diff --git a/docs/commands.md b/docs/commands.md
index 2e5743f0..7e4bd7ed 100644
--- a/docs/commands.md
+++ b/docs/commands.md
@@ -1,5 +1,5 @@
-
+
## AuthMe Commands
You can use the following commands to use the features of AuthMe. Mandatory arguments are marked with `< >`
@@ -47,13 +47,27 @@ brackets; optional arguments are enclosed in square brackets (`[ ]`).
- **/authme reload**: Reload the AuthMeReloaded plugin.
Requires `authme.admin.reload`
- **/authme version**: Show detailed information about the installed AuthMeReloaded version, the developers, contributors, and license.
-- **/authme converter** <job>: Converter command for AuthMeReloaded.
+- **/authme converter** [job]: Converter command for AuthMeReloaded.
Requires `authme.admin.converter`
- **/authme messages**: Adds missing messages to the current messages file.
Requires `authme.admin.updatemessages`
- **/authme debug** [child] [arg] [arg]: Allows various operations for debugging.
Requires `authme.debug.command`
- **/authme help** [query]: View detailed help for /authme commands.
+- **/email**: The AuthMeReloaded email command base.
+- **/email show**: Show your current email address.
+
Requires `authme.player.email.see`
+- **/email add** <email> <verifyEmail>: Add a new email address to your account.
+
Requires `authme.player.email.add`
+- **/email change** <oldEmail> <newEmail>: Change an email address of your account.
+
Requires `authme.player.email.change`
+- **/email recover** <email>: Recover your account using an Email address by sending a mail containing a new password.
+
Requires `authme.player.email.recover`
+- **/email code** <code>: Recover your account by submitting a code delivered to your email.
+
Requires `authme.player.email.recover`
+- **/email setpassword** <password>: Set a new password after successfully recovering your account.
+
Requires `authme.player.email.recover`
+- **/email help** [query]: View detailed help for /email commands.
- **/login** <password>: Command to log in using AuthMeReloaded.
Requires `authme.player.login`
- **/login help** [query]: View detailed help for /login commands.
@@ -69,19 +83,6 @@ brackets; optional arguments are enclosed in square brackets (`[ ]`).
- **/changepassword** <oldPassword> <newPassword>: Command to change your password using AuthMeReloaded.
Requires `authme.player.changepassword`
- **/changepassword help** [query]: View detailed help for /changepassword commands.
-- **/email**: The AuthMeReloaded email command base.
-- **/email show**: Show your current email address.
-- **/email add** <email> <verifyEmail>: Add a new email address to your account.
-
Requires `authme.player.email.add`
-- **/email change** <oldEmail> <newEmail>: Change an email address of your account.
-
Requires `authme.player.email.change`
-- **/email recover** <email>: Recover your account using an Email address by sending a mail containing a new password.
-
Requires `authme.player.email.recover`
-- **/email code** <code>: Recover your account by submitting a code delivered to your email.
-
Requires `authme.player.email.recover`
-- **/email setpassword** <password>: Set a new password after successfully recovering your account.
-
Requires `authme.player.email.recover`
-- **/email help** [query]: View detailed help for /email commands.
- **/captcha** <captcha>: Captcha command for AuthMeReloaded.
Requires `authme.player.captcha`
- **/captcha help** [query]: View detailed help for /captcha commands.
@@ -89,4 +90,4 @@ brackets; optional arguments are enclosed in square brackets (`[ ]`).
