[SEC] Lockette - Simple chest and door lock, no databases! [Moved to BukkitDev]

Discussion in 'Inactive/Unsupported Plugins' started by Acru, Feb 14, 2011.

  1. Offline

    Acru

    Lockette - The sign-based container and door lock for Bukkit! - by Acru Jovian

    ElgarL has been assigned as the current maintainer of this project, please forward any important issues to him as well. This post is abandoned, but proceed to BukkitDev for updates.

    Download it at BukkitDev! (Alternate) (JAR) (Source), also view the Change Log on BukkitDev.



    Supported external plugins:
    • Permissions - Permissions/Groups
    • GroupManager - Permissions/Groups
    • PermissionsBukkit - SuperPerms/Groups
    • PermissionsEx - SuperPerms/Groups
    • bPermissions- SuperPerms/Groups
    • Towny - Groups/Zones
    • SimpleClans - Groups
    • mcMMO - Groups (Disabled by default now, due to issues.)
    • Factions - Groups
    • LWC - Zones
    • Register - Economy
    Alternate languages included:
    Confirmed compatible plugins: ColorSign, SpeedSign.
    Conflicting plugins: ChestShop, Most sign editors!


    The active Lockette information page will commute to BukkitDev soon, but the forum thread is still the best place for discussion.



    Overview:

    The purpose of this plugin is to restrict access to the contents of chests, dispensers, furnaces, and doors without the use of a database to track containers.

    To use, simply place a signpost on the floor directly beside a chest or other container to be locked. Enter [Private] as the first line. Your own name will automatically be entered on line 2 as the chest owner. Optionally type in the full names of two other users allowed to access the chest's inventory on lines 3 and 4.

    When done correctly, the sign will automatically fix itself to the side the target chest, protecting it from unauthorized access! Only the chest's owner can then break the sign or chest. (Warning: Anyone with permission to use WorldEdit commands or similar can circumvent the protection by removing the sign.)

    [​IMG]

    Additionally, you can enter [Everyone] on lines 3 or 4 instead of a user name to allow everyone access to the contents of a private container, or [Operators] to allow ops access. If a Permissions plugin is available, you can use groups like [Moderator] or [Admins] or others as defined in the Permissions settings files.

    The owner of a container can add more users by placing additional signs beside the container with the heading [More Users], where lines 2-4 specify the names of the additional users. You can edit the users on previously placed signs by right clicking the sign, and using the command '/lockette <line number> <text>' to change it.


    Working with Doors:

    To protect a door, you can use the same method as protecting a container, the sign will attach to the door automatically. In addition, you can attach a [Private] wall sign to any side of the blocks just above or just below a door. For double doors only one side needs a sign. Door support is enabled by default in the config file.

    Once a door is protected it will only open for someone listed as a user, and will not respond to redstone power or switches unless [Everyone] is listed as a user. Iron doors which usually won't open from clicking will work just as wooden doors. In addition, double doors will open together automatically!

    You can also use [More Users] signs as with containers, with the caveat that the sign cannot be placed on the block above the door if the [Private] sign is not above the door as well! (This is done to prevent a security uncertainty issue.)

    Protected doors will be closed automatically if a timer is set. A timer can be set globally with a configuration option, or individually for each door by using the tag [Timer: #] on line 3 or 4 of the [Private] sign, where # is the number of seconds that the door should remain open. If the timer is set to 0, this means the door will never automatically close. If no timer is specified, protected doors will use a global timer set in the configuration file. If the server is shut down cleanly any open doors will be closed, but in the event of a server crash while a door is open, it may remain so. Note that the initial state of a door is assumed to be closed.

    Care must me taken to place protected doors on a stable block. Building a door on sand, gravel, leaves, TNT and et cetera are allowed by the plugin, but cannot be secured fully. :3 Additionally, it should be noted that most status messages still refer to locked blocks as containers, so for the purpose of simplicity, doors should be considered as a type of container.


