Skip to content

Commit

Permalink
fix: being able to bypass security rules with rotating or dismantling
Browse files Browse the repository at this point in the history
  • Loading branch information
@raoulvdberge
raoulvdberge committed Apr 4, 2024
1 parent 9b32e83 commit 147a90e
Show file tree
Hide file tree
Showing 6 changed files with 66 additions and 17 deletions.
2 changes: 1 addition & 1 deletion ...efinedmods/refinedstorage2/platform/api/support/network/PlatformNetworkNodeContainer.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ public interface PlatformNetworkNodeContainer extends NetworkNodeContainer {

boolean isContainerRemoved();

default boolean canBreak(final ServerPlayer player) {
default boolean canBreakOrRotate(final ServerPlayer player) {
return SecurityHelper.isAllowed(player, PlatformApi.INSTANCE.getBuiltinPermissions().build(), getNode());
}
}
4 changes: 2 additions & 2 deletions .../com/refinedmods/refinedstorage2/platform/common/security/SecurityManagerBlockEntity.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -166,8 +166,8 @@ public boolean canOpen(final ServerPlayer player) {
}

@Override
public boolean canBreak(final ServerPlayer player) {
return super.canBreak(player) || isPlacedBy(player.getGameProfile().getId());
public boolean canBreakOrRotate(final ServerPlayer player) {
return super.canBreakOrRotate(player) || isPlacedBy(player.getGameProfile().getId());
}

@Override
Expand Down
71 changes: 59 additions & 12 deletions .../main/java/com/refinedmods/refinedstorage2/platform/common/support/AbstractBaseBlock.java
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
package com.refinedmods.refinedstorage2.platform.common.support;

import com.refinedmods.refinedstorage2.api.network.Network;
import com.refinedmods.refinedstorage2.platform.api.PlatformApi;
import com.refinedmods.refinedstorage2.platform.api.support.network.PlatformNetworkNodeContainer;
import com.refinedmods.refinedstorage2.platform.common.Platform;
import com.refinedmods.refinedstorage2.platform.common.content.BlockColorMap;
import com.refinedmods.refinedstorage2.platform.common.content.Sounds;
Expand All @@ -10,6 +12,7 @@
import javax.annotation.Nullable;

import net.minecraft.core.BlockPos;
import net.minecraft.core.Direction;
import net.minecraft.server.level.ServerPlayer;
import net.minecraft.sounds.SoundSource;
import net.minecraft.world.Containers;
Expand All @@ -31,6 +34,8 @@
import net.minecraft.world.phys.Vec3;
import net.minecraft.world.phys.shapes.VoxelShape;

import static com.refinedmods.refinedstorage2.platform.common.util.IdentifierUtil.createTranslation;

public abstract class AbstractBaseBlock extends Block {
protected AbstractBaseBlock(final Properties properties) {
super(properties);
Expand Down Expand Up @@ -148,8 +153,8 @@ public final Optional<InteractionResult> tryUseWrench(final BlockState state,
if (!isWrenchingOwnBlock) {
return Optional.empty();
}
if (!level.isClientSide()) {
final boolean success = dismantleOrRotate(state, level, hitResult, player);
if (player instanceof ServerPlayer serverPlayer) {
final boolean success = dismantleOrRotate(state, level, hitResult, serverPlayer);
if (success) {
level.playSound(
null,
Expand All @@ -167,21 +172,54 @@ public final Optional<InteractionResult> tryUseWrench(final BlockState state,
private boolean dismantleOrRotate(final BlockState state,
final Level level,
final BlockHitResult hitResult,
final Player player) {
final ServerPlayer player) {
if (player.isCrouching()) {
dismantle(state, level, hitResult, player);
return true;
return dismantle(state, level, hitResult, player);
} else {
return rotate(state, level, hitResult.getBlockPos());
return rotate(state, level, hitResult.getBlockPos(), player);
}
}

private boolean rotate(final BlockState state, final Level level, final BlockPos pos) {
private boolean rotate(final BlockState state,
final Level level,
final BlockPos pos,
final ServerPlayer player) {
final BlockEntity blockEntity = level.getBlockEntity(pos);
if (blockEntity instanceof PlatformNetworkNodeContainer platformNetworkNodeContainer) {
final Network network = platformNetworkNodeContainer.getNode().getNetwork();
if (!platformNetworkNodeContainer.canBreakOrRotate(player)
|| mightMakeConnectionWithAnotherSecuredNetwork(level, pos, player, network)) {
PlatformApi.INSTANCE.sendNoPermissionMessage(
player,
createTranslation("misc", "no_permission.build.rotate", getName())
);
return false;
}
}
final BlockState rotated = getRotatedBlockState(state, level, pos);
level.setBlockAndUpdate(pos, rotated);
return !state.equals(rotated);
}

private boolean mightMakeConnectionWithAnotherSecuredNetwork(final Level level,
final BlockPos pos,
final ServerPlayer player,
@Nullable final Network rotatedNetwork) {
for (final Direction direction : Direction.values()) {
final BlockPos neighborPos = pos.relative(direction);
final BlockEntity neighborBlockEntity = level.getBlockEntity(neighborPos);
if (neighborBlockEntity instanceof PlatformNetworkNodeContainer neighborNetworkNodeContainer
&& neighborNetworkNodeContainer.getNode().getNetwork() != rotatedNetwork) {
PlatformApi.INSTANCE.sendNoPermissionMessage(
player,
createTranslation("misc", "no_permission.build.rotate", getName())
);
return true;
}
}
return false;
}