---
-This page was automatically generated on the [AuthMe/AuthMeReloaded repository](https://github.com/AuthMe/AuthMeReloaded/tree/master/docs/) on Sat Apr 29 18:27:38 CEST 2017
+This page was automatically generated on the [AuthMe/AuthMeReloaded repository](https://github.com/AuthMe/AuthMeReloaded/tree/master/docs/) on Fri Aug 11 04:37:25 CEST 2017
diff --git a/docs/config.md b/docs/config.md
index 47744c22..3f53b5db 100644
--- a/docs/config.md
+++ b/docs/config.md
@@ -1,5 +1,5 @@
-
+
## AuthMe Configuration
The first time you run AuthMe it will create a config.yml file in the plugins/AuthMe folder,
@@ -457,6 +457,12 @@ Security:
# Seconds a user has to wait for before a password recovery mail may be sent again
# This prevents an attacker from abusing AuthMe's email feature.
cooldown: 60
+ privacy:
+ # The maill shown using /email show will be partially hidden
+ # E.g. (if enabled)
+ # original email: my.email@example.com
+ # hidden email: my.***@***mple.com
+ enableEmailMasking: false
# Before a user logs in, various properties are temporarily removed from the player,
# such as OP status, ability to fly, and walk/fly speed.
# Once the user is logged in, we add back the properties we previously saved.
@@ -534,4 +540,4 @@ To change settings on a running server, save your changes to config.yml and use
---
-This page was automatically generated on the [AuthMe/AuthMeReloaded repository](https://github.com/AuthMe/AuthMeReloaded/tree/master/docs/) on Sat Jul 15 19:32:28 CEST 2017
+This page was automatically generated on the [AuthMe/AuthMeReloaded repository](https://github.com/AuthMe/AuthMeReloaded/tree/master/docs/) on Sat Aug 12 13:49:42 CEST 2017
diff --git a/docs/permission_nodes.md b/docs/permission_nodes.md
index 5a537e9f..9322ea50 100644
--- a/docs/permission_nodes.md
+++ b/docs/permission_nodes.md
@@ -1,5 +1,5 @@
-
+
## AuthMe Permission Nodes
The following are the permission nodes that are currently supported by the latest dev builds.
@@ -51,6 +51,7 @@ The following are the permission nodes that are currently supported by the lates
- **authme.player.email.add** – Command permission to add an email address.
- **authme.player.email.change** – Command permission to change the email address.
- **authme.player.email.recover** – Command permission to recover an account using its email address.
+- **authme.player.email.see** – Command permission to see the own email address.
- **authme.player.login** – Command permission to login.
- **authme.player.logout** – Command permission to logout.
- **authme.player.register** – Command permission to register.
@@ -61,4 +62,4 @@ The following are the permission nodes that are currently supported by the lates
---
-This page was automatically generated on the [AuthMe/AuthMeReloaded repository](https://github.com/AuthMe/AuthMeReloaded/tree/master/docs/) on Sat Apr 29 18:27:41 CEST 2017
+This page was automatically generated on the [AuthMe/AuthMeReloaded repository](https://github.com/AuthMe/AuthMeReloaded/tree/master/docs/) on Sat Aug 12 13:42:15 CEST 2017
diff --git a/src/main/java/fr/xephi/authme/command/CommandInitializer.java b/src/main/java/fr/xephi/authme/command/CommandInitializer.java
index 948582fe..d5a1e1ca 100644
--- a/src/main/java/fr/xephi/authme/command/CommandInitializer.java
+++ b/src/main/java/fr/xephi/authme/command/CommandInitializer.java
@@ -456,6 +456,7 @@ public class CommandInitializer {
.labels("show", "myemail")
.description("Show Email")
.detailedDescription("Show your current email address.")
