public void onTimeoutExpire(User user, Server server) { String serverId = server.getId(); TempServerConfig serverConfig = serverStorage.get(serverId); if (serverConfig == null) { serverConfig = new TempServerConfig(serverId); serverStorage.put(serverId, serverConfig); } ServerTimeoutStorage storage = serverConfig.getServerTimeouts(); if (storage != null) { ServerTimeout timeout = storage.getTimeouts().remove(user.getId()); if (timeout != null) { saveServerConfig(serverConfig); LOGGER.info( "Expiring timeout for {} ({}) in {} ({})", user.getUsername(), user.getId(), server.getName(), server.getId()); if (apiClient.getUserById(user.getId(), server) != NO_USER) { apiClient.sendMessage( loc.localize("message.mod.timeout.expire", user.getId()), server.getId()); } removeTimeoutRole(user, server, apiClient.getChannelById(server.getId())); return; } } LOGGER.warn( "Unable to expire: find server or timeout entry for {} ({}) in {} ({})", user.getUsername(), user.getId(), server.getName(), server.getId()); }
private void refreshTimeoutOnEvade(User user, Server server) { ServerTimeout timeout = SafeNav.of(serverStorage.get(server.getId())) .next(TempServerConfig::getServerTimeouts) .next(ServerTimeoutStorage::getTimeouts) .next(timeouts -> timeouts.get(user.getId())) .get(); if (timeout == null) { LOGGER.warn( "Attempted to refresh a timeout on a user who was not timed out! {} ({})", user.getUsername(), user.getId()); return; } LOGGER.info( "User {} ({}) attempted to evade a timeout on {} ({})!", user.getUsername(), user.getId(), server.getName(), server.getId()); Channel channel = apiClient.getChannelById(server.getId(), server); apiClient.sendMessage( loc.localize( "listener.mod.timeout.on_evasion", user.getId(), formatDuration(Duration.between(Instant.now(), timeout.getEndTime())), formatInstant(timeout.getEndTime())), channel); applyTimeoutRole(user, server, channel); }
private void stopTimeout(MessageContext context, String args) { if (args.isEmpty()) { apiClient.sendMessage( loc.localize("commands.mod.stoptimeout.response.invalid"), context.getChannel()); return; } String uid = args; if (uid.length() > 4) { if (uid.startsWith("<@")) { uid = uid.substring(2, uid.length() - 1); } Server server = context.getServer(); User user = apiClient.getUserById(uid, server); if (user == NO_USER) { user = new User("UNKNOWN", uid, "", null); } LOGGER.info( "{} ({}) is attempting to cancel timeout for {} ({}) in {} ({})", context.getAuthor().getUsername(), context.getAuthor().getId(), user.getUsername(), user.getId(), server.getName(), server.getId()); cancelTimeout(user, server, context.getChannel()); } else { apiClient.sendMessage( loc.localize("commands.mod.stoptimeout.response.invalid"), context.getChannel()); } }
public boolean applyTimeout( User issuingUser, Channel noticeChannel, Server server, User user, Duration duration) { String serverId = server.getId(); if (duration != null && !duration.isNegative() && !duration.isZero()) { ServerTimeout timeout = new ServerTimeout( duration, Instant.now(), user.getId(), serverId, user.getUsername(), issuingUser.getId()); TempServerConfig serverConfig = serverStorage.get(serverId); if (serverConfig == null) { serverConfig = new TempServerConfig(serverId); serverStorage.put(serverId, serverConfig); } ServerTimeoutStorage storage = serverConfig.getServerTimeouts(); if (storage == null) { storage = new ServerTimeoutStorage(); serverConfig.setServerTimeouts(storage); } if (applyTimeoutRole(user, server, noticeChannel)) { storage.getTimeouts().put(user.getId(), timeout); ScheduledFuture future = timeoutService.schedule( () -> onTimeoutExpire(user, server), duration.getSeconds(), TimeUnit.SECONDS); timeout.setTimerFuture(future); saveServerConfig(serverConfig); String durationStr = formatDuration(duration); String instantStr = formatInstant(timeout.getEndTime()); String msg = loc.localize( "commands.mod.timeout.response", user.getUsername(), user.getId(), durationStr, instantStr); apiClient.sendMessage(msg, noticeChannel); LOGGER.info( "[{}] '{}': Timing out {} ({}) for {} (until {}), issued by {} ({})", serverId, server.getName(), user.getUsername(), user.getId(), durationStr, instantStr, issuingUser.getUsername(), issuingUser.getId()); } // No else with error - applyTimeoutRole does that for us return true; } else { LOGGER.warn("Invalid duration format"); } return false; }