@SuppressWarnings("deprecation")
protected BlockState getRotatedBlockState(final BlockState state, final Level level, final BlockPos pos) {
return state.rotate(Rotation.CLOCKWISE_90);
Expand All @@ -191,12 +229,20 @@ private boolean isWrench(final ItemStack item) {
return item.is(Platform.INSTANCE.getWrenchTag());
}

private void dismantle(final BlockState state,
final Level level,
final BlockHitResult hitResult,
final Player player) {
final ItemStack stack = Platform.INSTANCE.getCloneItemStack(state, level, hitResult, player);
private boolean dismantle(final BlockState state,
final Level level,
final BlockHitResult hitResult,
final ServerPlayer player) {
final BlockEntity blockEntity = level.getBlockEntity(hitResult.getBlockPos());
if (blockEntity instanceof PlatformNetworkNodeContainer platformNetworkNodeContainer
&& !platformNetworkNodeContainer.canBreakOrRotate(player)) {
PlatformApi.INSTANCE.sendNoPermissionMessage(
player,
createTranslation("misc", "no_permission.build.dismantle", getName())
);
return false;
}
final ItemStack stack = Platform.INSTANCE.getCloneItemStack(state, level, hitResult, player);
if (blockEntity != null) {
blockEntity.saveToItem(stack);
// Ensure that we don't drop items
Expand All @@ -210,6 +256,7 @@ private void dismantle(final BlockState state,
hitResult.getLocation().z,
stack
));
return true;
}

public final Optional<InteractionResult> tryUpdateColor(final BlockState state,
Expand Down
2 changes: 2 additions & 0 deletions refinedstorage2-platform-common/src/main/resources/assets/refinedstorage2/lang/en_us.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -259,6 +259,8 @@
"misc.refinedstorage2.no_permission.extract": "You are not allowed to extract.",
"misc.refinedstorage2.no_permission.build.place": "You are not allowed to place a %s here.",
"misc.refinedstorage2.no_permission.build.break": "You are not allowed to break the %s.",
"misc.refinedstorage2.no_permission.build.rotate": "You are not allowed to rotate the %s.",
"misc.refinedstorage2.no_permission.build.dismantle": "You are not allowed to dismantle the %s.",
"key.refinedstorage2.focus_search_bar": "Focus search bar",
"key.refinedstorage2.clear_crafting_grid_matrix_to_network": "Clear Crafting Grid matrix to network",
"key.refinedstorage2.clear_crafting_grid_matrix_to_inventory": "Clear Crafting Grid matrix to inventory",
Expand Down
2 changes: 1 addition & 1 deletion ...dmods/refinedstorage2/platform/fabric/security/NetworkNodeBreakSecurityEventListener.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ public boolean beforeBlockBreak(final Level world,
@Nullable final BlockEntity blockEntity) {
if (blockEntity instanceof PlatformNetworkNodeContainer platformNetworkNodeContainer
&& player instanceof ServerPlayer serverPlayer
&& !platformNetworkNodeContainer.canBreak(serverPlayer)) {
&& !platformNetworkNodeContainer.canBreakOrRotate(serverPlayer)) {
PlatformApi.INSTANCE.sendNoPermissionMessage(
serverPlayer,
createTranslation("misc", "no_permission.build.break", state.getBlock().getName())
Expand Down
2 changes: 1 addition & 1 deletion ...rm-forge/src/main/java/com/refinedmods/refinedstorage2/platform/forge/ModInitializer.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -440,7 +440,7 @@ public void registerSecurityBlockBreakEvent(final BlockEvent.BreakEvent e) {
final BlockEntity blockEntity = e.getLevel().getBlockEntity(e.getPos());
if (blockEntity instanceof PlatformNetworkNodeContainer platformNetworkNodeContainer
&& e.getPlayer() instanceof ServerPlayer serverPlayer
&& !platformNetworkNodeContainer.canBreak(serverPlayer)) {
&& !platformNetworkNodeContainer.canBreakOrRotate(serverPlayer)) {
PlatformApi.INSTANCE.sendNoPermissionMessage(
serverPlayer,
createTranslation("misc", "no_permission.build.break", e.getState().getBlock().getName())
Expand Down

0 comments on commit 147a90e

Please sign in to comment.