fix(housekeeping): bound staff supplied text

Emulator/src/test/java/com/eu/habbo/messages/incoming/housekeeping/HousekeepingInputGuardContractTest.java

@@ -0,0 +1,53 @@
+package com.eu.habbo.messages.incoming.housekeeping;
+
+import org.junit.jupiter.api.Test;
+
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.util.List;
+
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+class HousekeepingInputGuardContractTest {
+    @Test
+    void stringDrivenHousekeepingHandlersUseSharedLimits() throws Exception {
+        Path base = Path.of("src/main/java/com/eu/habbo/messages/incoming/housekeeping");
+
+        for (String handler : List.of(
+                "HousekeepingBanUserEvent.java",
+                "HousekeepingForceDisconnectUserEvent.java",
+                "HousekeepingKickUserEvent.java",
+                "HousekeepingMuteUserEvent.java",
+                "HousekeepingTradeLockUserEvent.java",
+                "HousekeepingSendHotelAlertEvent.java",
+                "HousekeepingSearchRoomsEvent.java",
+                "HousekeepingFindUserByNameEvent.java"
+        )) {
+            String source = Files.readString(base.resolve(handler));
+
+            assertTrue(source.contains("HousekeepingInputGuard.normalize"),
+                    handler + " must normalize client-provided strings before use");
+            assertTrue(source.contains("HousekeepingInputGuard.isWithinLimit"),
+                    handler + " must bound client-provided strings before expensive work or broadcast");
+        }
+    }
+
+    @Test
+    void auditedFreeTextIsSanitizedBeforePersistence() throws Exception {
+        Path base = Path.of("src/main/java/com/eu/habbo/messages/incoming/housekeeping");
+
+        for (String handler : List.of(
+                "HousekeepingBanUserEvent.java",
+                "HousekeepingForceDisconnectUserEvent.java",
+                "HousekeepingKickUserEvent.java",
+                "HousekeepingMuteUserEvent.java",
+                "HousekeepingTradeLockUserEvent.java",
+                "HousekeepingSendHotelAlertEvent.java"
+        )) {
+            String source = Files.readString(base.resolve(handler));
+
+            assertTrue(source.contains("HousekeepingInputGuard.auditValue"),
+                    handler + " must collapse control whitespace before writing free text to audit detail");
+        }
+    }
+}

Emulator/src/test/java/com/eu/habbo/messages/incoming/housekeeping/HousekeepingInputGuardTest.java

@@ -0,0 +1,32 @@
+package com.eu.habbo.messages.incoming.housekeeping;
+
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+class HousekeepingInputGuardTest {
+    @Test
+    void normalizesNullableText() {
+        assertEquals("", HousekeepingInputGuard.normalize(null));
+        assertEquals("hello", HousekeepingInputGuard.normalize("  hello  "));
+    }
+
+    @Test
+    void enforcesInclusiveLengthLimits() {
+        assertTrue(HousekeepingInputGuard.isWithinLimit("abc", 3));
+        assertFalse(HousekeepingInputGuard.isWithinLimit("abcd", 3));
+        assertFalse(HousekeepingInputGuard.isWithinLimit(null, 3));
+    }
+
+    @Test
+    void auditValuesCollapseControlWhitespaceAndCapLength() {
+        String value = HousekeepingInputGuard.auditValue(" one\r\ntwo\tthree ");
+
+        assertEquals("one  two three", value);
+
+        String oversized = "x".repeat(HousekeepingInputGuard.MAX_REASON_LENGTH + 1);
+        assertEquals(HousekeepingInputGuard.MAX_REASON_LENGTH, HousekeepingInputGuard.auditValue(oversized).length());
+    }
+}