This fixes a bug with a bad actor getting banned with a blank client UUID and then preventing anyone from joining the server due to a lack of UUID on the Connect Request ban check.
Added an exception `UserGroupUpdateLockedException`, which appears when a hook locks a group change.
Added an overload for `UserManager.SetUserGroup`, with the `TSPlayer` parameter (author)
The `GroupManager` constructor ensures the structure of the `GroupList`
table, and if the table is newly-created, then some initial data is
seeded.
We previously used the names `default` to represent the group that
accounts are defaultly registered to, and `guest` to represent players
that have not logged in yet. We now instead refer to the group names
specified by the config (`DefaultRegistrationGroupName` and
`DefaultGuestGroupName` respectively)
We needed to modify `NetItem` to know that these new inventory now
exist.
`PlayerData` can now re/store these items, and properly sync them. It
also now knows of the player's currently selected index, and how to sync
it.
The old system for hashing passwords and permitting users to select
their algorithm has been deprecated and phased out since 2015. This
removes the remaining functions for hashing passwords to clear the way
for .NET5/6 and for OTAPI 3.
In 211b70ca37, I allowed blank passwords
to upgrade to bcrypt hashes. However, the minimum password length has
been 4 historically for a long time. So I don't actually assume a lot of
users have blank passwords, so I think there are very few, if any of the
old hashes laying around.
So therefore, I think this is pretty much safe to merge.
Previously, blank passwords were not upgraded to bcrypt hashes. This is
annoying and problematic because it makes it difficult to remove the old
password hashing system because those passwords might still be checked
against non-bcrypt hashes.
- GroupManager now validates core groups in the constructor.
- EnsureCoreGroupsPresent -> AssertCoreGroupsPresent.
- Fix indentiation in some places.
- Clarify the intent of this PR in CHANGELOG.md.
- Server will no longer start up when the guest or default groups cannot
be located.
- Players joining with unknown groups assigned to them will be
disconnected with an error
The default guest group is critical and shouldn't be removed without
either TShock doing something like automatically recreating it if it
doesn't exist, or not having a huge problem if it doesn't exist.
I chose to take the easiest path, preventing users from removing it. In
theory the message gives enough context to imply "okay, go change the
group now."
This should be a relatively small edge case but I wanted to resolve it
while I was here.
UsingBiomeTorches: Whether or not the player has the torchgod biometorches ability enabled
HappyFunTorchTime: Whether or not the player has fought the torchgod before (for logic that checks for torchgod spawning)
unlockedBiomeTorches: Whether or not the player has the torchgod biome torches ability unlocked
If a player has the tshock.ignore.ssc permission, odds are that they may
want to know that their data isn't being saved or not. This change
allows users to be notified if they have SSC data stored in the DB but
they aren't having it loaded due to the aforementioned permission.
This permission causes great confusion, but we can't really change it
because we would break existing setups. This is an easy change that
gives people a reason why they suddenly "have no items."
This new option can be turned off in the config file for SSC if it's not
desired.
This change also modifies some of the log messages so that it's clear
why the SSC save didn't occur for a given player.
DeathCradle spotted a typo in the ban converter and identified that the
issue is likely because we used table_name in some, but not all, of the
conversion SQL.
Co-authored-by: DeathCradle <rt.luke.s@gmail.com>
Add new journey mode research perm and move all existing journey perms from owner to trustedadmin. Also added pylon tp to default and added /spawn perm to admin.
I know, this is not something important, but I'm going through the new packets one by one and adding events developers can work with, patching exploits, and thought this could be a core permission.
Run /sync if your doors disappear. This will resync your local client
with the server state. For more information, please see the associated
changelog entry.
