private User LoadUserFromResult(User user, QueryResult result)
{
user.ID = result.Get<int>("ID");
user.Group = result.Get<string>("Usergroup");
user.Password = result.Get<string>("Password");
user.Name = result.Get<string>("Username");
user.Address = result.Get<string>("IP");
return user;
}
/// <summary>
/// Sets the group for a given username
/// </summary>
/// <param name="user">User user</param>
/// <param name="group">string group</param>
public void SetUserGroup(User user, string group)
{
try
{
Group grp = tPulse.Groups.GetGroupByName(group);
if (null == grp)
throw new GroupNotExistsException(group);
if (database.Query("UPDATE Users SET UserGroup = @0 WHERE Username = @1;", group, user.Name) == 0)
throw new UserNotExistException(user.Name);
// Update player group reference for any logged in player
foreach (var player in tPulse.Players.Where(p => null != p && p.UserAccountName == user.Name))
{
player.Group = grp;
}
}
catch (Exception ex)
{
throw new UserManagerException("SetUserGroup SQL returned an error", ex);
}
}
/// <summary>
/// Sets the Hashed Password for a given username
/// </summary>
/// <param name="user">User user</param>
/// <param name="group">string password</param>
public void SetUserPassword(User user, string password)
{
try
{
if (
database.Query("UPDATE Users SET Password = @0 WHERE Username = @1;", Utils.HashPassword(password),
user.Name) == 0)
throw new UserNotExistException(user.Name);
}
catch (Exception ex)
{
throw new UserManagerException("SetUserPassword SQL returned an error", ex);
}
}
public User GetUser(User user)
{
bool multiple = false;
string query;
string type;
object arg;
if (0 != user.ID)
{
query = "SELECT * FROM Users WHERE ID=@0";
arg = user.ID;
type = "id";
}
else if (string.IsNullOrEmpty(user.Address))
{
query = "SELECT * FROM Users WHERE Username=@0";
arg = user.Name;
type = "name";
}
else
{
query = "SELECT * FROM Users WHERE IP=@0";
arg = user.Address;
type = "ip";
}
try
{
using (var result = database.QueryReader(query, arg))
{
if (result.Read())
{
user = LoadUserFromResult(user, result);
// Check for multiple matches
if (!result.Read())
return user;
multiple = true;
}
}
}
catch (Exception ex)
{
throw new UserManagerException("GetUser SQL returned an error (" + ex.Message + ")", ex);
}
if (multiple)
throw new UserManagerException(String.Format("Multiple users found for {0} '{1}'", type, arg));
throw new UserNotExistException(string.IsNullOrEmpty(user.Address) ? user.Name : user.Address);
}
/// <summary>
/// Removes a given username from the database
/// </summary>
/// <param name="user">User user</param>
public void RemoveUser(User user)
{
try
{
int affected = -1;
if (!string.IsNullOrEmpty(user.Address))
{
affected = database.Query("DELETE FROM Users WHERE IP=@0", user.Address);
}
else
{
affected = database.Query("DELETE FROM Users WHERE Username=@0", user.Name);
}
if (affected < 1)
throw new UserNotExistException(string.IsNullOrEmpty(user.Address) ? user.Name : user.Address);
}
catch (Exception ex)
{
throw new UserManagerException("RemoveUser SQL returned an error", ex);
}
}
/// <summary>
/// Adds a given username to the database
/// </summary>
/// <param name="user">User user</param>
public void AddUser(User user)
{
if (!tPulse.Groups.GroupExists(user.Group))
throw new GroupNotExistsException(user.Group);
int ret;
try
{
ret = database.Query("INSERT INTO Users (Username, Password, UserGroup, IP) VALUES (@0, @1, @2, @3);", user.Name,
Utils.HashPassword(user.Password), user.Group, user.Address);
}
catch (Exception ex)
{
// Detect duplicate user using a regexp as Sqlite doesn't have well structured exceptions
if (Regex.IsMatch(ex.Message, "Username.*not unique"))
throw new UserExistsException(user.Name);
throw new UserManagerException("AddUser SQL returned an error (" + ex.Message + ")", ex);
}
if (1 > ret)
throw new UserExistsException(user.Name);
}
public FUser(User u)
{
ID = u.ID;
Name = u.Name;
}
private void RegisterUser(CommandArgs args)
{
try
{
var user = new User();
if (args.Parameters.Count == 1)
{
user.Name = args.Player.Name;
user.Password = args.Parameters[0];
}
else if (args.Parameters.Count == 2 && tPulse.Config.AllowRegisterAnyUsername)
{
user.Name = args.Parameters[0];
user.Password = args.Parameters[1];
}
else
{
args.Player.SendErrorMessage("Invalid syntax! Proper syntax: /register <password>");
return;
}
user.Group = tPulse.Config.DefaultRegistrationGroupName; // FIXME -- we should get this from the DB. --Why?