+ .permission(PlayerPermission.SEE_EMAIL)
.executableCommand(ShowEmailCommand.class)
.register();
diff --git a/src/main/java/fr/xephi/authme/command/executable/email/ShowEmailCommand.java b/src/main/java/fr/xephi/authme/command/executable/email/ShowEmailCommand.java
index 64ddad11..f09321e6 100644
--- a/src/main/java/fr/xephi/authme/command/executable/email/ShowEmailCommand.java
+++ b/src/main/java/fr/xephi/authme/command/executable/email/ShowEmailCommand.java
@@ -5,6 +5,7 @@ import fr.xephi.authme.data.auth.PlayerAuth;
import fr.xephi.authme.data.auth.PlayerCache;
import fr.xephi.authme.message.MessageKey;
import fr.xephi.authme.service.CommonService;
+import fr.xephi.authme.settings.properties.SecuritySettings;
import fr.xephi.authme.util.Utils;
import org.bukkit.entity.Player;
@@ -26,9 +27,22 @@ public class ShowEmailCommand extends PlayerCommand {
public void runCommand(Player player, List arguments) {
PlayerAuth auth = playerCache.getAuth(player.getName());
if (auth != null && !Utils.isEmailEmpty(auth.getEmail())) {
- commonService.send(player, MessageKey.EMAIL_SHOW, auth.getEmail());
+ if(commonService.getProperty(SecuritySettings.USE_EMAIL_MASKING)){
+ commonService.send(player, MessageKey.EMAIL_SHOW, emailMask(auth.getEmail()));
+ } else {
+ commonService.send(player, MessageKey.EMAIL_SHOW, auth.getEmail());
+ }
} else {
commonService.send(player, MessageKey.SHOW_NO_EMAIL);
}
}
+
+ private String emailMask(String email){
+ String[] frag = email.split("@"); //Split id and domain
+ int sid = frag[0].length() / 3 + 1; //Define the id view (required length >= 1)
+ int sdomain = frag[1].length() / 3; //Define the domain view (required length >= 0)
+ String id = frag[0].substring(0, sid) + "***"; //Build the id
+ String domain = "***" + frag[1].substring(sdomain); //Build the domain
+ return id + "@" + domain;
+ }
}
diff --git a/src/main/java/fr/xephi/authme/permission/PlayerPermission.java b/src/main/java/fr/xephi/authme/permission/PlayerPermission.java
index a42c9c9c..5b3fcb56 100644
--- a/src/main/java/fr/xephi/authme/permission/PlayerPermission.java
+++ b/src/main/java/fr/xephi/authme/permission/PlayerPermission.java
@@ -30,6 +30,11 @@ public enum PlayerPermission implements PermissionNode {
*/
CHANGE_PASSWORD("authme.player.changepassword"),
+ /**
+ * Command permission to see the own email address.
+ */
+ SEE_EMAIL("authme.player.email.see"),
+
/**
* Command permission to add an email address.
*/
diff --git a/src/main/java/fr/xephi/authme/settings/properties/SecuritySettings.java b/src/main/java/fr/xephi/authme/settings/properties/SecuritySettings.java
index 22ac1660..b6786a97 100644
--- a/src/main/java/fr/xephi/authme/settings/properties/SecuritySettings.java
+++ b/src/main/java/fr/xephi/authme/settings/properties/SecuritySettings.java
@@ -132,6 +132,15 @@ public final class SecuritySettings implements SettingsHolder {
public static final Property EMAIL_RECOVERY_COOLDOWN_SECONDS =
newProperty("Security.emailRecovery.cooldown", 60);
+ @Comment({
+ "The maill shown using /email show will be partially hidden",
+ "E.g. (if enabled)",
+ " original email: my.email@example.com",
+ " hidden email: my.***@***mple.com"
+ })
+ public static final Property USE_EMAIL_MASKING =
+ newProperty("Security.privacy.enableEmailMasking", false);
+
private SecuritySettings() {
}
diff --git a/src/main/resources/plugin.yml b/src/main/resources/plugin.yml
index 9822005f..05f718c3 100644
--- a/src/main/resources/plugin.yml
+++ b/src/main/resources/plugin.yml
@@ -18,6 +18,9 @@ commands:
authme:
description: AuthMe op commands
usage: /authme register|unregister|forcelogin|password|lastlogin|accounts|email|setemail|getip|spawn|setspawn|firstspawn|setfirstspawn|purge|purgeplayer|backup|resetpos|purgebannedplayers|switchantibot|reload|version|converter|messages|debug
+ email:
+ description: Add email or recover password
+ usage: /email show|add|change|recover|code|setpassword
login:
description: Login command
usage: /login
@@ -43,9 +46,6 @@ commands:
aliases:
- changepass
- cp
- email:
- description: Add email or recover password
- usage: /email show|add|change|recover|code|setpassword
captcha:
description: Captcha Command
usage: /captcha
@@ -213,6 +213,7 @@ permissions:
authme.player.email.add: true
authme.player.email.change: true
authme.player.email.recover: true
+ authme.player.email.see: true
authme.player.login: true
authme.player.logout: true
authme.player.register: true
@@ -233,6 +234,7 @@ permissions:
authme.player.email.add: true
authme.player.email.change: true
authme.player.email.recover: true
+ authme.player.email.see: true
authme.player.email.add:
description: Command permission to add an email address.
