Optional server whitelists (#5979)

2022-01-04 06:37:06 -07:00
parent 66deacc322
commit af785f873f
13 changed files with 1958 additions and 1 deletions
--- a/Content.Server/Connection/ConnectionManager.cs
+++ b/Content.Server/Connection/ConnectionManager.cs
@@ -9,6 +9,7 @@ using Content.Shared.CCVar;
 using Robust.Server.Player;
 using Robust.Shared.Configuration;
 using Robust.Shared.IoC;
+using Robust.Shared.Localization;
 using Robust.Shared.Network;


@@ -74,7 +75,8 @@ The ban reason is: ""{ban.Reason}""
                hwId = null;
            }

-            if (_plyMgr.PlayerCount >= _cfg.GetCVar(CCVars.SoftMaxPlayers) && await _dbManager.GetAdminDataForAsync(e.UserId) is null)
+            var adminData = await _dbManager.GetAdminDataForAsync(e.UserId);
+            if (_plyMgr.PlayerCount >= _cfg.GetCVar(CCVars.SoftMaxPlayers) && adminData is null)
            {
                e.Deny("The server is full!");
                return;
@@ -87,6 +89,14 @@ The ban reason is: ""{ban.Reason}""
                return;
            }

+            if (_cfg.GetCVar(CCVars.WhitelistEnabled)
+                && await _db.GetWhitelistStatusAsync(userId) == false
+                && adminData is null)
+            {
+                e.Deny(Loc.GetString("whitelist-not-whitelisted"));
+                return;
+            }
+
            if (!ServerPreferencesManager.ShouldStorePrefs(e.AuthType))
            {
                return;
--- a/Content.Server/Database/ServerDbBase.cs
+++ b/Content.Server/Database/ServerDbBase.cs
@@ -379,6 +379,7 @@ namespace Content.Server.Database
                .Include(p => p.Flags)
                .Include(p => p.AdminRank)
                .ThenInclude(p => p!.Flags)
+                .AsSplitQuery() // tests fail because of a random warning if you dont have this!
                .SingleOrDefaultAsync(p => p.UserId == userId.UserId, cancel);
        }

@@ -671,6 +672,33 @@ namespace Content.Server.Database

        #endregion

+        #region Whitelist
+
+        public async Task<bool> GetWhitelistStatusAsync(NetUserId player)
+        {
+            await using var db = await GetDb();
+
+            return await db.DbContext.Whitelist.AnyAsync(w => w.UserId == player);
+        }
+
+        public async Task AddToWhitelistAsync(NetUserId player)
+        {
+            await using var db = await GetDb();
+
+            db.DbContext.Whitelist.Add(new Whitelist { UserId = player });
+            await db.DbContext.SaveChangesAsync();
+        }
+
+        public async Task RemoveFromWhitelistAsync(NetUserId player)
+        {
+            await using var db = await GetDb();
+            var entry = await db.DbContext.Whitelist.SingleAsync(w => w.UserId == player);
+            db.DbContext.Whitelist.Remove(entry);
+            await db.DbContext.SaveChangesAsync();
+        }
+
+        #endregion
+
        protected abstract Task<DbGuard> GetDb();

        protected abstract class DbGuard : IAsyncDisposable
--- a/Content.Server/Database/ServerDbManager.cs
+++ b/Content.Server/Database/ServerDbManager.cs
@@ -139,6 +139,16 @@ namespace Content.Server.Database
        IAsyncEnumerable<JsonDocument> GetAdminLogsJson(LogFilter? filter = null);

        #endregion
+
+        #region Whitelist
+
+        Task<bool> GetWhitelistStatusAsync(NetUserId player);
+
+        Task AddToWhitelistAsync(NetUserId player);
+
+        Task RemoveFromWhitelistAsync(NetUserId player);
+
+        #endregion
    }

    public sealed class ServerDbManager : IServerDbManager
@@ -356,6 +366,21 @@ namespace Content.Server.Database
            return _db.GetAdminLogsJson(filter);
        }

