Commit Graph

4641 Commits

Author SHA1 Message Date
Risto Lahtela
47b3921204 Refactored some odd decisions in the new code 2021-01-29 11:02:38 +02:00
Risto Lahtela
fd673dee2b Query now functions "properly" 2021-01-29 11:02:37 +02:00
Risto Lahtela
1108f6f2e0 Refactored query.js to have Filter classes instead 2021-01-29 11:02:36 +02:00
Risto Lahtela
908d1c6203 Random tiny changes to code quality 2021-01-29 11:02:35 +02:00
Risto Lahtela
9648deb853 Form validation for timestamps
Validates and corrects dates and times on all date input in query form
2021-01-29 11:02:34 +02:00
Risto Lahtela
6ff2d68b99 Added a /query page
What currently works:
- Adding filters dynamically
2021-01-29 11:02:33 +02:00
Risto Lahtela
8f5db846af /v1/filters entry point
Fetches the list of Filters that can be applied in a query
2021-01-29 11:02:32 +02:00
Risto Lahtela
a14d7d4769 /v1/query endpoint
- Requires 'q' parameter which is URI encoded JSON array
- The array contains FilterQuery objects
- Right now the list of UUIDs and path is returned

Up next /v1/filters endpoint that returns list of filter kinds and what their default options.
2021-01-29 11:02:31 +02:00
Risto Lahtela
aac7bdc632 Begun work on Filters:
- Filter interface
- Wrote 5 filters
- Wrote QueryFilters that manages different Filters

Plan is to link the QueryFilters to Resolvers:
- One that returns all filters and their options as json
- One that users the query parameters (eg ?q={json}) and gets the filters
  - FilterQuery has a static method to parse the json
2021-01-29 11:02:31 +02:00
Risto Lahtela
b479753fc9 Fixed server preference pie for network page
- Flipped the dates in the query (ugh)
- Proper names for the servers in the pie

Affects issues:
- Fixed #1728
2021-01-29 11:01:08 +02:00
Risto Lahtela
60f6278352 Updated ViaVersion Extension
- Don't try to register the extension on Velocity
  (Velocity has no way to register listeners to Plan)

Affects issues:
- Close #1726
2021-01-29 10:27:37 +02:00
Risto Lahtela
5e7bced24b Fixed in-game links in Czech locale
Affects issues:
- Fixed #1725
2021-01-29 10:15:06 +02:00
Risto Lahtela
41c1a8dfc6 Update notification now says "Update: " 2021-01-29 10:10:31 +02:00
Risto Lahtela
76fe304dbd Replaced old links to repository with new one 2021-01-29 09:51:44 +02:00
Risto Lahtela
021360e586 Contributors now displayed in 3 columns
The modal was getting really long so it was widened
and contributors now use 3 columns instead of 1

Contributors were also alphabetically sorted
2021-01-29 09:51:43 +02:00
dependabot-preview[bot]
4d82a1a8ae Bump org.sonarqube from 3.1 to 3.1.1 in /Plan
Bumps org.sonarqube from 3.1 to 3.1.1.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-26 05:27:33 +00:00
dependabot-preview[bot]
d73d16b609 Bump HikariCP from 4.0.0 to 4.0.1 in /Plan
Bumps [HikariCP](https://github.com/brettwooldridge/HikariCP) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/brettwooldridge/HikariCP/releases)
- [Changelog](https://github.com/brettwooldridge/HikariCP/blob/dev/CHANGES)
- [Commits](https://github.com/brettwooldridge/HikariCP/compare/HikariCP-4.0.0...HikariCP-4.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-26 05:27:21 +00:00
dependabot-preview[bot]
1e0f875897
Bump bstatsVersion from 1.8 to 2.1.0 in /Plan (#1720)
* Bump bstatsVersion from 1.8 to 2.1.0 in /Plan

Bumps `bstatsVersion` from 1.8 to 2.1.0.

