Plan/src/main/resources/config.yml @@ -34,7 +34,6 @@ Settings: InternalIP: 0.0.0.0 ShowAlternativeServerIP: false AlternativeIP: your.ip.here:%port% - UsingExternalWebServer: false ExternalWebServerLinkProtocol: http Security: DisplayIPsAndUUIDs: true