mirror of
synced 2025-02-20 03:20:38 +00:00
Security & improvement update (#19)
This commit is contained in:
@ -6,6 +6,7 @@ import lombok.Setter;
import me.totalfreedom.totalfreedommod.config.ConfigEntry;
import me.totalfreedom.totalfreedommod.util.FSync;
import me.totalfreedom.totalfreedommod.util.FUtil;
import me.totalfreedom.totalfreedommod.command.Command_vanish;
import org.bukkit.ChatColor;
import org.bukkit.entity.Player;
import org.bukkit.event.EventHandler;
@ -110,11 +111,10 @@ public class LoginProcess extends FreedomService
// Check if player is admin
// Not safe to use TFM_Util.isSuperAdmin(player) because player.getAddress() will return a null until after player login.
final boolean isAdmin = plugin.al.getEntryByIp(ip) != null;
// Validation below this point
if (isAdmin) // Player is superadmin
if (isAdmin) // Player is admin
// Force-allow log in
@ -168,15 +168,15 @@ public class LoginProcess extends FreedomService
// // Whitelist
// if (plugin.si.isWhitelisted())
// {
// if (!plugin.si.getWhitelisted().contains(username.toLowerCase()))
// {
// event.disallow(PlayerLoginEvent.Result.KICK_OTHER, "You are not whitelisted on this server.");
// return;
// }
// }
// Whitelist
if (plugin.si.isWhitelisted())
if (!plugin.si.getWhitelisted().contains(username.toLowerCase()))
event.disallow(PlayerLoginEvent.Result.KICK_OTHER, "You are not whitelisted on this server.");
@EventHandler(priority = EventPriority.MONITOR)
@ -184,6 +184,11 @@ public class LoginProcess extends FreedomService
final Player player = event.getPlayer();
for (Player p : Command_vanish.VANISHED)
new BukkitRunnable()
@ -2,6 +2,7 @@ package me.totalfreedom.totalfreedommod;
import java.text.DecimalFormat;
import me.totalfreedom.totalfreedommod.util.FUtil;
import org.bukkit.ChatColor;
import org.bukkit.Location;
import org.bukkit.Material;
import org.bukkit.entity.Player;
@ -15,6 +16,7 @@ public class Monitors extends FreedomService
private final DecimalFormat decimalFormat = new DecimalFormat("#");
private String potionSpyPrefix = ChatColor.DARK_GRAY + "[" + ChatColor.YELLOW + "PotionSpy" + ChatColor.DARK_GRAY + "] ";
public Monitors(TotalFreedomMod plugin)
@ -33,10 +35,10 @@ public class Monitors extends FreedomService
public String getMaterial(final int id)
return String.valueOf(Material.getMaterial(id));
return String.valueOf(Material.getMaterial(id)).replace("_", " ").toLowerCase();
@EventHandler(priority = EventPriority.LOW)
@EventHandler(priority = EventPriority.MONITOR)
public void onLingeringPotionSplash(LingeringPotionSplashEvent event)
ProjectileSource source = event.getEntity().getShooter();
@ -58,12 +60,12 @@ public class Monitors extends FreedomService
if (plugin.al.isAdmin(p) && plugin.pl.getPlayer(p).isPotionMonitorEnabled())
FUtil.playerMsg(p, player.getName() + " splashed " + event.getEntity().getItem().getAmount() + " " + getMaterial(droppedItem) + " at [" + decimalFormat.format(location.getX()) + ", " + decimalFormat.format(location.getY()) + ", " + decimalFormat.format(location.getZ()) + "] in the world '" + location.getWorld().getName() + "'.");
FUtil.playerMsg(p, potionSpyPrefix + ChatColor.WHITE + player.getName() + " splashed " + event.getEntity().getItem().getAmount() + " " + getMaterial(droppedItem) + " at X: " + decimalFormat.format(location.getX()) + ", Y: " + decimalFormat.format(location.getY()) + ", Z: " + decimalFormat.format(location.getZ()) + ", in the world '" + location.getWorld().getName() + "'.");
@EventHandler(priority = EventPriority.LOW)
@EventHandler(priority = EventPriority.MONITOR)
public void onPotionSplash(PotionSplashEvent event)
ProjectileSource source = event.getEntity().getShooter();
@ -85,7 +87,7 @@ public class Monitors extends FreedomService
if (plugin.al.isAdmin(p) && plugin.pl.getPlayer(p).isPotionMonitorEnabled())
FUtil.playerMsg(p, player.getName() + " splashed " + event.getPotion().getItem().getAmount() + " " + getMaterial(droppedItem) + " at [" + decimalFormat.format(location.getX()) + ", " + decimalFormat.format(location.getY()) + ", " + decimalFormat.format(location.getZ()) + "] in the world '" + location.getWorld().getName() + "'.");
FUtil.playerMsg(p, potionSpyPrefix + ChatColor.WHITE + player.getName() + " splashed " + event.getEntity().getItem().getAmount() + " " + getMaterial(droppedItem) + " at X: " + decimalFormat.format(location.getX()) + ", Y: " + decimalFormat.format(location.getY()) + ", Z: " + decimalFormat.format(location.getZ()) + ", in the world '" + location.getWorld().getName() + "'.");