+        public Task<bool> GetWhitelistStatusAsync(NetUserId player)
+        {
+            return _db.GetWhitelistStatusAsync(player);
+        }
+
+        public Task AddToWhitelistAsync(NetUserId player)
+        {
+            return _db.AddToWhitelistAsync(player);
+        }
+
+        public Task RemoveFromWhitelistAsync(NetUserId player)
+        {
+            return _db.RemoveFromWhitelistAsync(player);
+        }
+
        private DbContextOptions<ServerDbContext> CreatePostgresOptions()
        {
            var host = _cfg.GetCVar(CCVars.DatabasePgHost);
--- a/Content.Server/Whitelist/WhitelistCommands.cs
+++ b/Content.Server/Whitelist/WhitelistCommands.cs
@@ -0,0 +1,105 @@
+using Content.Server.Administration;
+using Content.Server.Database;
+using Content.Shared.Administration;
+using Content.Shared.CCVar;
+using Robust.Server.Player;
+using Robust.Shared.Configuration;
+using Robust.Shared.Console;
+using Robust.Shared.IoC;
+using Robust.Shared.Localization;
+using Robust.Shared.Network;
+using Robust.Shared.Player;
+
+namespace Content.Server.Whitelist;
+
+[AdminCommand(AdminFlags.Ban)]
+public class AddWhitelistCommand : IConsoleCommand
+{
+    public string Command => "whitelistadd";
+    public string Description => Loc.GetString("command-whitelistadd-description");
+    public string Help => Loc.GetString("command-whitelistadd-help");
+    public async void Execute(IConsoleShell shell, string argStr, string[] args)
+    {
+        if (args.Length != 1)
+            return;
+
+        var db = IoCManager.Resolve<IServerDbManager>();
+        var loc = IoCManager.Resolve<IPlayerLocator>();
+
+        var name = args[0];
+        var data = await loc.LookupIdByNameAsync(name);
+
+        if (data != null)
+        {
+            var guid = data.UserId;
+            var isWhitelisted = await db.GetWhitelistStatusAsync(guid);
+            if (isWhitelisted)
+                return;
+
+            await db.AddToWhitelistAsync(guid);
+        }
+    }
+}
+
+[AdminCommand(AdminFlags.Ban)]
+public class RemoveWhitelistCommand : IConsoleCommand
+{
+    public string Command => "whitelistremove";
+    public string Description => Loc.GetString("command-whitelistremove-description");
+    public string Help => Loc.GetString("command-whitelistremove-help");
+    public async void Execute(IConsoleShell shell, string argStr, string[] args)
+    {
+        if (args.Length != 1)
+            return;
+
+        var db = IoCManager.Resolve<IServerDbManager>();
+        var loc = IoCManager.Resolve<IPlayerLocator>();
+
+        var name = args[0];
+        var data = await loc.LookupIdByNameAsync(name);
+
+        if (data != null)
+        {
+            var guid = data.UserId;
+            var isWhitelisted = await db.GetWhitelistStatusAsync(guid);
+            if (!isWhitelisted)
+                return;
+
+            await db.RemoveFromWhitelistAsync(guid);
+        }
+    }
+}
+
+[AdminCommand(AdminFlags.Ban)]
+public class KickNonWhitelistedCommand : IConsoleCommand
+{
+    public string Command => "kicknonwhitelisted";
+    public string Description => Loc.GetString("command-kicknonwhitelisted-description");
+    public string Help => Loc.GetString("command-kicknonwhitelisted-help");
+    public async void Execute(IConsoleShell shell, string argStr, string[] args)
+    {
+        if (args.Length != 0)
+            return;
+
+        var cfg = IoCManager.Resolve<IConfigurationManager>();
+
+        if (!cfg.GetCVar(CCVars.WhitelistEnabled))
+            return;
+
+        var player = IoCManager.Resolve<IPlayerManager>();
+        var db = IoCManager.Resolve<IServerDbManager>();
+        var net = IoCManager.Resolve<IServerNetManager>();
+
+        foreach (var session in player.NetworkedSessions)
+        {
+            if (await db.GetAdminDataForAsync(session.UserId) is not null)
+                continue;
+
+            if (!await db.GetWhitelistStatusAsync(session.UserId))
+            {
+                net.DisconnectChannel(session.ConnectedClient, Loc.GetString("whitelist-not-whitelisted"));
+            }
+        }
+
+    }
+}