mirror of
https://github.com/kaboomserver/extras.git
synced 2024-10-31 16:59:24 +00:00
Enforce stricter sender type checks across all player-only commands
Previously it was possible to bypass the "ConsoleCommandSender" check by running the command in a command block, and causing the server to throw an exception in console. Exceptions are bad.
This commit is contained in:
parent
d0246790cb
commit
88298b7007
|
@ -5,7 +5,6 @@ import org.bukkit.Material;
|
||||||
import org.bukkit.command.Command;
|
import org.bukkit.command.Command;
|
||||||
import org.bukkit.command.CommandExecutor;
|
import org.bukkit.command.CommandExecutor;
|
||||||
import org.bukkit.command.CommandSender;
|
import org.bukkit.command.CommandSender;
|
||||||
import org.bukkit.command.ConsoleCommandSender;
|
|
||||||
import org.bukkit.enchantments.Enchantment;
|
import org.bukkit.enchantments.Enchantment;
|
||||||
import org.bukkit.entity.Player;
|
import org.bukkit.entity.Player;
|
||||||
import org.bukkit.inventory.ItemStack;
|
import org.bukkit.inventory.ItemStack;
|
||||||
|
@ -17,13 +16,12 @@ public final class CommandEnchantAll implements CommandExecutor {
|
||||||
final @Nonnull Command command,
|
final @Nonnull Command command,
|
||||||
final @Nonnull String label,
|
final @Nonnull String label,
|
||||||
final String[] args) {
|
final String[] args) {
|
||||||
if (sender instanceof ConsoleCommandSender) {
|
if (!(sender instanceof final Player player)) {
|
||||||
sender.sendMessage(Component
|
sender.sendMessage(Component
|
||||||
.text("Command has to be run by a player"));
|
.text("Command has to be run by a player"));
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
final Player player = (Player) sender;
|
|
||||||
final ItemStack item = player.getInventory().getItemInMainHand();
|
final ItemStack item = player.getInventory().getItemInMainHand();
|
||||||
|
|
||||||
if (Material.AIR.equals(item.getType())) {
|
if (Material.AIR.equals(item.getType())) {
|
||||||
|
|
|
@ -19,7 +19,12 @@ public final class CommandKaboom implements CommandExecutor {
|
||||||
final @Nonnull Command command,
|
final @Nonnull Command command,
|
||||||
final @Nonnull String label,
|
final @Nonnull String label,
|
||||||
final String[] args) {
|
final String[] args) {
|
||||||
final Player player = (Player) sender;
|
if (!(sender instanceof final Player player)) {
|
||||||
|
sender.sendMessage(Component
|
||||||
|
.text("Command has to be run by a player"));
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
boolean explode = ThreadLocalRandom.current().nextBoolean();
|
boolean explode = ThreadLocalRandom.current().nextBoolean();
|
||||||
|
|
||||||
if (explode) {
|
if (explode) {
|
||||||
|
|
|
@ -1,15 +1,15 @@
|
||||||
package pw.kaboom.extras.commands;
|
package pw.kaboom.extras.commands;
|
||||||
|
|
||||||
import javax.annotation.Nonnull;
|
|
||||||
import net.kyori.adventure.text.Component;
|
import net.kyori.adventure.text.Component;
|
||||||
import net.kyori.adventure.text.format.NamedTextColor;
|
import net.kyori.adventure.text.format.NamedTextColor;
|
||||||
import org.bukkit.command.Command;
|
import org.bukkit.command.Command;
|
||||||
import org.bukkit.command.CommandExecutor;
|
import org.bukkit.command.CommandExecutor;
|
||||||
import org.bukkit.command.CommandSender;
|
import org.bukkit.command.CommandSender;
|
||||||
import org.bukkit.command.ConsoleCommandSender;
|
|
||||||
import org.bukkit.entity.Player;
|
import org.bukkit.entity.Player;
|
||||||
import pw.kaboom.extras.modules.player.PlayerPrefix;
|
import pw.kaboom.extras.modules.player.PlayerPrefix;
|
||||||
|
|
||||||
|
import javax.annotation.Nonnull;
|
||||||
|
|
||||||
public final class CommandPrefix implements CommandExecutor {
|
public final class CommandPrefix implements CommandExecutor {
|
||||||
|
|
||||||
|
|
||||||
|
@ -17,14 +17,12 @@ public final class CommandPrefix implements CommandExecutor {
|
||||||
final @Nonnull Command cmd,
|
final @Nonnull Command cmd,
|
||||||
final @Nonnull String label,
|
final @Nonnull String label,
|
||||||
final String[] args) {
|
final String[] args) {
|
||||||
if (sender instanceof ConsoleCommandSender) {
|
if (!(sender instanceof final Player player)) {
|
||||||
sender.sendMessage(Component
|
sender.sendMessage(Component
|
||||||