Updates `bstats-bukkit` from 1.8 to 2.1.0
- [Release notes](https://github.com/Bastian/bStats-Metrics/releases)
- [Commits](https://github.com/Bastian/bStats-Metrics/commits/v2.1.0)

Updates `bstats-sponge` from 1.8 to 2.1.0
- [Release notes](https://github.com/Bastian/bStats-Metrics/releases)
- [Commits](https://github.com/Bastian/bStats-Metrics/commits/v2.1.0)

Updates `bstats-bungeecord` from 1.8 to 2.1.0
- [Release notes](https://github.com/Bastian/bStats-Metrics/releases)
- [Commits](https://github.com/Bastian/bStats-Metrics/commits/v2.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Updated metrics imports

* Relocate Sponge bstats metrics

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Risto Lahtela <24460436+Rsl1122@users.noreply.github.com>
2021-01-25 12:09:36 +02:00
dependabot-preview[bot]
4871d524f7 Bump HikariCP from 3.4.5 to 4.0.0 in /Plan
Bumps [HikariCP](https://github.com/brettwooldridge/HikariCP) from 3.4.5 to 4.0.0.
- [Release notes](https://github.com/brettwooldridge/HikariCP/releases)
- [Changelog](https://github.com/brettwooldridge/HikariCP/blob/dev/CHANGES)
- [Commits](https://github.com/brettwooldridge/HikariCP/compare/HikariCP-3.4.5...HikariCP-4.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-25 09:36:18 +00:00
Risto Lahtela
e26a272e60 Fixed TPS Storage test 2021-01-25 11:26:30 +02:00
Risto Lahtela
4085ae310a Fixed TPS Storage test 2021-01-25 11:12:41 +02:00
Risto Lahtela
ccd492c052 Reduced the performance graph size
Reduced resolution of data:
- Last 30 days: Full resolution (1 per minute)
- Last 60 - 30 days: 1 per 5 minutes
- 60+ days old: 1 per 20 minutes
Effect:
- Reduced /v1/graphs?type=performance size from 21 MB to 9.15 MB (126k rows in database)

Added new endpoint /v1/graphs?type=optimizedPerformance that doesn't parse series separately
- Sends a single array of arrays instead of one array for each series
  - Added a parseDataSeries to graphs.js that translates the data
Effect:
- Reduced from 9.15 MB to 3.35 MB
- Moved some workload to the browser

Affects issues:
- Fixed #1622
2021-01-24 17:40:30 +02:00
Risto Lahtela
f14dfe7a7c Added a setting to allow X-Forwarded-For to be used for IP security
Affects following features:
- IP Whitelist
- Password bruteforce guard

Affects issues:
- Close #1716
2021-01-24 15:59:50 +02:00
Risto Lahtela
bd754c4445 Prevent redirection to another website on login
Affects issues:
- Fixed #1717
2021-01-24 12:21:02 +02:00
Risto Lahtela
c44d3d7a7e Prevented a future accidental XSS vulnerability in Register endpoint error
The username parameter was passed to an exception that is currently turned into
json, but in the future the way this exception is handled could have changed.
2021-01-24 11:15:38 +02:00
Risto Lahtela
a6c286b0f2 Prevented a future accidental XSS vulnerability in Graph type selection
The type parameter was passed to an exception that is currently turned into
json, but in the future the way this exception is handled could have changed.
2021-01-24 11:15:37 +02:00
Risto Lahtela
8544e5a904 Prevented a future accidental XSS vulnerability in Player UUID parsing
The server parameter was passed to an exception that is currently turned into
json, but in the future the way this exception is handled could have changed.
2021-01-24 11:15:37 +02:00
Risto Lahtela
d64a967497 Prevented a future accidental XSS vulnerability in Server UUID parsing
The server parameter was passed to an exception that is currently turned into
json, but in the future the way this exception is handled could have changed.
2021-01-24 11:15:37 +02:00
Risto Lahtela
5c49e95c7d Fixed XSS in Internal Error page
Adding a </pre><xss> to an URL that triggered an internal error could be used
to facilitate an XSS attack
2021-01-24 11:15:37 +02:00
Risto Lahtela
d8626f37a7
Create security_vuln.md 2021-01-24 10:22:49 +02:00
Risto Lahtela
3b52cc5f0c Stop differentiating between wrong pass and user not existing 2021-01-23 21:54:27 +02:00
Risto Lahtela
5fae224ef6 Fixed ErrorContext of some errors being omitted 2021-01-23 21:53:07 +02:00
Risto Lahtela
46e486e00c
Update versions.txt 2021-01-22 21:49:57 +02:00
Risto Lahtela
94abd68086 Don't register the currently running task again inside the task
Affects issues:
- Fixed #1715
2021-01-22 21:44:27 +02:00
Risto Lahtela
97096948dc
Update versions.txt 2021-01-22 15:48:14 +02:00
Risto Lahtela
70b9ac1104 Set FullCalendar to use UTC as timezone
Affects issues:
- Possibly fixed #1239
2021-01-22 11:32:10 +02:00
Risto Lahtela
97bc28e2b4 Updated ProtocolSupport Extension
Ignored Access to implementation before detect Exception

Affects issues:
- Fixed #1665
2021-01-22 11:14:30 +02:00
Risto Lahtela
8423e392bb Don't close DataSource with bad connection
- Attempt to recursively obtain a valid connection.
  This could lead to StackOverFlowException if db goes
  down, so that is caught.

