duckietm/Arcturus-Morningstar-Extended
1
0
Fork 0
mirror of https://github.com/duckietm/Arcturus-Morningstar-Extended.git synced 2026-06-20 07:26:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #213 from simoleo89/fix/room-user-safety

Browse Source 
Guard room user moderation packets
This commit is contained in:
DuckieTM
2026-06-15 22:18:09 +02:00
committed by GitHub
parent 9c3d887447 827b130ccc
commit 416d0bb088
4 changed files with 99 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Emulator/src/test/java/com/eu/habbo/messages/incoming/rooms/users/RoomUserMuteGuardContractTest.java
+39
View File
@@ -0,0 +1,39 @@
package com.eu.habbo.messages.incoming.rooms.users;
import org.junit.jupiter.api.Test;
import java.nio.file.Files;
import java.nio.file.Path;
import static org.junit.jupiter.api.Assertions.assertTrue;
class RoomUserMuteGuardContractTest {
private static String source() throws Exception {
return Files.readString(Path.of("src/main/java/com/eu/habbo/messages/incoming/rooms/users/RoomUserMuteEvent.java"));
}
@Test
void muteDurationIsBoundedBeforeApplyingMute() throws Exception {
String source = source();
int targetLookup = source.indexOf("Habbo habbo = room.getHabbo(userId)");
int durationGuard = source.indexOf("minutes < MIN_MUTE_MINUTES || minutes > MAX_MUTE_MINUTES", targetLookup);
int muteCall = source.indexOf("room.muteHabbo(habbo, minutes)", targetLookup);
assertTrue(targetLookup > -1, "Mute handler must resolve the room target");
assertTrue(durationGuard > targetLookup, "Mute handler must bound client-provided minutes");
assertTrue(durationGuard < muteCall, "Mute duration must be validated before mutating room state");
}
@Test
void unkickableTargetsCannotBeMutedThroughRoomPacket() throws Exception {
String source = source();
int unkickableGuard = source.indexOf("habbo.hasPermission(Permission.ACC_UNKICKABLE)");
int muteCall = source.indexOf("room.muteHabbo(habbo, minutes)");
assertTrue(unkickableGuard > -1, "Room mute must respect ACC_UNKICKABLE like kick and ban");
assertTrue(unkickableGuard < muteCall, "Unkickable targets must be rejected before muting");
}
}
Emulator/src/test/java/com/eu/habbo/messages/incoming/rooms/users/RoomUserSignGuardContractTest.java
+41
View File
@@ -0,0 +1,41 @@
package com.eu.habbo.messages.incoming.rooms.users;
import org.junit.jupiter.api.Test;
import java.nio.file.Files;
import java.nio.file.Path;
import static org.junit.jupiter.api.Assertions.assertTrue;
class RoomUserSignGuardContractTest {
private static String source() throws Exception {
return Files.readString(Path.of("src/main/java/com/eu/habbo/messages/incoming/rooms/users/RoomUserSignEvent.java"));
}
@Test
void signIdIsValidatedBeforeRoomStateAndWiredTriggers() throws Exception {
String source = source();
int signRead = source.indexOf("int signId = this.packet.readInt()");
int guard = source.indexOf("signId < MIN_SIGN_ID || signId > MAX_SIGN_ID", signRead);
int status = source.indexOf("setStatus(RoomUnitStatus.SIGN", signRead);
int wired = source.indexOf("WiredManager.triggerUserPerformsAction", signRead);
assertTrue(signRead > -1, "Sign handler must read the client-provided sign id");
assertTrue(guard > signRead, "Sign handler must reject out-of-range sign ids");
assertTrue(guard < status, "Sign id must be validated before status mutation");
assertTrue(guard < wired, "Sign id must be validated before wired triggers");
}
@Test
void voteCountersOnlyReceiveValidatedSigns() throws Exception {
String source = source();
int guard = source.indexOf("signId < MIN_SIGN_ID || signId > MAX_SIGN_ID");
int vote = source.indexOf(".vote(room, userId, signId)");
assertTrue(guard > -1, "Sign id range guard must exist");
assertTrue(vote > guard, "Vote counters must only receive signs after the range guard");
}
}