.text("Command has to be run by a player"));
|
.text("Command has to be run by a player"));
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
final Player player = (Player) sender;
|
|
||||||
|
|
||||||
if (args.length == 0) {
|
if (args.length == 0) {
|
||||||
player.sendMessage(Component
|
player.sendMessage(Component
|
||||||
.text("Usage: /" + label + " <prefix|off>",
|
.text("Usage: /" + label + " <prefix|off>",
|
||||||
|
|
|
@ -1,17 +1,16 @@
|
||||||
package pw.kaboom.extras.commands;
|
package pw.kaboom.extras.commands;
|
||||||
|
|
||||||
import java.util.HashMap;
|
|
||||||
import java.util.Map;
|
|
||||||
import net.kyori.adventure.text.Component;
|
import net.kyori.adventure.text.Component;
|
||||||
import net.kyori.adventure.text.format.NamedTextColor;
|
import net.kyori.adventure.text.format.NamedTextColor;
|
||||||
import org.bukkit.command.Command;
|
import org.bukkit.command.Command;
|
||||||
import org.bukkit.command.CommandExecutor;
|
import org.bukkit.command.CommandExecutor;
|
||||||
import org.bukkit.command.CommandSender;
|
import org.bukkit.command.CommandSender;
|
||||||
import org.bukkit.command.ConsoleCommandSender;
|
|
||||||
import org.bukkit.entity.Player;
|
import org.bukkit.entity.Player;
|
||||||
import pw.kaboom.extras.skin.SkinManager;
|
import pw.kaboom.extras.skin.SkinManager;
|
||||||
|
|
||||||
import javax.annotation.Nonnull;
|
import javax.annotation.Nonnull;
|
||||||
|
import java.util.HashMap;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
public final class CommandSkin implements CommandExecutor {
|
public final class CommandSkin implements CommandExecutor {
|
||||||
private final Map<Player, Long> lastUsedMillis = new HashMap<>();
|
private final Map<Player, Long> lastUsedMillis = new HashMap<>();
|
||||||
|
@ -21,13 +20,12 @@ public final class CommandSkin implements CommandExecutor {
|
||||||
final @Nonnull Command command,
|
final @Nonnull Command command,
|
||||||
final @Nonnull String label,
|
final @Nonnull String label,
|
||||||
final String[] args) {
|
final String[] args) {
|
||||||
if (sender instanceof ConsoleCommandSender) {
|
if (!(sender instanceof final Player player)) {
|
||||||
sender.sendMessage(Component
|
sender.sendMessage(Component
|
||||||
.text("Command has to be run by a player"));
|
.text("Command has to be run by a player"));
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
final Player player = (Player) sender;
|
|
||||||
final long millis = lastUsedMillis.getOrDefault(player, 0L);
|
final long millis = lastUsedMillis.getOrDefault(player, 0L);
|
||||||
final long millisDifference = System.currentTimeMillis() - millis;
|
final long millisDifference = System.currentTimeMillis() - millis;
|
||||||
|
|
||||||
|
|
|
@ -9,7 +9,6 @@ import org.bukkit.block.BlockFace;
|
||||||
import org.bukkit.command.Command;
|
import org.bukkit.command.Command;
|
||||||
import org.bukkit.command.CommandExecutor;
|
import org.bukkit.command.CommandExecutor;
|
||||||
import org.bukkit.command.CommandSender;
|
import org.bukkit.command.CommandSender;
|
||||||
import org.bukkit.command.ConsoleCommandSender;
|
|
||||||
import org.bukkit.entity.Player;
|
import org.bukkit.entity.Player;
|
||||||
|
|
||||||
import javax.annotation.Nonnull;
|
import javax.annotation.Nonnull;
|
||||||
|
@ -19,13 +18,12 @@ public final class CommandSpawn implements CommandExecutor {
|
||||||
final @Nonnull Command command,
|
final @Nonnull Command command,
|
||||||
final @Nonnull String label,
|
final @Nonnull String label,
|
||||||
final String[] args) {
|
final String[] args) {
|
||||||
if (sender instanceof ConsoleCommandSender) {
|
if (!(sender instanceof final Player player)) {
|
||||||
sender.sendMessage(Component
|
sender.sendMessage(Component
|
||||||
.text("Command has to be run by a player"));
|
.text("Command has to be run by a player"));
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
final Player player = (Player) sender;
|
|
||||||
final World defaultWorld = Bukkit.getWorld("world");
|
final World defaultWorld = Bukkit.getWorld("world");
|
||||||
final World world = (defaultWorld == null) ? Bukkit.getWorlds().get(0) : defaultWorld;
|
final World world = (defaultWorld == null) ? Bukkit.getWorlds().get(0) : defaultWorld;
|
||||||
final Location spawnLocation = world.getSpawnLocation();