/** * Lancer par signal de NoPublicController quand le processus sshd est démarré dans les containers * serveur et git */ public Application updateEnv(Application application, User user) throws ServiceException { logger.info("--update Env of Server--"); String command = null; Map<String, String> configShellModule = new HashMap<>(); Map<String, String> configShellServer = new HashMap<>(); Module moduleGit = moduleService.findGitModule(user.getLogin(), application); Server server = application.getServers().get(0); String rootPassword = application.getUser().getPassword(); configShellModule.put("port", moduleGit.getSshPort()); configShellModule.put("dockerManagerAddress", moduleGit.getApplication().getManagerIp()); configShellModule.put("password", rootPassword); configShellModule.put("dockerManagerAddress", application.getManagerIp()); logger.info("new server ip : " + server.getContainerIP()); try { int counter = 0; while (!server.getStatus().equals(Status.START) || !moduleGit.getStatus().equals(Status.START)) { if (counter == 100) { break; } Thread.sleep(1000); logger.info(" wait git and server sshd processus start"); logger.info( "SSHDSTATUS = server : " + server.getStatus() + " - module : " + moduleGit.getStatus()); moduleGit = moduleService.findById(moduleGit.getId()); server = serverService.findById(server.getId()); counter++; } command = ". /cloudunit/scripts/update-env.sh " + server.getContainerIP(); logger.info("command shell to execute [" + command + "]"); shellUtils.executeShell(command, configShellModule); configShellServer.put("port", server.getSshPort()); configShellServer.put("dockerManagerAddress", server.getApplication().getManagerIp()); configShellServer.put("password", rootPassword); command = ". /cloudunit/scripts/rm-auth-keys.sh "; logger.info("command shell to execute [" + command + "]"); shellUtils.executeShell(command, configShellServer); String cleanCommand = server.getServerAction().cleanCommand(); if (cleanCommand != null) { shellUtils.executeShell(server.getServerAction().cleanCommand(), configShellServer); } } catch (Exception e) { moduleGit.setStatus(Status.FAIL); moduleGit = moduleService.saveInDB(moduleGit); server.setStatus(Status.FAIL); server = serverService.saveInDB(server); logger.error("Error : Error during update Env var of GIT " + e); throw new ServiceException(e.getLocalizedMessage(), e); } return application; }
public void cancelTimeout(User user, Server server, Channel invocationChannel) { String serverId = server.getId(); TempServerConfig serverConfig = serverStorage.get(serverId); if (serverConfig == null) { serverConfig = new TempServerConfig(serverId); serverStorage.put(serverId, serverConfig); } ServerTimeoutStorage storage = serverConfig.getServerTimeouts(); removeTimeoutRole(user, server, apiClient.getChannelById(serverId)); if (storage != null) { ServerTimeout timeout = storage.getTimeouts().remove(user.getId()); saveServerConfig(serverConfig); if (timeout != null) { SafeNav.of(timeout.getTimerFuture()).ifPresent(f -> f.cancel(true)); LOGGER.info( "Cancelling timeout for {} ({}) in {} ({})", user.getUsername(), user.getId(), server.getName(), serverId); apiClient.sendMessage( loc.localize("commands.mod.stoptimeout.response", user.getUsername(), user.getId()), invocationChannel); return; } } LOGGER.warn( "Unable to cancel: cannot find server or timeout entry for {} ({}) in {} ({})", user.getUsername(), user.getId(), server.getName(), server.getId()); apiClient.sendMessage( loc.localize( "commands.mod.stoptimeout.response.not_found", user.getUsername(), user.getId()), invocationChannel); }
/** * Removes the timeout role from the given user. This does NOT create or manage any * storage/persistence, it only sets the user's roles * * @param user The user to remove the timeout role * @param server The server on which to remove the user from the timeout role * @param invocationChannel The channel to send messages on error */ public boolean removeTimeoutRole(User user, Server server, Channel invocationChannel) { String serverId = server.getId(); TempServerConfig serverConfig = serverStorage.get(serverId); if (serverConfig == null) { serverConfig = new TempServerConfig(serverId); serverStorage.put(serverId, serverConfig); } ServerTimeoutStorage storage = serverConfig.getServerTimeouts(); String serverName = server.getName(); if (storage != null && storage.getTimeoutRoleId() != null) { String timeoutRoleId = storage.getTimeoutRoleId(); Role timeoutRole = apiClient.getRole(timeoutRoleId, server); if (timeoutRole != NO_ROLE) { // Get roles Set<Role> userRoles = apiClient.getMemberRoles(apiClient.getUserMember(user, server), server); // Delete the ban role LinkedHashSet<String> newRoles = new LinkedHashSet<>(userRoles.size() - 1); userRoles .stream() .map(Role::getId) .filter(s -> !timeoutRoleId.equals(s)) .forEach(newRoles::add); // Update apiClient.updateRoles(user, server, newRoles); return userRoles.size() == newRoles.size(); } else { LOGGER.warn( "Timeout role ID {} for server {} ({}) does not exist", timeoutRoleId, serverName, serverId); apiClient.sendMessage( loc.localize("message.mod.timeout.bad_role", timeoutRoleId), invocationChannel); } } else { storage = new ServerTimeoutStorage(); serverConfig.setServerTimeouts(storage); serverStorage.put(serverId, serverConfig); LOGGER.warn( "Timeout role for server {} ({}) is not configured", storage.getTimeoutRoleId(), serverName, serverId); apiClient.sendMessage(loc.localize("message.mod.timeout.not_configured"), invocationChannel); } return false; }
public boolean banChecked(Channel channel, User author, User user, Server server) { String userId = user.getId(); if (userId.equals(author.getId())) { apiClient.sendMessage("You cannot ban yourself", channel); return false; } if (userId.equals(apiClient.getClientUser().getId())) { apiClient.sendMessage("You cannot ban the bot", channel); return false; } if (bot.getCommands() .checkPermission( Permission.GEN_MANAGE_ROLES, apiClient.getUserMember(userId, server), server, apiClient)) { apiClient.sendMessage("You cannot ban an admin", channel); return false; } return banImpl(userId, server.getId()); }
public boolean doesTimeoutEntryExistForUser(User user, Server server) { return doesTimeoutEntryExistForUser(user.getId(), server.getId()); }
public boolean isUserTimedOut(User user, Server server) { return isUserTimedOut(user.getId(), server.getId()); }
private void timeout(MessageContext context, String args) { Channel channel = context.getChannel(); if (!args.isEmpty()) { String[] split = args.split(" ", 2); String uid = split[0]; if (uid.length() > 4) { if (uid.startsWith("<@!")) { uid = uid.substring(3, uid.length() - 1); } else if (uid.startsWith("<@")) { uid = uid.substring(2, uid.length() - 1); } if (!uid.matches("[0-9]+")) { apiClient.sendMessage(loc.localize("commands.mod.stoptimeout.response.not_id"), channel); return; } Server server = context.getServer(); String serverId = server.getId(); User user = apiClient.getUserById(uid, server); if (user == NO_USER) { user = new User("UNKNOWN", uid, "", null); } final User theUser = user; if (split.length == 2) { if (bot.getConfig().isAdmin(user.getId())) { apiClient.sendMessage( "```API error: Server returned HTTP: 403 Forbidden. Check bot " + "permissions```", channel); return; } Duration duration = parseDuration(split[1]); if (applyTimeout(context.getAuthor(), channel, server, user, duration)) { return; } } else if (split.length == 1) { if (isUserTimedOut(user, server)) { ServerTimeout timeout = SafeNav.of(serverStorage.get(serverId)) .next(TempServerConfig::getServerTimeouts) .next(ServerTimeoutStorage::getTimeouts) .next(m -> m.get(theUser.getId())) .get(); // Timeout cannot be null since we just checked User timeoutIssuer = apiClient.getUserById(timeout.getIssuedByUserId(), server); apiClient.sendMessage( loc.localize( "commands.mod.timeout.response.check", user.getUsername(), user.getId(), formatDuration(Duration.between(Instant.now(), timeout.getEndTime())), formatInstant(timeout.getEndTime()), timeoutIssuer.getUsername(), timeout.getIssuedByUserId()), channel); } else { apiClient.sendMessage( loc.localize( "commands.mod.timeout.response.check.not_found", user.getUsername(), user.getId()), channel); } return; } else { LOGGER.warn("Split length not 1 or 2, was {}: '{}'", split.length, args); } } else { LOGGER.warn("UID/mention not long enough: '{}'", args); } } else { LOGGER.warn("Args was empty"); } apiClient.sendMessage(loc.localize("commands.mod.timeout.response.invalid"), channel); }