@ -3,6 +3,7 @@ package me.totalfreedom.totalfreedommod.blocking;
import me.totalfreedom.totalfreedommod.FreedomService;
import me.totalfreedom.totalfreedommod.TotalFreedomMod;
import me.totalfreedom.totalfreedommod.config.ConfigEntry;
import me.totalfreedom.totalfreedommod.util.FUtil;
import org.bukkit.entity.Entity;
import org.bukkit.entity.EntityType;
import org.bukkit.entity.Projectile;
@ -22,7 +23,6 @@ import org.bukkit.event.entity.EntityDeathEvent;
import org.bukkit.event.entity.EntityExplodeEvent;
import org.bukkit.event.entity.ExplosionPrimeEvent;
import org.bukkit.event.entity.FireworkExplodeEvent;
import org.bukkit.event.entity.ProjectileHitEvent;
import org.bukkit.event.player.PlayerDropItemEvent;
public class EventBlocker extends FreedomService
@ -3,11 +3,17 @@ package me.totalfreedom.totalfreedommod.blocking;
import me.totalfreedom.totalfreedommod.FreedomService;
import me.totalfreedom.totalfreedommod.TotalFreedomMod;
import org.bukkit.ChatColor;
import org.bukkit.entity.LingeringPotion;
import org.bukkit.entity.ThrownPotion;
import org.bukkit.entity.Player;
import org.bukkit.event.EventHandler;
import org.bukkit.event.EventPriority;
import org.bukkit.event.entity.PotionSplashEvent;
import org.bukkit.event.entity.LingeringPotionSplashEvent;
import org.bukkit.potion.PotionEffect;
import org.bukkit.potion.PotionEffectType;
import org.bukkit.projectiles.ProjectileSource;
import java.util.Collection;
public class PotionBlocker extends FreedomService
@ -32,31 +38,55 @@ public class PotionBlocker extends FreedomService
@EventHandler(priority = EventPriority.LOW, ignoreCancelled = true)
public void onThrowPotion(PotionSplashEvent event)
ProjectileSource source = event.getEntity().getShooter();
if (!(source instanceof Player))
ThrownPotion potion = event.getEntity();
ProjectileSource projectileSource = potion.getShooter();
Player player = null;
if (projectileSource instanceof Player)
player = (Player)projectileSource;
Player thrower = (Player) source;
if (plugin.al.isAdmin(thrower))
if (isDeathPotion(potion.getEffects()))
for (Player player : thrower.getWorld().getPlayers())
if (thrower.getLocation().distanceSquared(player.getLocation()) < POTION_BLOCK_RADIUS_SQUARED)
if (player != null)
thrower.sendMessage(ChatColor.RED + "You cannot use splash potions close to other players.");
player.sendMessage(ChatColor.RED + "You are not allowed to use death potions.");
@EventHandler(priority = EventPriority.LOW, ignoreCancelled = true)
public void onThrowLingeringPotion(LingeringPotionSplashEvent event)
LingeringPotion potion = event.getEntity();
ProjectileSource projectileSource = potion.getShooter();
Player player = null;
if (projectileSource instanceof Player)
player = (Player)projectileSource;
if (isDeathPotion(potion.getEffects()))
if (player != null)
player.sendMessage(ChatColor.RED + "You are not allowed to use death potions.");
public boolean isDeathPotion(Collection<PotionEffect> effects)
for (PotionEffect effect : effects)
if (effect.getType().equals(PotionEffectType.HEAL) && effect.getAmplifier() == 125)
return true;
return false;
@ -8,7 +8,7 @@ import org.bukkit.command.CommandSender;
import org.bukkit.entity.Player;
@CommandPermissions(level = Rank.SUPER_ADMIN, source = SourceType.ONLY_CONSOLE, blockHostConsole = true)
@CommandParameters(description = "Close server to non-superadmins.", usage = "/<command> [on | off]")
@CommandParameters(description = "Close server to non-admins.", usage = "/<command> [on | off]")
public class Command_adminmode extends FreedomCommand
@ -29,12 +29,12 @@ public class Command_adminmode extends FreedomCommand
else if (args[0].equalsIgnoreCase("on"))
FUtil.adminAction(sender.getName(), "Closing the server to non-superadmins.", true);
FUtil.adminAction(sender.getName(), "Closing the server to non-admins.", true);
for (Player player : server.getOnlinePlayers())
if (!isAdmin(player))
player.kickPlayer("Server is now closed to non-superadmins.");
player.kickPlayer("Server is now closed to non-admins.");
return true;
@ -0,0 +1,36 @@
package me.totalfreedom.totalfreedommod.command;
import me.totalfreedom.totalfreedommod.rank.Rank;
import me.totalfreedom.totalfreedommod.util.FUtil;
import org.bukkit.World;
import org.bukkit.command.Command;
import org.bukkit.command.CommandSender;
import org.bukkit.entity.Player;
import org.bukkit.entity.Entity;
import org.bukkit.entity.AreaEffectCloud;
