duckietm/Arcturus-Morningstar-Extended
1
0
Fork 0
mirror of https://github.com/duckietm/Arcturus-Morningstar-Extended.git synced 2026-06-20 07:26:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(modtool): bound staff supplied messages

Browse Source
This commit is contained in:
simoleo89
2026-06-15 19:54:34 +02:00
parent 36a06647f0
commit 8ba9132e7e
11 changed files with 115 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Emulator/src/test/java/com/eu/habbo/messages/incoming/modtool/ModToolInputGuardTest.java
+23
View File
@@ -0,0 +1,23 @@
package com.eu.habbo.messages.incoming.modtool;
import org.junit.jupiter.api.Test;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertTrue;
class ModToolInputGuardTest {
@Test
void normalizesNullableMessages() {
assertEquals("", ModToolInputGuard.normalize(null));
assertEquals("warn", ModToolInputGuard.normalize(" warn "));
}
@Test
void staffMessagesMustBeNonEmptyAndBounded() {
assertFalse(ModToolInputGuard.isSafeMessage(null));
assertFalse(ModToolInputGuard.isSafeMessage(""));
assertTrue(ModToolInputGuard.isSafeMessage("a".repeat(ModToolInputGuard.MAX_MESSAGE_LENGTH)));
assertFalse(ModToolInputGuard.isSafeMessage("a".repeat(ModToolInputGuard.MAX_MESSAGE_LENGTH + 1)));
}
}
Emulator/src/test/java/com/eu/habbo/messages/incoming/modtool/ModToolPermissionContractTest.java
+23
View File
@@ -86,4 +86,27 @@ class ModToolPermissionContractTest {
assertTrue(defaultSanction.contains("if (issue == null)"),
"default sanctions must tolerate stale or missing ticket ids");
}
@Test
void staffSuppliedModToolMessagesAreBounded() throws Exception {
Path base = Path.of("src/main/java/com/eu/habbo/messages/incoming/modtool");
for (String handler : List.of(
"ModToolAlertEvent.java",
"ModToolWarnEvent.java",
"ModToolKickEvent.java",
"ModToolRoomAlertEvent.java",
"ModToolSanctionAlertEvent.java",
"ModToolSanctionBanEvent.java",
"ModToolSanctionMuteEvent.java",
"ModToolSanctionTradeLockEvent.java"
)) {
String source = Files.readString(base.resolve(handler));
assertTrue(source.contains("ModToolInputGuard.normalize"),
handler + " must normalize staff-supplied text before use");
assertTrue(source.contains("ModToolInputGuard.isSafeMessage"),
handler + " must reject empty or oversized staff-supplied text");
}
}
}