public void loadServerConfig(Path path) { boolean purge = false; TempServerConfig config; ServerTimeoutStorage storage; try (Reader reader = Files.newBufferedReader(path, UTF_8)) { config = gson.fromJson(reader, TempServerConfig.class); serverStorage.put(config.getServerId(), config); storage = config.getServerTimeouts(); if (storage != null) { Server server = apiClient.getServerByID(config.getServerId()); if (server == NO_SERVER) { LOGGER.warn("Rejecting {} server storage file: server not found", config.getServerId()); return; } LOGGER.info( "Loaded {} ({}) server storage file", server.getName(), server.getId(), storage.getTimeoutRoleId()); // Prune expired entries for (Iterator<Map.Entry<String, ServerTimeout>> iter = storage.getTimeouts().entrySet().iterator(); iter.hasNext(); ) { Map.Entry<String, ServerTimeout> e = iter.next(); ServerTimeout timeout = e.getValue(); String userId = timeout.getUserId(); User user = apiClient.getUserById(userId, server); if (!isUserTimedOut(userId, server.getId())) { // Purge! purge = true; if (user == NO_USER) { LOGGER.info( "Ending timeout for departed user {} ({}) in {} ({})", timeout.getLastUsername(), userId, server.getName(), server.getId()); // // apiClient.sendMessage(loc.localize("message.mod.timeout.expire.not_found", // user.getId()), // server.getId()); // Don't need to remove the timeout role because leaving does that for us } else { // Duplicated from onTimeoutExpire except without remove since we're removing in an // iter LOGGER.info( "Expiring timeout for {} ({}) in {} ({})", user.getUsername(), user.getId(), server.getName(), server.getId()); // Only send message if they still have the role if (removeTimeoutRole(user, server, apiClient.getChannelById(server.getId()))) { // // apiClient.sendMessage(loc.localize("message.mod.timeout.expire", // user.getId()), // server.getId()); } } SafeNav.of(timeout.getTimerFuture()).ifPresent(f -> f.cancel(true)); iter.remove(); } else { // Start our futures Duration duration = Duration.between(Instant.now(), timeout.getEndTime()); ScheduledFuture future = timeoutService.schedule( () -> onTimeoutExpire(user, server), duration.getSeconds(), TimeUnit.SECONDS); timeout.setTimerFuture(future); } } } } catch (IOException | JsonParseException e) { LOGGER.warn("Unable to load server storage file " + path.toString(), e); return; } if (purge) { saveServerConfig(config); } }
/** * Lancer par signal de NoPublicController quand le processus sshd est (re)démarré dans container * serveur et git, pour mettre à jour la nouvelle IP du serveur */ @Override public Application sshCopyIDToServer(Application application, User user) throws ServiceException { String command = null; Map<String, String> configShell = new HashMap<>(); Module moduleGit = moduleService.findGitModule(user.getLogin(), application); if (logger.isDebugEnabled()) { logger.debug("--ssh Copy ID To Server--"); logger.debug("ssh port : " + moduleGit.getSshPort()); logger.debug("manager ip : " + application.getManagerIp()); } for (Server server : application.getServers()) { configShell.put("password", server.getApplication().getUser().getPassword()); configShell.put("port", moduleGit.getSshPort()); configShell.put("dockerManagerAddress", application.getManagerIp()); configShell.put("userLogin", server.getApplication().getUser().getLogin()); try { int counter = 0; while (!server.getStatus().equals(Status.START) || !moduleGit.getStatus().equals(Status.START)) { if (counter == 100) { break; } Thread.sleep(1000); logger.info(" wait git and server ssh processus start"); logger.info( "STATUS = server : " + server.getStatus() + " - module : " + moduleGit.getStatus()); moduleGit = moduleService.findById(moduleGit.getId()); server = serverService.findById(server.getId()); counter++; } // To permit ssh access on server from git container command = "expect /cloudunit/scripts/ssh-copy-id-expect.sh " + moduleGit.getApplication().getUser().getPassword(); logger.info("command shell to execute [" + command + "]"); shellUtils.executeShell(command, configShell); } catch (Exception e) { moduleGit.setStatus(Status.FAIL); moduleGit = moduleService.saveInDB(moduleGit); server.setStatus(Status.FAIL); server = serverService.saveInDB(server); logger.error("Error : Error during permit git to access to server " + e); throw new ServiceException(e.getLocalizedMessage(), e); } } try { moduleGit = moduleService.update(moduleGit); application.getModules().add(moduleGit); application.setGitContainerIP(moduleGit.getContainerIP()); } catch (ServiceException e) { moduleGit.setStatus(Status.FAIL); moduleService.saveInDB(moduleGit); logger.error("Error : Error during persist git module " + e); throw new ServiceException(e.getLocalizedMessage(), e); } logger.info( "ApplicationService : Application " + application.getName() + " successfully created."); return application; }