@CommandPermissions(level = Rank.SUPER_ADMIN, source = SourceType.BOTH)
@CommandParameters(description = "Clears lingering potion area effect clouds.", usage = "/<command>", aliases="aec")
public class Command_aeclear extends FreedomCommand
public boolean run(CommandSender sender, Player playerSender, Command cmd, String commandLabel, String[] args, boolean senderIsConsole)
FUtil.adminAction(sender.getName(), "Removing all area effect clouds.", true);
int removed = 0;
for (World world : server.getWorlds())
for (Entity entity : world.getEntities())
if (entity instanceof AreaEffectCloud)
msg(removed + " area effect clouds removed.");
return true;
@ -174,6 +174,7 @@ public class Command_saconfig extends FreedomCommand
FUtil.adminAction(sender.getName(), "Adding " + player.getName() + " to the admin list", true);
plugin.al.addAdmin(new Admin(player));
else // Existing admin
@ -190,6 +191,7 @@ public class Command_saconfig extends FreedomCommand
if (player != null)
@ -228,6 +230,7 @@ public class Command_saconfig extends FreedomCommand
return true;
@ -1,6 +1,5 @@
package me.totalfreedom.totalfreedommod.command;
import java.util.Iterator;
import me.totalfreedom.totalfreedommod.admin.Admin;
import me.totalfreedom.totalfreedommod.rank.Displayable;
import org.bukkit.potion.PotionEffect;
@ -9,7 +8,6 @@ import org.bukkit.potion.PotionEffectType;
import me.totalfreedom.totalfreedommod.util.FLog;
import me.totalfreedom.totalfreedommod.util.FUtil;
import org.bukkit.ChatColor;
import me.totalfreedom.totalfreedommod.TotalFreedomMod;
import org.bukkit.command.Command;
import org.bukkit.command.CommandSender;
import org.bukkit.entity.Player;
@ -57,7 +55,7 @@ public class Command_vanish extends FreedomCommand
plugin.esb.setVanished(playerSender.getName(), true);
playerSender.addPotionEffect(new PotionEffect(PotionEffectType.INVISIBILITY, 1000000, 1000000, true, false));
playerSender.addPotionEffect(new PotionEffect(PotionEffectType.INVISIBILITY, 1000000, 1, false, true));
return true;
@ -75,6 +75,7 @@ public class Command_verify extends FreedomCommand
admin.setLastLogin(new Date());
final FPlayer fPlayer = plugin.pl.getPlayer(playerSender);
if (fPlayer.getFreezeData().isFrozen())
@ -55,21 +55,13 @@ public class RankManager extends FreedomService
return Title.DEVELOPER;
final Rank rank = getRank(player);
// Non-admins don't have titles, display actual rank
if (!rank.isAdmin())
return rank;
// If the player's an owner, display that
if (ConfigEntry.SERVER_OWNERS.getList().contains(player.getName()))
return Title.OWNER;
return rank;
return getRank(player);
public Rank getRank(CommandSender sender)
@ -120,6 +112,26 @@ public class RankManager extends FreedomService
return player.isOp() ? Rank.OP : Rank.NON_OP;
public void updateDisplay(Player player)
FPlayer fPlayer = plugin.pl.getPlayer(player);
if (plugin.al.isAdmin(player))
Displayable display = getDisplay(player);
if (fPlayer.getTag() == null)
String displayName = display.getColor() + player.getName();
player.setPlayerListName(StringUtils.substring(displayName, 0, 16));
@EventHandler(priority = EventPriority.MONITOR)
public void onPlayerJoin(PlayerJoinEvent event)
@ -145,10 +157,13 @@ public class RankManager extends FreedomService
// Handle impostors
if (plugin.al.isAdminImpostor(player))
Boolean isImposter = plugin.al.isAdminImpostor(player);
if (isImposter)
FUtil.bcastMsg(ChatColor.AQUA + player.getName() + " is " + Rank.IMPOSTOR.getColoredLoginMessage());
FUtil.bcastMsg("Warning: " + player.getName() + " has been flagged as an impostor and has been frozen!", ChatColor.RED);
String displayName = Rank.IMPOSTOR.getColor() + player.getName();
player.setPlayerListName(StringUtils.substring(displayName, 0, 16));
@ -37,7 +37,7 @@ public class FUtil
public static final String SAVED_FLAGS_FILENAME = "savedflags.dat";
// See https://github.com/TotalFreedom/License - None of the listed names may be removed.
public static final List<String> DEVELOPERS = Arrays.asList("Madgeek1450", "Prozza", "WickedGamingUK", "aggelosQQ", "OxLemonxO", "Commodore64x", "Wild1145", "marcocorriero");
public static final List<String> DEVELOPERS = Arrays.asList("Madgeek1450", "Prozza", "WickedGamingUK", "aggelosQQ", "OxLemonxO", "Commodore64x", "Wild1145");
public static String DATE_STORAGE_FORMAT = "EEE, d MMM yyyy HH:mm:ss Z";
public static final Map<String, ChatColor> CHAT_COLOR_NAMES = new HashMap<>();
public static final List<ChatColor> CHAT_COLOR_POOL = Arrays.asList(
Reference in New Issue
Block a user