Merge

Application/ApplicationManager.cs

@@ -22,6 +22,7 @@ using System.Reflection;
 using System.Text;
 using System.Threading;
 using System.Threading.Tasks;
+using static SharedLibraryCore.GameEvent;
 
 namespace IW4MAdmin.Application
 {
@@ -32,8 +33,6 @@ namespace IW4MAdmin.Application
         public ILogger Logger => GetLogger(0);
         public bool Running { get; private set; }
         public bool IsInitialized { get; private set; }
-        // define what the delagate function looks like
-        public delegate void OnServerEventEventHandler(object sender, GameEventArgs e);
         // expose the event handler so we can execute the events
         public OnServerEventEventHandler OnServerEvent { get; set; }
         public DateTime StartTime { get; private set; }

Plugins/AutomessageFeed/AutomessageFeed.csproj

@@ -3,6 +3,7 @@
   <PropertyGroup>
     <TargetFramework>netcoreapp3.0</TargetFramework>
     <CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
+    <TargetLatestRuntimePatch >true</TargetLatestRuntimePatch>
     <LangVersion>7.1</LangVersion>
     <Configurations>Debug;Release;Prerelease</Configurations>
   </PropertyGroup>

Plugins/ScriptPlugins/SharedGUIDKick.js

@@ -19,6 +19,10 @@ var plugin = {
                 gameEvent.Origin.NetworkId === -6492697076432899192 ||
                 gameEvent.Origin.NetworkId === 1145760003260769995 ||
                 gameEvent.Origin.NetworkId === -7102887284306116957 ||
+                gameEvent.Origin.NetworkId === 3474936520447289592 ||
+                gameEvent.Origin.NetworkId === -1168897558496584395 ||
+                gameEvent.Origin.NetworkId === 8348020621355817691 ||
+                gameEvent.Origin.NetworkId === 3259219574061214058 ||
                 gameEvent.Origin.NetworkId === 3304388024725980231) {
                 gameEvent.Origin.Kick('Your GUID is generic. Delete players/guids.dat and rejoin', _IW4MAdminClient);
             }

RunPublishPre.cmd

@@ -1,6 +1,6 @@
-dotnet publish WebfrontCore/WebfrontCore.csproj -c Prerelease -o X:\IW4MAdmin\Publish\WindowsPrerelease /p:PublishProfile=Prerelease
-dotnet publish Application/Application.csproj -c Prerelease -o X:\IW4MAdmin\Publish\WindowsPrerelease /p:PublishProfile=Prerelease
-dotnet publish GameLogServer/GameLogServer.pyproj -c Release -o X:\IW4MAdmin\Publish\WindowsPrerelease\GameLogServer
+dotnet publish WebfrontCore/WebfrontCore.csproj -c Prerelease -f netcoreapp2.2 --force -o X:\IW4MAdmin\Publish\WindowsPrerelease /p:PublishProfile=Prerelease
+dotnet publish Application/Application.csproj -c Prerelease -f netcoreapp2.2 --force -o X:\IW4MAdmin\Publish\WindowsPrerelease /p:PublishProfile=Prerelease
+dotnet publish GameLogServer/GameLogServer.pyproj -c Release -f netcoreapp2.2 --force -o X:\IW4MAdmin\Publish\WindowsPrerelease\GameLogServer
 call "C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise\Common7\Tools\VsDevCmd.bat"
 msbuild  GameLogServer/GameLogServer.pyproj  /p:PublishProfile=PreRelease /p:DeployOnBuild=true /p:PublishProfileRootFolder=X:\IW4MAdmin\GameLogServer\
 cd "X:\IW4MAdmin\DEPLOY\"

SharedLibraryCore/Events/GameEvent.cs

@@ -1,4 +1,5 @@
 using SharedLibraryCore.Database.Models;
+using SharedLibraryCore.Events;
 using System;
 using System.Threading;
 using System.Threading.Tasks;
@@ -7,6 +8,9 @@ namespace SharedLibraryCore
 {
     public class GameEvent
     {
+        // define what the delagate function looks like
+        public delegate void OnServerEventEventHandler(object sender, GameEventArgs e);
+
         public enum EventFailReason
         {
             /// <summary>