default: true
@@ -242,6 +244,9 @@ permissions:
authme.player.email.recover:
description: Command permission to recover an account using its email address.
default: true
+ authme.player.email.see:
+ description: Command permission to see the own email address.
+ default: true
authme.player.login:
description: Command permission to login.
default: true
@@ -258,5 +263,6 @@ permissions:
description: Command permission to unregister.
default: true
authme.vip:
- description: When the server is full and someone with this permission joins the server, someone will be kicked.
+ description: When the server is full and someone with this permission joins the
+ server, someone will be kicked.
default: op
diff --git a/src/test/java/fr/xephi/authme/command/executable/email/ShowEmailCommandTest.java b/src/test/java/fr/xephi/authme/command/executable/email/ShowEmailCommandTest.java
index 2825728a..36e106ed 100644
--- a/src/test/java/fr/xephi/authme/command/executable/email/ShowEmailCommandTest.java
+++ b/src/test/java/fr/xephi/authme/command/executable/email/ShowEmailCommandTest.java
@@ -4,6 +4,7 @@ import fr.xephi.authme.data.auth.PlayerAuth;
import fr.xephi.authme.data.auth.PlayerCache;
import fr.xephi.authme.message.MessageKey;
import fr.xephi.authme.service.CommonService;
+import fr.xephi.authme.settings.properties.SecuritySettings;
import org.bukkit.entity.Player;
import org.junit.Test;
import org.junit.runner.RunWith;
@@ -30,7 +31,7 @@ public class ShowEmailCommandTest {
private ShowEmailCommand command;
@Mock
- private CommonService commandService;
+ private CommonService commonService;
@Mock
private PlayerCache playerCache;
@@ -41,12 +42,28 @@ public class ShowEmailCommandTest {
Player sender = mock(Player.class);
given(sender.getName()).willReturn(USERNAME);
given(playerCache.getAuth(USERNAME)).willReturn(newAuthWithEmail(CURRENT_EMAIL));
+ given(commonService.getProperty(SecuritySettings.USE_EMAIL_MASKING)).willReturn(false);
// when
command.executeCommand(sender, Collections.emptyList());
// then
- verify(commandService).send(sender, MessageKey.EMAIL_SHOW, CURRENT_EMAIL);
+ verify(commonService).send(sender, MessageKey.EMAIL_SHOW, CURRENT_EMAIL);
+ }
+
+ @Test
+ public void shouldShowHiddenEmailMessage() {
+ // given
+ Player sender = mock(Player.class);
+ given(sender.getName()).willReturn(USERNAME);
+ given(playerCache.getAuth(USERNAME)).willReturn(newAuthWithEmail(CURRENT_EMAIL));
+ given(commonService.getProperty(SecuritySettings.USE_EMAIL_MASKING)).willReturn(true);
+
+ // when
+ command.executeCommand(sender, Collections.emptyList());
+
+ // then
+ verify(commonService).send(sender, MessageKey.EMAIL_SHOW, "my.***@***mple.com");
}
@Test
@@ -60,7 +77,7 @@ public class ShowEmailCommandTest {
command.executeCommand(sender, Collections.emptyList());
// then
- verify(commandService).send(sender, MessageKey.SHOW_NO_EMAIL);
+ verify(commonService).send(sender, MessageKey.SHOW_NO_EMAIL);
}
private static PlayerAuth newAuthWithEmail(String email) {