Fix WebServer responses for users with permission level 1

Plan/src/main/java/com/djrapitops/plan/Settings.java

@@ -28,7 +28,6 @@ public enum Settings {
     SECURITY_IP_UUID("Settings.WebServer.Security.DisplayIPsAndUUIDs"),
     GRAPH_PLAYERS_USEMAXPLAYERS_SCALE("Customization.Graphs.PlayersOnlineGraph.UseMaxPlayersAsScale"),
     PLAYERLIST_SHOW_IMAGES("Customization.SmallHeadImagesOnAnalysisPlayerlist"),
-    EXTERNAL_WEBSERVER("Settings.WebServer.UsingExternalWebServer"),
     // Integer
     ANALYSIS_MINUTES_FOR_ACTIVE("Settings.Analysis.MinutesPlayedUntilConsidiredActive"),
     SAVE_CACHE_MIN("Settings.Cache.DataCache.SaveEveryXMinutes"),

Plan/src/main/java/com/djrapitops/plan/ui/html/graphs/PlayerActivityGraphCreator.java

@@ -1,6 +1,5 @@
 package main.java.com.djrapitops.plan.ui.html.graphs;
 
-import main.java.com.djrapitops.plan.Log;
 import main.java.com.djrapitops.plan.data.SessionData;
 import main.java.com.djrapitops.plan.data.TPS;
 import main.java.com.djrapitops.plan.utilities.MiscUtils;
@@ -41,8 +40,6 @@ public class PlayerActivityGraphCreator {
                 .map(session -> new Point[]{new Point(session.getSessionStart(), 1), new Point(session.getSessionEnd(), 0)})
                 .flatMap(Arrays::stream)
                 .collect(Collectors.toList());
-
-        Log.debug(points.stream().map(Point::getY).collect(Collectors.toList()).toString());
         return ScatterGraphCreator.scatterGraph(points, true, false);
     }
 

Plan/src/main/java/com/djrapitops/plan/ui/webserver/WebServer.java

@@ -75,7 +75,7 @@ public class WebServer {
                 server = HttpServer.create();
             }
 
-            HttpContext context = server.createContext("/", new HttpHandler() {
+            server.createContext("/", new HttpHandler() {
                 @Override
                 public void handle(HttpExchange xchange) throws IOException {
                     OutputStream os = null;
@@ -126,10 +126,8 @@ public class WebServer {
         try {
             List<String> authorization = requestHeaders.get("Authorization");
             if (Verify.isEmpty(authorization)) {
-                Log.debug("WebServer: Authorization not Found");
                 return null;
             }
-            Log.debug("WebServer: Found Authorization");
             String auth = authorization.get(0);
             if (auth.contains("Basic ")) {
                 auth = auth.split(" ")[1];
@@ -225,13 +223,18 @@ public class WebServer {
     }
 
     private Response getResponse(String target, WebUser user) {
+        if ("/favicon.ico".equals(target)) {
+            return new RedirectResponse("https://puu.sh/tK0KL/6aa2ba141b.ico");
+        }
         if (usingHttps) {
             if (user == null) {
                 return new PromptAuthorizationResponse();
             }
 
-            if (!isAuthorized(target, user)) {
+            int permLevel = user.getPermLevel(); // Lower number has higher clearance.
-                return forbiddenResponse();
+            int required = getRequiredPermLevel(target, user.getName());
+            if (permLevel > required) {
+                return forbiddenResponse(permLevel, required);
             }
         }
         String[] args = target.split("/");
@@ -241,8 +244,6 @@ public class WebServer {
 
         String page = args[1];
         switch (page) {
-            case "favicon.ico":
-                return new RedirectResponse("https://puu.sh/tK0KL/6aa2ba141b.ico");
             case "players":
                 return new PlayersPageResponse(plugin);
             case "player":
@@ -254,12 +255,13 @@ public class WebServer {
         }
     }
 
-    private ForbiddenResponse forbiddenResponse() {
+    private ForbiddenResponse forbiddenResponse(int permLevel, int required) {
         ForbiddenResponse response403 = new ForbiddenResponse();
         String content = "<h1>403 Forbidden - Access Denied</h1>"
                 + "<p>Unauthorized User.<br>"
                 + "Make sure your user has the correct access level.<br>"
-                + "You can use /plan web check <username> to check the permission level.</p>";
+                + "This page requires permission level of " + String.valueOf(required) + ",<br>"
+                + "This user has permission level of " + String.valueOf(permLevel) + "</p>";
         response403.setContent(content);
         return response403;
     }
@@ -276,7 +278,7 @@ public class WebServer {
             case 2:
                 return playerResponse(new String[]{"", user.getName()});
             default:
-                return forbiddenResponse();
+                return forbiddenResponse(user.getPermLevel(), 0);
         }
     }
 
@@ -338,30 +340,33 @@ public class WebServer {
         return dataReqHandler;
     }
 
-    private boolean isAuthorized(String target, WebUser user) {
-        int permLevel = user.getPermLevel(); // Lower number has higher clearance.
-        int required = getRequiredPermLevel(target, user.getName());
-        return permLevel <= required;
-    }
-
     private int getRequiredPermLevel(String target, String user) {
         String[] t = target.split("/");
-        if (t.length < 3) {
+        if (t.length < 2) {
+            return 100;
+        }
+        if (t.length > 3) {
             return 0;
         }
-        final String wantedUser = t[2].toLowerCase().trim();
+        String page = t[1];
-        final String theUser = user.trim().toLowerCase();
+        switch (page) {
-        if (t[1].equals("players")) {
+            case "players":
-            return 1;
-        }
-        if (t[1].equals("player")) {
-            if (wantedUser.equals(theUser)) {
-                return 2;
-            } else {
                 return 1;
-            }
+            case "player":
+                // /player/ - 404 for perm lvl 1
+                if (t.length < 3) {
+                    return 1;
+                }
+                final String wantedUser = t[2].toLowerCase().trim();
+                final String theUser = user.trim().toLowerCase();
+                if (wantedUser.equals(theUser)) {
+                    return 2;
+                } else {
+                    return 1;
+                }
+            default:
+                return 0;
         }
-        return 0;
     }
 
     public String getProtocol() {

Plan/src/main/java/com/djrapitops/plan/utilities/HtmlUtils.java

@@ -3,6 +3,7 @@ package main.java.com.djrapitops.plan.utilities;
 import main.java.com.djrapitops.plan.Plan;
 import main.java.com.djrapitops.plan.Settings;
 import main.java.com.djrapitops.plan.ui.html.Html;
+import main.java.com.djrapitops.plan.ui.webserver.WebServer;
 
 import java.io.File;
 import java.io.FileNotFoundException;
@@ -101,7 +102,8 @@ public class HtmlUtils {
     }
 
     private static String getProtocol() {
-        return Settings.EXTERNAL_WEBSERVER.isTrue() ? Settings.LINK_PROTOCOL.toString() : Plan.getInstance().getUiServer().getProtocol();
+        WebServer uiServer = Plan.getInstance().getUiServer();
+        return uiServer.isEnabled() ? uiServer.getProtocol() : Settings.LINK_PROTOCOL.toString();
     }
 
     /**

Plan/src/main/resources/config.yml

@@ -34,7 +34,6 @@ Settings:
     InternalIP: 0.0.0.0
     ShowAlternativeServerIP: false
     AlternativeIP: your.ip.here:%port%
-    UsingExternalWebServer: false
     ExternalWebServerLinkProtocol: http
     Security:
       DisplayIPsAndUUIDs: true