Affects issues:
- Possibly fixed #1458
2021-01-22 11:06:12 +02:00
dependabot-preview[bot]
3335765fa2 Bump dagger from 2.31.1 to 2.31.2 in /Plan
Bumps [dagger](https://github.com/google/dagger) from 2.31.1 to 2.31.2.
- [Release notes](https://github.com/google/dagger/releases)
- [Changelog](https://github.com/google/dagger/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/dagger/compare/dagger-2.31.1...dagger-2.31.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-22 05:36:31 +00:00
dependabot-preview[bot]
4d9ad6a8c9 Bump RedisBungee from 0.3.8-SNAPSHOT to 0.6-SNAPSHOT in /Plan
Bumps RedisBungee from 0.3.8-SNAPSHOT to 0.6-SNAPSHOT.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-22 05:29:27 +00:00
dependabot-preview[bot]
2630aa3e08 Bump dagger-compiler from 2.31.1 to 2.31.2 in /Plan
Bumps [dagger-compiler](https://github.com/google/dagger) from 2.31.1 to 2.31.2.
- [Release notes](https://github.com/google/dagger/releases)
- [Changelog](https://github.com/google/dagger/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/dagger/compare/dagger-2.31.1...dagger-2.31.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-22 05:28:11 +00:00
dependabot-preview[bot]
2898378016 Bump mockito-junit-jupiter from 3.7.0 to 3.7.7 in /Plan
Bumps [mockito-junit-jupiter](https://github.com/mockito/mockito) from 3.7.0 to 3.7.7.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v3.7.0...v3.7.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-22 05:27:14 +00:00
Risto Lahtela
2b737c9973 Fixed offset for graphs with minutes in timezones
Timezone offset is now a double.

This fix seems very simple, and it kinda is.

HighCharts represents offset in minutes.
Java gives offset in milliseconds, and that was
incorrectly to be assumed as full hours, so the offset
was rounded to an integer. Using a double will allow
all kinds of offsets that still work with highcharts.

Fixes timezones like
- Nepal (GMT+05:45)
- Newfoundland Time (GMT-03:30)

Affects issues:
- Fixed #1652
2021-01-20 18:12:56 +02:00
Risto Lahtela
6758a56167 Fixed build errors 2021-01-20 17:59:45 +02:00
Risto Lahtela
edddccf329 Updated AAC Extension
- Disable AAC Extension if using v5 or newer

The event that is used for data gathering in Plan
for AAC is no longer present as an API in AAC past
version 5.0.0.

Because of this there is no data available for AAC,
and the extension is disabled.

Affects issues:
- Close #1673
2021-01-20 17:37:43 +02:00
Risto Lahtela
fd729360c7 Ignored all UnsupportedOperationExceptions from Extensions
Affects issues:
- Fixed #1667
2021-01-20 17:22:56 +02:00
Risto Lahtela
d5a6ccc7a3 Updated Nucleus Extension
- Removed warnings
- Update server data more frequently

Affects issues:
- #1688
2021-01-20 17:16:42 +02:00
Risto Lahtela
25d528e2f1 Updated mcMMO Extension
- Ignores IndexOutOfBoundsException

Affects issues:
- Fixed #1662
2021-01-20 17:05:40 +02:00
Risto Lahtela
15c9325eb4 Added activity index queries and placeholders.
- Added CommonQueries#fetchActivityIndexOf
- Added CommonQueries#getActivityGroupForIndex

- Added %plan_player_activity_index%
- Added %plan_player_activity_group%

Affects issues:
- Close #1663
2021-01-20 16:58:46 +02:00
dependabot-preview[bot]
e220e40a8c
Bump paper-api from 1.13.2-R0.1-SNAPSHOT to 1.16.5-R0.1-SNAPSHOT in /Plan (#1697)
* Bump paper-api in /Plan

Bumps paper-api from 1.13.2-R0.1-SNAPSHOT to 1.16.5-R0.1-SNAPSHOT.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Removed a method call that is no longer used

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Risto Lahtela <24460436+Rsl1122@users.noreply.github.com>
2021-01-20 16:49:18 +02:00