SharedLibraryCore/Interfaces/IManager.cs

@@ -6,6 +6,7 @@ using System.Reflection;
 using SharedLibraryCore.Database.Models;
 using System.Threading;
 using System.Collections;
+using static SharedLibraryCore.GameEvent;
 
 namespace SharedLibraryCore.Interfaces
 {
@@ -54,5 +55,6 @@ namespace SharedLibraryCore.Interfaces
         string ExternalIPAddress { get; }
         CancellationToken CancellationToken { get; }
         bool IsRestartRequested { get; }
+        OnServerEventEventHandler OnServerEvent { get; set; }
     }
 }

WebfrontCore/Middleware/ClaimsPermissionRemoval.cs

@@ -0,0 +1,91 @@
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Http;
+using SharedLibraryCore.Events;
+using SharedLibraryCore.Interfaces;
+using System.Collections.Generic;
+using System.Linq;
+using System.Security.Claims;
+using System.Threading.Tasks;
+using static SharedLibraryCore.Database.Models.EFClient;
+using static SharedLibraryCore.GameEvent;
+
+namespace WebfrontCore.Middleware
+{
+    /// <summary>
+    /// Facilitates the removal of identity claims when client is demoted
+    /// </summary>
+    internal class ClaimsPermissionRemoval
+    {
+        private readonly IManager _manager;
+        private readonly List<int> _privilegedClientIds;
+        private readonly RequestDelegate _nextRequest;
+
+        public ClaimsPermissionRemoval(RequestDelegate nextRequest, IManager manager)
+        {
+            _manager = manager;
+            _manager.OnServerEvent += OnGameEvent;
+            _privilegedClientIds = new List<int>();
+            _nextRequest = nextRequest;
+        }
+
+        /// <summary>
+        /// Callback for the game event 
+        /// </summary>
+        /// <param name="sender"></param>
+        /// <param name="args"></param>
+        private void OnGameEvent(object sender, GameEventArgs args)
+        {
+            if (args.Event.Type == EventType.ChangePermission &&
+                args.Event.Extra is Permission perm)
+            {
+                // we want to remove the claims when the client is demoted
+                if (perm < Permission.Trusted)
+                {
+                    lock (_privilegedClientIds)
+                    {
+                        _privilegedClientIds.RemoveAll(id => id == args.Event.Target.ClientId);
+                    }
+                }
+                // and add if promoted
+                else if (perm > Permission.Trusted &&
+                    !_privilegedClientIds.Contains(args.Event.Target.ClientId))
+                {
+                    lock (_privilegedClientIds)
+                    {
+                        _privilegedClientIds.Add(args.Event.Target.ClientId);
+                    }
+                }
+            }
+        }
+
+        public async Task Invoke(HttpContext context)
+        {
+            // we want to load the initial list of privileged clients
+            if (_privilegedClientIds.Count == 0)
+            {
+                var ids = (await _manager.GetClientService().GetPrivilegedClients())
+                    .Select(_client => _client.ClientId);
+
+                lock (_privilegedClientIds)
+                {
+                    _privilegedClientIds.AddRange(ids);
+                }
+            }
+
+            // sid stores the clientId
+            string claimsId = context.User.Claims.FirstOrDefault(_claim => _claim.Type == ClaimTypes.Sid)?.Value;
+
+            if (!string.IsNullOrEmpty(claimsId))
+            {
+                int clientId = int.Parse(claimsId);
+                // they've been removed
+                if (!_privilegedClientIds.Contains(clientId) && clientId != 1)
+                {
+                    await context.SignOutAsync();
+                }
+            }
+
+            await _nextRequest.Invoke(context);
+        }
+    }
+}

WebfrontCore/Startup.cs

@@ -112,6 +112,9 @@ namespace WebfrontCore
             app.UseAuthorization();
             app.UseCors("AllowAll");
 
+            // prevents banned/demoted users from keeping their claims
+            app.UseMiddleware<ClaimsPermissionRemoval>(Program.Manager);
+
             app.UseRouting();
             app.UseEndpoints(endpoints =>
             {