You've already forked Arcturus-Morningstar-Extended
mirror of
https://github.com/duckietm/Arcturus-Morningstar-Extended.git
synced 2026-06-19 15:06:19 +00:00
simoleo89
525c124fa5
Closes out the users-domain HK actions. * Incoming 9107 HousekeepingSetUserRankEvent — (userId, rankId). Validates the rank exists in `permission_ranks`, UPDATEs users.rank, and if the target is online rebinds their HabboInfo to the fresh Rank object and ships a UserPermissionsComposer so server-side hasPermission() and the client's useHasPermission(key) consumers re-render against the new permissions without a relog. * Incoming 9108 HousekeepingTradeLockUserEvent — (userId, hours, reason). Writes `users_settings.trade_locked_until = now + hours*3600` so the lock survives logout/login. Online targets also get their in-memory HabboStats.allowTrade cleared and an optional alert. * Incoming 9109 HousekeepingResetUserPasswordEvent — (userId). Generates a 12-char alphanumeric (SecureRandom over a curated ambiguity-free alphabet), writes its SHA-256 hex to users.password (the column is varchar(64) — already sized for SHA-256 hex) and blanks auth_ticket so any live SSO ticket can't bypass the reset. Plaintext is returned to the operator in the action-result message — they relay it out-of-band. If your CMS uses a hash other than SHA-256, swap the MessageDigest.getInstance constant. `mvn compile` clean.