Skip to content

Commit

Permalink
Removed News-Channel.
Browse files Browse the repository at this point in the history
Fixed Cross-Server Channel Exploit.
Fixed Temporal-Voice setup.
  • Loading branch information
DxsSucuk committed Sep 30, 2022
1 parent 0f75bac commit 459b5bc
Show file tree
Hide file tree
Showing 11 changed files with 23 additions and 153 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,8 @@ public void onPerform(CommandEvent commandEvent) {
}
} else if(commandEvent.getArguments().length == 3) {

if (commandEvent.getMessage().getMentions().getChannels(TextChannel.class).isEmpty()) {
if (commandEvent.getMessage().getMentions().getChannels(TextChannel.class).isEmpty() ||
!commandEvent.getMessage().getMentions().getChannels(TextChannel.class).get(0).getGuild().getId().equals(commandEvent.getGuild().getId())) {
Main.getInstance().getCommandManager().sendMessage("Please use " + Main.getInstance().getSqlConnector().getSqlWorker().getSetting(commandEvent.getGuild().getId(), "chatprefix").getStringValue() + "instagramnotifier add/remove InstagramName #Channel", 5, commandEvent.getChannel(), commandEvent.getInteractionHook());
return;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,8 @@ public void onPerform(CommandEvent commandEvent) {
}
} else if(commandEvent.getArguments().length == 3) {

if (commandEvent.getMessage().getMentions().getChannels(TextChannel.class).isEmpty()) {
if (commandEvent.getMessage().getMentions().getChannels(TextChannel.class).isEmpty() ||
!commandEvent.getMessage().getMentions().getChannels(TextChannel.class).get(0).getGuild().getId().equals(commandEvent.getGuild().getId())) {
Main.getInstance().getCommandManager().sendMessage("Please use " + Main.getInstance().getSqlConnector().getSqlWorker().getSetting(commandEvent.getGuild().getId(), "chatprefix").getStringValue() + "redditnotifier add/remove Subreddit #Channel", 5, commandEvent.getChannel(), commandEvent.getInteractionHook());
return;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,8 @@ public void onPerform(CommandEvent commandEvent) {
}
} else if (commandEvent.getArguments().length == 3) {

if (commandEvent.getMessage().getMentions().getChannels(TextChannel.class).isEmpty()) {
if (commandEvent.getMessage().getMentions().getChannels(TextChannel.class).isEmpty() ||
!commandEvent.getMessage().getMentions().getChannels(TextChannel.class).get(0).getGuild().getId().equals(commandEvent.getGuild().getId())) {
Main.getInstance().getCommandManager().sendMessage("Please use " + Main.getInstance().getSqlConnector().getSqlWorker().getSetting(commandEvent.getGuild().getId(), "chatprefix").getStringValue() + "twitch add/remove TwitchName #Channel", 5, commandEvent.getChannel(), commandEvent.getInteractionHook());
return;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,8 @@ public void onPerform(CommandEvent commandEvent) {
}
} else if(commandEvent.getArguments().length == 3) {

if (commandEvent.getMessage().getMentions().getChannels(TextChannel.class).isEmpty()) {
if (commandEvent.getMessage().getMentions().getChannels(TextChannel.class).isEmpty() ||
!commandEvent.getMessage().getMentions().getChannels(TextChannel.class).get(0).getGuild().getId().equals(commandEvent.getGuild().getId())) {
Main.getInstance().getCommandManager().sendMessage("Please use " + Main.getInstance().getSqlConnector().getSqlWorker().getSetting(commandEvent.getGuild().getId(), "chatprefix").getStringValue() + "twitternotifier add/remove TwitterName #Channel", 5, commandEvent.getChannel(), commandEvent.getInteractionHook());
return;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,8 @@ public void onPerform(CommandEvent commandEvent) {
}
} else if(commandEvent.getArguments().length == 3) {

if (commandEvent.getMessage().getMentions().getChannels(TextChannel.class).isEmpty()) {
if (commandEvent.getMessage().getMentions().getChannels(TextChannel.class).isEmpty() ||
!commandEvent.getMessage().getMentions().getChannels(TextChannel.class).get(0).getGuild().getId().equals(commandEvent.getGuild().getId())) {
Main.getInstance().getCommandManager().sendMessage("Please use " + Main.getInstance().getSqlConnector().getSqlWorker().getSetting(commandEvent.getGuild().getId(), "chatprefix").getStringValue() + "youtubenotifier add/remove YouTubeChannel #Channel", 5, commandEvent.getChannel(), commandEvent.getInteractionHook());
return;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
import de.presti.ree6.commands.interfaces.ICommand;
import de.presti.ree6.main.Main;
import net.dv8tion.jda.api.EmbedBuilder;
import net.dv8tion.jda.api.Permission;
import net.dv8tion.jda.api.interactions.commands.OptionMapping;
import net.dv8tion.jda.api.interactions.commands.OptionType;
import net.dv8tion.jda.api.interactions.commands.build.CommandData;
Expand All @@ -30,6 +31,11 @@ public void onPerform(CommandEvent commandEvent) {
return;
}

if (!commandEvent.getMember().hasPermission(Permission.MESSAGE_MANAGE)) {
commandEvent.reply("You do not have the permission to do that!");
return;
}