if (tPulse.Users.GetUserByName(user.Name) == null) // Cheap way of checking for existance of a user
{
args.Player.SendSuccessMessage("Account " + user.Name + " has been registered.");
args.Player.SendSuccessMessage("Your password is " + user.Password);
tPulse.Users.AddUser(user);
Log.ConsoleInfo(args.Player.Name + " registered an account: " + user.Name + ".");
}
else
{
args.Player.SendErrorMessage("Account " + user.Name + " has already been registered.");
Log.ConsoleInfo(args.Player.Name + " failed to register an existing account: " + user.Name);
}
}
catch (UserManagerException ex)
{
args.Player.SendErrorMessage("Sorry, an error occured: " + ex.Message + ".");
Log.ConsoleError("RegisterUser returned an error: " + ex);
}
}
private void ManageUsers(CommandArgs args)
{
// This guy needs to be here so that people don't get exceptions when they type /user
if (args.Parameters.Count < 1)
{
args.Player.SendErrorMessage("Invalid user syntax. Try /user help.");
return;
}
string subcmd = args.Parameters[0];
// Add requires a username:password pair/ip address and a group specified.
if (subcmd == "add")
{
var namepass = args.Parameters[1].Split(':');
var user = new User();
try
{
if (args.Parameters.Count > 2)
{
if (namepass.Length == 2)
{
user.Name = namepass[0];
user.Password = namepass[1];
user.Group = args.Parameters[2];
}
else if (namepass.Length == 1)
{
user.Address = namepass[0];
user.Group = args.Parameters[2];
user.Name = user.Address;
}
if (!string.IsNullOrEmpty(user.Address))
{
args.Player.SendSuccessMessage("IP address admin added. If they're logged in, tell them to rejoin.");
args.Player.SendSuccessMessage("WARNING: This is insecure! It would be better to use a user account instead.");
tPulse.Users.AddUser(user);
Log.ConsoleInfo(args.Player.Name + " added IP " + user.Address + " to group " + user.Group);
}
else
{
args.Player.SendSuccessMessage("Account " + user.Name + " has been added to group " + user.Group + "!");
tPulse.Users.AddUser(user);
Log.ConsoleInfo(args.Player.Name + " added Account " + user.Name + " to group " + user.Group);
}
}
else
{
args.Player.SendErrorMessage("Invalid syntax. Try /user help.");
}
}
catch (UserManagerException ex)
{
args.Player.SendErrorMessage(ex.Message);
Log.ConsoleError(ex.ToString());
}
}
// User deletion requires a username
else if (subcmd == "del" && args.Parameters.Count == 2)
{
var user = new User();
if (args.Parameters[1].Split('.').Count() ==4)
// changed to support dot character in usernames
// if (args.Parameters[1].Contains("."))
user.Address = args.Parameters[1];
else
user.Name = args.Parameters[1];
try
{
tPulse.Users.RemoveUser(user);
args.Player.SendSuccessMessage("Account removed successfully.");
Log.ConsoleInfo(args.Player.Name + " successfully deleted account: " + args.Parameters[1] + ".");
}
catch (UserManagerException ex)
{
args.Player.SendMessage(ex.Message, Color.Red);
Log.ConsoleError(ex.ToString());
}
}
// Password changing requires a username, and a new password to set
else if (subcmd == "password")
{
var user = new User();
user.Name = args.Parameters[1];
try
{
if (args.Parameters.Count == 3)
{
args.Player.SendSuccessMessage("Password change succeeded for " + user.Name + ".");
tPulse.Users.SetUserPassword(user, args.Parameters[2]);
Log.ConsoleInfo(args.Player.Name + " changed the password of account " + user.Name);
}
else
{
args.Player.SendErrorMessage("Invalid user password syntax. Try /user help.");
}
}
catch (UserManagerException ex)
{
args.Player.SendErrorMessage(ex.Message);
Log.ConsoleError(ex.ToString());
}
}
// Group changing requires a username or IP address, and a new group to set
else if (subcmd == "group")
{
var user = new User();
if (args.Parameters[1].Split('.').Count()==4)
//changed to support dot character in usernames
//if (args.Parameters[1].Contains("."))
user.Address = args.Parameters[1];
else
user.Name = args.Parameters[1];
try
{
if (args.Parameters.Count == 3)
{
if (!string.IsNullOrEmpty(user.Address))
{
args.Player.SendSuccessMessage("IP address " + user.Address + " has been changed to group " + args.Parameters[2] + "!");
tPulse.Users.SetUserGroup(user, args.Parameters[2]);
Log.ConsoleInfo(args.Player.Name + " changed IP address " + user.Address + " to group " + args.Parameters[2] + ".");
}
else
{
args.Player.SendSuccessMessage("Account " + user.Name + " has been changed to group " + args.Parameters[2] + "!");
tPulse.Users.SetUserGroup(user, args.Parameters[2]);
Log.ConsoleInfo(args.Player.Name + " changed account " + user.Name + " to group " + args.Parameters[2] + ".");
}
}
else
{
args.Player.SendErrorMessage("Invalid user group syntax. Try /user help.");
}
}
catch (UserManagerException ex)
{
args.Player.SendMessage(ex.Message, Color.Green);
Log.ConsoleError(ex.ToString());
}
}
else if (subcmd == "help")
{
args.Player.SendInfoMessage("Use command help:");
args.Player.SendInfoMessage("/user add username:password group -- Adds a specified user");
args.Player.SendInfoMessage("/user del username -- Removes a specified user");
args.Player.SendInfoMessage("/user password username newpassword -- Changes a user's password");
args.Player.SendInfoMessage("/user group username newgroup -- Changes a user's group");
}
else
{
args.Player.SendErrorMessage("Invalid user syntax. Try /user help.");
}
}
private FriendList GetListOrCreate(User u)
{
FriendList fl = FriendsList[u.ID];
if (fl == null)
{
fl = new FriendList(new FUser(u));
FriendsList.Add(fl);
}
return fl;
}