From a55bb49f1c8ca99fdd354a862dcb3d9f944aec4b Mon Sep 17 00:00:00 2001 From: andrewlalis Date: Wed, 12 Jul 2017 15:25:25 +0200 Subject: [PATCH] made all send messages safe with request buffers, and externalized the token for extra security. --- pom.xml | 2 +- src/main/java/handiebot/HandieBot.java | 30 +++++++++- src/main/java/handiebot/command/Commands.java | 5 +- .../commands/admin/SetPrefixCommand.java | 5 +- .../command/commands/misc/TengwarCommand.java | 18 +++--- .../command/commands/music/PlayCommand.java | 10 ++-- .../commands/music/PlaylistCommand.java | 58 +++++++++---------- .../command/commands/music/QueueCommand.java | 4 +- .../command/commands/music/RepeatCommand.java | 3 +- .../commands/music/ShuffleCommand.java | 3 +- .../command/commands/support/HelpCommand.java | 7 +-- .../YoutubeChoiceListener.java | 7 ++- .../YoutubePlayListener.java | 2 +- .../YoutubePlaylistAddListener.java | 7 ++- .../reactionListeners/package-info.java | 5 ++ .../handiebot/lavaplayer/MusicPlayer.java | 25 +++++--- .../handiebot/lavaplayer/TrackScheduler.java | 9 +-- .../java/handiebot/utils/MessageUtils.java | 58 ++++++++++++++++++- .../java/handiebot/utils/YoutubeSearch.java | 20 +++---- 19 files changed, 183 insertions(+), 95 deletions(-) create mode 100644 src/main/java/handiebot/command/reactionListeners/package-info.java diff --git a/pom.xml b/pom.xml index d55581b..711102c 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ com.github.andrewlalis HandieBot - 1.4.1 + 1.5.0 diff --git a/src/main/java/handiebot/HandieBot.java b/src/main/java/handiebot/HandieBot.java index 7bb2436..6b678fd 100644 --- a/src/main/java/handiebot/HandieBot.java +++ b/src/main/java/handiebot/HandieBot.java @@ -3,7 +3,7 @@ package handiebot; import handiebot.command.CommandHandler; import handiebot.command.ReactionHandler; import handiebot.lavaplayer.MusicPlayer; -import handiebot.utils.YoutubeSearch; +import handiebot.utils.FileUtil; import handiebot.view.BotLog; import handiebot.view.BotWindow; import sx.blah.discord.api.ClientBuilder; @@ -17,6 +17,9 @@ import sx.blah.discord.handle.obj.Permissions; import sx.blah.discord.util.DiscordException; import sx.blah.discord.util.RateLimitException; +import java.io.BufferedReader; +import java.io.FileReader; +import java.io.IOException; import java.util.*; /** @@ -28,7 +31,14 @@ import java.util.*; public class HandieBot { public static final String APPLICATION_NAME = "HandieBot"; - private static final String TOKEN = "MjgzNjUyOTg5MjEyNjg4Mzg0.C45A_Q.506b0G6my1FEFa7_YY39lxLBHUY"; + private static final String TOKEN; + static { + TOKEN = readToken(); + if (TOKEN.isEmpty()){ + System.out.println("You do not have the token required to start the bot. Shutting down."); + System.exit(-1); + } + } private static boolean USE_GUI = true; public static final ResourceBundle resourceBundle = ResourceBundle.getBundle("Strings"); @@ -102,7 +112,6 @@ public class HandieBot { client = new ClientBuilder().withToken(TOKEN).build(); client.getDispatcher().registerListener(new HandieBot()); client.login(); - YoutubeSearch.query("two steps from hell"); } /** @@ -115,6 +124,21 @@ public class HandieBot { return channel.getModifiedPermissions(client.getOurUser()).contains(permission); } + /** + * Reads the private discord token necessary to start the bot. If this fails, the bot will shut down. + * @return The string token needed to log in. + */ + private static String readToken(){ + String path = FileUtil.getDataDirectory()+"token.txt"; + String result = ""; + try(BufferedReader reader = new BufferedReader(new FileReader(path))){ + result = reader.readLine(); + } catch (IOException e) { + System.err.println("IOException while trying to read token. "+e.getMessage()); + } + return result; + } + /** * Safely shuts down the bot on all guilds. */ diff --git a/src/main/java/handiebot/command/Commands.java b/src/main/java/handiebot/command/Commands.java index c3bb520..a5459fc 100644 --- a/src/main/java/handiebot/command/Commands.java +++ b/src/main/java/handiebot/command/Commands.java @@ -18,6 +18,7 @@ import java.util.List; import static handiebot.HandieBot.log; import static handiebot.HandieBot.resourceBundle; +import static handiebot.utils.MessageUtils.sendMessage; /** * @author Andrew Lalis @@ -59,7 +60,7 @@ public class Commands { return; } else if (!cmd.canUserExecute(context.getUser(), context.getGuild())){ log.log(BotLog.TYPE.COMMAND, context.getGuild(), MessageFormat.format(resourceBundle.getString("commands.noPermission.log"), context.getUser().getName(), cmd.getName())); - context.getChannel().sendMessage(MessageFormat.format(resourceBundle.getString("commands.noPermission.message"), command)); + sendMessage(MessageFormat.format(resourceBundle.getString("commands.noPermission.message"), command), context.getChannel()); return; } else if (cmd instanceof ContextCommand){ log.log(BotLog.TYPE.COMMAND, context.getGuild(), context.getUser().getName()+" has issued the command: "+command); @@ -101,7 +102,7 @@ public class Commands { (context.getUser().getLongID() == 235439851263098880L) || (permission == 0); if (!result){ - context.getChannel().sendMessage(resourceBundle.getString("commands.noPermission.subcommand")); + sendMessage(resourceBundle.getString("commands.noPermission.subcommand"), context.getChannel()); } return result; } diff --git a/src/main/java/handiebot/command/commands/admin/SetPrefixCommand.java b/src/main/java/handiebot/command/commands/admin/SetPrefixCommand.java index eb75085..f446dc9 100644 --- a/src/main/java/handiebot/command/commands/admin/SetPrefixCommand.java +++ b/src/main/java/handiebot/command/commands/admin/SetPrefixCommand.java @@ -9,6 +9,7 @@ import java.text.MessageFormat; import static handiebot.HandieBot.log; import static handiebot.HandieBot.resourceBundle; +import static handiebot.utils.MessageUtils.sendMessage; /** * @author Andrew Lalis @@ -29,10 +30,10 @@ public class SetPrefixCommand extends ContextCommand { CommandHandler.PREFIXES.put(context.getGuild(), context.getArgs()[0]); CommandHandler.saveGuildPrefixes(); String response = MessageFormat.format(resourceBundle.getString("commands.command.setPrefix.changed"), context.getArgs()[0]); - context.getChannel().sendMessage(response); + sendMessage(response, context.getChannel()); log.log(BotLog.TYPE.INFO, response); } else { - context.getChannel().sendMessage(resourceBundle.getString("commands.command.setPrefix.noPrefixError")); + sendMessage(resourceBundle.getString("commands.command.setPrefix.noPrefixError"), context.getChannel()); } } } diff --git a/src/main/java/handiebot/command/commands/misc/TengwarCommand.java b/src/main/java/handiebot/command/commands/misc/TengwarCommand.java index 527c7cf..8b511ea 100644 --- a/src/main/java/handiebot/command/commands/misc/TengwarCommand.java +++ b/src/main/java/handiebot/command/commands/misc/TengwarCommand.java @@ -2,12 +2,14 @@ package handiebot.command.commands.misc; import handiebot.command.CommandContext; import handiebot.command.types.ContextCommand; +import handiebot.utils.MessageUtils; import net.agspace.TengwarImageGenerator; import net.agspace.Translator; import java.io.FileNotFoundException; import static handiebot.HandieBot.resourceBundle; +import static handiebot.utils.MessageUtils.sendMessage; /** * @author Andrew Lalis @@ -24,12 +26,13 @@ public class TengwarCommand extends ContextCommand { @Override public void execute(CommandContext context) { if (context.getArgs().length == 0){ - context.getChannel().sendMessage(this.getUsage(context.getGuild())); + sendMessage(this.getUsage(context.getGuild()), context.getChannel()); } else if (context.getArgs().length >= 2){ - String input = readTextFromArgs(context.getArgs()); + String input = MessageUtils.getTextFromArgs(context.getArgs(), 1); if (context.getArgs()[0].equalsIgnoreCase("to")){ String result = Translator.translateToTengwar(input); try { + //TODO: replace with rate-limited send method. context.getChannel().sendFile("Raw text: `" +result+'`', TengwarImageGenerator.generateImage(result, 600, 24f, @@ -40,18 +43,11 @@ public class TengwarCommand extends ContextCommand { e.printStackTrace(); } } else if (context.getArgs()[0].equalsIgnoreCase("from")){ - context.getChannel().sendMessage(Translator.translateToEnglish(input)); + sendMessage(Translator.translateToEnglish(input), context.getChannel()); } } else { - context.getChannel().sendMessage(this.getUsage(context.getGuild())); + sendMessage(this.getUsage(context.getGuild()), context.getChannel()); } } - private String readTextFromArgs(String[] args){ - StringBuilder sb = new StringBuilder(); - for (int i = 1; i < args.length; i++){ - sb.append(args[i]).append(' '); - } - return sb.toString().trim(); - } } diff --git a/src/main/java/handiebot/command/commands/music/PlayCommand.java b/src/main/java/handiebot/command/commands/music/PlayCommand.java index 65fd245..c55957d 100644 --- a/src/main/java/handiebot/command/commands/music/PlayCommand.java +++ b/src/main/java/handiebot/command/commands/music/PlayCommand.java @@ -7,6 +7,7 @@ import handiebot.command.ReactionHandler; import handiebot.command.reactionListeners.YoutubePlayListener; import handiebot.command.types.ContextCommand; import handiebot.lavaplayer.playlist.UnloadedTrack; +import handiebot.utils.MessageUtils; import handiebot.utils.YoutubeSearch; import sx.blah.discord.handle.obj.IMessage; @@ -15,6 +16,7 @@ import java.util.ArrayList; import java.util.List; import static handiebot.HandieBot.resourceBundle; +import static handiebot.utils.MessageUtils.sendMessage; import static handiebot.utils.YoutubeSearch.WATCH_URL; /** @@ -40,16 +42,12 @@ public class PlayCommand extends ContextCommand { try { HandieBot.musicPlayer.addToQueue(context.getGuild(), new UnloadedTrack(context.getArgs()[0]), context.getUser()); } catch (Exception e) { - context.getChannel().sendMessage(MessageFormat.format(resourceBundle.getString("commands.command.play.songAddError"), context.getArgs()[0])); + sendMessage(MessageFormat.format(resourceBundle.getString("commands.command.play.songAddError"), context.getArgs()[0]), context.getChannel()); e.printStackTrace(); } } else { //Construct a Youtube song choice. - StringBuilder sb = new StringBuilder(); - for (int i = 0; i < context.getArgs().length; i++){ - sb.append(context.getArgs()[i]).append(' '); - } - List