OptionMapping title = commandEvent.getSlashCommandInteractionEvent().getOption("title");
OptionMapping description = commandEvent.getSlashCommandInteractionEvent().getOption("description");
OptionMapping color = commandEvent.getSlashCommandInteractionEvent().getOption("color");
Expand Down
6 changes: 6 additions & 0 deletions src/main/java/de/presti/ree6/commands/impl/mod/Import.java
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
import de.presti.ree6.main.Main;
import de.presti.ree6.sql.entities.level.ChatUserLevel;
import de.presti.ree6.utils.external.RequestUtility;
import net.dv8tion.jda.api.Permission;
import net.dv8tion.jda.api.interactions.commands.OptionMapping;
import net.dv8tion.jda.api.interactions.commands.OptionType;
import net.dv8tion.jda.api.interactions.commands.build.CommandData;
Expand All @@ -24,6 +25,11 @@ public class Import implements ICommand {
*/
@Override
public void onPerform(CommandEvent commandEvent) {
if (!commandEvent.getMember().hasPermission(Permission.MANAGE_SERVER)) {
commandEvent.reply("You do not have the permission to do that!");
return;
}

if (commandEvent.isSlashCommand()) {
OptionMapping optionMapping = commandEvent.getSlashCommandInteractionEvent().getOption("bot");
commandEvent.getArguments()[0] = optionMapping.getAsString();
Expand Down
1 change: 0 additions & 1 deletion src/main/java/de/presti/ree6/commands/impl/mod/Setup.java
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,6 @@ public void onPerform(CommandEvent commandEvent) {
List<SelectOption> optionList = new ArrayList<>();
optionList.add(SelectOption.of("Audit-Logging", "log"));
optionList.add(SelectOption.of("Welcome-channel", "welcome"));
optionList.add(SelectOption.of("News-channel", "news"));
optionList.add(SelectOption.of("Autorole", "autorole"));
optionList.add(SelectOption.of("Temporal-Voice", "tempvoice"));
optionList.add(SelectOption.of("Statistics", "statistics"));
Expand Down
72 changes: 1 addition & 71 deletions src/main/java/de/presti/ree6/events/OtherEvents.java
Original file line number Diff line number Diff line change
Expand Up @@ -864,19 +864,6 @@ public void onSelectMenuInteraction(@NotNull SelectMenuInteractionEvent event) {
event.editMessageEmbeds(embedBuilder.build()).setActionRow(new SelectMenuImpl("setupWelcomeMenu", "Select your Action", 1, 1, false, optionList)).queue();
}

case "news" -> {
optionList.add(SelectOption.of("Setup", "newsSetup"));

if (Main.getInstance().getSqlConnector().getSqlWorker().isNewsSetup(event.getGuild().getId()))
optionList.add(SelectOption.of("Delete", "newsDelete"));

optionList.add(SelectOption.of("Back to Menu", "backToSetupMenu"));

embedBuilder.setDescription("You can set up our own Ree6-News!\nBy setting up Ree6-News on a specific channel you will get a Message in the given Channel, when ever Ree6 gets an update!");

event.editMessageEmbeds(embedBuilder.build()).setActionRow(new SelectMenuImpl("setupNewsMenu", "Select your Action", 1, 1, false, optionList)).queue();
}

case "autorole" -> {
embedBuilder.setDescription("You can set up our own Autorole-System!\nYou can select Roles that Users should get upon joining the Server!");

Expand All @@ -886,7 +873,7 @@ public void onSelectMenuInteraction(@NotNull SelectMenuInteractionEvent event) {
case "tempvoice" -> {
optionList.add(SelectOption.of("Setup", "tempVoiceSetup"));

if (Main.getInstance().getSqlConnector().getSqlWorker().isNewsSetup(event.getGuild().getId()))
if (Main.getInstance().getSqlConnector().getSqlWorker().getEntity(TemporalVoicechannel.class, "SELECT * FROM TemporalVoicechannel WHERE GID=?", event.getGuild().getId()).isSuccess())
optionList.add(SelectOption.of("Delete", "tempVoiceDelete"));

optionList.add(SelectOption.of("Back to Menu", "backToSetupMenu"));
Expand Down Expand Up @@ -1220,62 +1207,6 @@ public void onSelectMenuInteraction(@NotNull SelectMenuInteractionEvent event) {

}

case "setupNewsMenu" -> {

if (checkPerms(event.getMember(), event.getChannel())) {
return;
}

EmbedBuilder embedBuilder = new EmbedBuilder(event.getMessage().getEmbeds().get(0));