|
final Location spawnLocation = world.getSpawnLocation();
|
||||||
|
|
|
@ -6,7 +6,6 @@ import org.bukkit.World;
|
||||||
import org.bukkit.command.Command;
|
import org.bukkit.command.Command;
|
||||||
import org.bukkit.command.CommandExecutor;
|
import org.bukkit.command.CommandExecutor;
|
||||||
import org.bukkit.command.CommandSender;
|
import org.bukkit.command.CommandSender;
|
||||||
import org.bukkit.command.ConsoleCommandSender;
|
|
||||||
import org.bukkit.entity.Player;
|
import org.bukkit.entity.Player;
|
||||||
import org.bukkit.util.BlockIterator;
|
import org.bukkit.util.BlockIterator;
|
||||||
import org.bukkit.util.Vector;
|
import org.bukkit.util.Vector;
|
||||||
|
@ -18,13 +17,12 @@ public final class CommandSpidey implements CommandExecutor {
|
||||||
final @Nonnull Command command,
|
final @Nonnull Command command,
|
||||||
final @Nonnull String label,
|
final @Nonnull String label,
|
||||||
final String[] args) {
|
final String[] args) {
|
||||||
if (sender instanceof ConsoleCommandSender) {
|
if (!(sender instanceof final Player player)) {
|
||||||
sender.sendMessage(Component
|
sender.sendMessage(Component
|
||||||
.text("Command has to be run by a player"));
|
.text("Command has to be run by a player"));
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
final Player player = (Player) sender;
|
|
||||||
final World world = player.getWorld();
|
final World world = player.getWorld();
|
||||||
final Vector start = player.getEyeLocation().toVector();
|
final Vector start = player.getEyeLocation().toVector();
|
||||||
final Vector direction = player.getEyeLocation().getDirection();
|
final Vector direction = player.getEyeLocation().getDirection();
|
||||||
|
|
|
@ -1,8 +1,6 @@
|
||||||
package pw.kaboom.extras.commands;
|
package pw.kaboom.extras.commands;
|
||||||
|
|
||||||
import com.destroystokyo.paper.profile.PlayerProfile;
|
import com.destroystokyo.paper.profile.PlayerProfile;
|
||||||
import java.util.HashMap;
|
|
||||||
import java.util.Map;
|
|
||||||
import net.kyori.adventure.text.Component;
|
import net.kyori.adventure.text.Component;
|
||||||
import net.kyori.adventure.text.format.NamedTextColor;
|
import net.kyori.adventure.text.format.NamedTextColor;
|
||||||
import org.bukkit.Bukkit;
|
import org.bukkit.Bukkit;
|
||||||
|
@ -10,10 +8,11 @@ import org.bukkit.ChatColor;
|
||||||
import org.bukkit.command.Command;
|
import org.bukkit.command.Command;
|
||||||
import org.bukkit.command.CommandExecutor;
|
import org.bukkit.command.CommandExecutor;
|
||||||
import org.bukkit.command.CommandSender;
|
import org.bukkit.command.CommandSender;
|
||||||
import org.bukkit.command.ConsoleCommandSender;
|
|
||||||
import org.bukkit.entity.Player;
|
import org.bukkit.entity.Player;
|
||||||
|
|
||||||
import javax.annotation.Nonnull;
|
import javax.annotation.Nonnull;
|
||||||
|
import java.util.HashMap;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
public final class CommandUsername implements CommandExecutor {
|
public final class CommandUsername implements CommandExecutor {
|
||||||
private final Map<Player, Long> lastUsedMillis = new HashMap<>();
|
private final Map<Player, Long> lastUsedMillis = new HashMap<>();
|
||||||
|
@ -23,13 +22,12 @@ public final class CommandUsername implements CommandExecutor {
|
||||||
final @Nonnull Command command,
|
final @Nonnull Command command,
|
||||||
final @Nonnull String label,
|
final @Nonnull String label,
|
||||||
final String[] args) {
|
final String[] args) {
|
||||||
if (sender instanceof ConsoleCommandSender) {
|
if (!(sender instanceof final Player player)) {
|
||||||
sender.sendMessage(Component
|
sender.sendMessage(Component
|
||||||
.text("Command has to be run by a player"));
|
.text("Command has to be run by a player"));
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
final Player player = (Player) sender;
|
|
||||||
final String nameColor = ChatColor.translateAlternateColorCodes(
|
final String nameColor = ChatColor.translateAlternateColorCodes(
|
||||||
'&', String.join(" ", args));
|
'&', String.join(" ", args));
|
||||||
final String name = nameColor.substring(0, Math.min(16, nameColor.length()));
|
final String name = nameColor.substring(0, Math.min(16, nameColor.length()));
|
||||||
|
|
Loading…
Reference in a new issue