List<SelectOption> optionList = new ArrayList<>();

switch (event.getInteraction().getValues().get(0)) {

case "backToSetupMenu" -> sendDefaultChoice(event);

case "newsSetup" -> {
for (TextChannel channel : event.getGuild().getTextChannels()) {
optionList.add(SelectOption.of(channel.getName(), channel.getId()));
}

embedBuilder.setDescription("Which Channel do you want to use as News-Channel?");

event.editMessageEmbeds(embedBuilder.build()).setActionRow(new SelectMenuImpl("setupNewsChannel", "Select a Channel!", 1, 1, false, optionList)).queue();
}

default -> {
if (event.getMessage().getEmbeds().isEmpty() || event.getMessage().getEmbeds().get(0) == null)
return;

embedBuilder.setDescription("You somehow selected a Invalid Option? Are you a Wizard?");
event.editMessageEmbeds(embedBuilder.build()).queue();
}
}
}

case "setupNewsChannel" -> {
if (checkPerms(event.getMember(), event.getChannel())) {
return;
}

EmbedBuilder embedBuilder = new EmbedBuilder(event.getMessage().getEmbeds().get(0));

TextChannel textChannel = event.getGuild().getTextChannelById(event.getInteraction().getValues().get(0));

if (textChannel != null) {
textChannel.createWebhook("Ree6-News").queue(webhook -> {
Main.getInstance().getSqlConnector().getSqlWorker().setNewsWebhook(event.getGuild().getId(), webhook.getId(), webhook.getToken());
embedBuilder.setDescription("Successfully changed the News-Channel, nice work!");
embedBuilder.setColor(Color.GREEN);
event.editMessageEmbeds(embedBuilder.build()).setComponents(new ArrayList<>()).queue();
});
} else {
embedBuilder.setDescription("The given Channel doesn't exists, how did you select it? Are you a Wizard?");
event.editMessageEmbeds(embedBuilder.build()).queue();
}
}

default -> {
if (event.getMessage().getEmbeds().isEmpty() || event.getMessage().getEmbeds().get(0) == null) return;

Expand All @@ -1298,7 +1229,6 @@ public void sendDefaultChoice(SelectMenuInteractionEvent event) {
List<SelectOption> optionList = new ArrayList<>();
optionList.add(SelectOption.of("Audit-Logging", "log"));
optionList.add(SelectOption.of("Welcome-channel", "welcome"));
optionList.add(SelectOption.of("News-channel", "news"));
optionList.add(SelectOption.of("Autorole", "autorole"));
optionList.add(SelectOption.of("Temporal-Voice", "tempvoice"));
optionList.add(SelectOption.of("Statistics", "statistics"));
Expand Down
53 changes: 0 additions & 53 deletions src/main/java/de/presti/ree6/sql/SQLWorker.java
Original file line number Diff line number Diff line change
Expand Up @@ -352,59 +352,6 @@ public boolean isWelcomeSetup(String guildId) {

//endregion

//region News

/**
* Get the NewsWebhooks data.
*
* @param guildId the ID of the Guild.
* @return {@link WebhookNews} with all the needed data.
*/
public WebhookNews getNewsWebhook(String guildId) {
SQLResponse sqlResponse = getEntity(WebhookNews.class, "SELECT * FROM NewsWebhooks WHERE GID=?", guildId);
return sqlResponse.isSuccess() ? (WebhookNews) sqlResponse.getEntity() : null;
}

/**
* Set the NewsWebhooks in our Database.
*
* @param guildId the ID of the Guild.
* @param webhookId the ID of the Webhook.
* @param authToken the Auth-token to verify the access.
*/
public void setNewsWebhook(String guildId, String webhookId, String authToken) {

// Check if there is already a Webhook set.
if (isNewsSetup(guildId)) {
// Get the Guild from the ID.
Guild guild = BotWorker.getShardManager().getGuildById(guildId);

if (guild != null) {
Webhook webhookEntity = getNewsWebhook(guildId);
// Delete the existing Webhook.
guild.retrieveWebhooks().queue(webhooks -> webhooks.stream().filter(webhook -> webhook.getToken() != null).filter(webhook -> webhook.getId().equalsIgnoreCase(webhookEntity.getChannelId()) && webhook.getToken().equalsIgnoreCase(webhookEntity.getToken())).forEach(webhook -> webhook.delete().queue()));
}

// Delete the entry.
sqlConnector.querySQL("DELETE FROM NewsWebhooks WHERE GID=?", guildId);
}

saveEntity(new WebhookNews(guildId, webhookId, authToken));

}

/**
* Check if the News Webhook has been set in our Database for this Server.
*
* @param guildId the ID of the Guild.
* @return {@link Boolean} if true, it has been set | if false, it hasn't been set.
*/
public boolean isNewsSetup(String guildId) {
return getEntity(WebhookNews.class, "SELECT * FROM NewsWebhooks WHERE GID=?", guildId).isSuccess();
}

//endregion

//region Twitch Notifier

/**
Expand Down
23 changes: 0 additions & 23 deletions src/main/java/de/presti/ree6/sql/entities/webhook/WebhookNews.java

This file was deleted.

0 comments on commit 459b5bc

Please sign in to comment.