    Features:
    • No passwords or databases needed!
    • Permission checks run in constant time, no matter how many protected containers.
      • One owner and up to 11 additional users supported. (17 for double chests!)
      • Allows access to [Everyone] while still protecting the container from vandalism.
      • Allows group names in conjunction with many other plugins.
    • Special powers for ops or admins, configurable with permissions.
      • Reports when an admin does something naughty.
    • Protects single and double chests, dispensers, and furnaces.
      • Explosion and block-break protection for the protected container and sign.
        • Option to protect all containers from explosions.
    • Full support for doors, both wooden and iron!
      • Double doors are handled automatically, with no redstone.
      • Doors can be set to close automatically, via a timer setting.
      • Redstone hacking is disabled for protected doors.
    • Prevents creation of chests larger than 2 blocks.
    • Informative or helpful messages when interacting with containers.
      • The first time a chest is placed, a help message will be shown.
      • Types of messages shown are configurable in settings.
      • Additional language support.

    Advanced Setup (Permissions) (open)

    Advanced Setup:
    There are a few things you can now customize in the configuration files for the plugin, found in the plugins/Lockette folder. After running the plugin for the first time, two files will be created, config.yml and strings.yml. The first holds the following settings:
    • enable-permissions - Allows the use of permission nodes to specify who can do what. If this is disabled, groups will still be used but admin status is taken from the ops file. Defaults to false.
    • enable-messages-* - Enables or disables groups of messages listed in the strings.yml file. Not counting the broadcast ones.
    • broadcast-*-target - Sets the group or player that specific broadcast messages should be sent to. This can be set to "" for no one.
    • explosion-protection-all - Enabling this extends explosion protection to all containers on the server, not just [Private] ones. Default is disabled.
    • allow-admin-bypass - Allows admins to go though any protected door. Default is true.
    • allow-admin-snoop - Allows admins to peek into chests owned by other people. Default is false, and this setting is recommended! A broadcast message will be sent each time an admin snoops in a protected container where the admin doesn't have permission to. The message will be sent to a player or group as specified in another option. Admins can still break protection on chests if this is disabled, however.
    • enable-protection-doors - Enables support for private doors, defaults to true.
    • default-door-timer - Sets the door closing timer for all protected doors on the server, unless overridden by a specific sign. Defaults to 0, which disables the door closing timer.
    In the strings.yml file, you can set alternate language tags for [Private] and such, in ANSI format. If you need characters not in ANSI then you might try UTF-8 format, though it seems bugged tight now. The default alternate tags are in French, but server ops are free to translate the whole file into the language of their choice. If you do this, please share it back to me~ :3 If you want to disable only a specific message, you can set it to "", the empty string. Admins can use the command '/lockette reload' after editing the configuration files, to reload them.

    If a Permissions plugin is not available or the enable-permissions option is set to false, Lockette will use the ops file to determine who are admins. Admins can break the protection on any chest, and look inside protected chests (only if the related option is set), as well as reload the plugins configuration files. All non-ops will be able to create protected containers for themselves.

    If a Permissions plugin is available and the enable-permissions option is set to true, the following nodes will be used instead of the ops file and are included by default in the '*' node:
    • lockette.user.create.* - Permission required to create a protected container or door. Possible sub-nodes include chest, dispenser, furnace, and door. (The permission lockette.create.all is still supported, but obsolete.)
    • lockette.admin.create.* - Allows admins to create containers and doors for other users. Possible sub-nodes include chest, dispenser, furnace, and door. Leave line 2 blank for the default behavior or enter the name of your choice. Capitalization matters.
    • lockette.admin.break - Allows breaking protection on containers.
    • lockette.admin.bypass - Allows opening of any locked door.
    • lockette.admin.snoop - Allows peeking in protected containers. (The setting allow-admin-snoop must be true.)
    • lockette.admin.reload - Allows use of the reload command.

    Technical Information (open)

    Technical Information:

    This plugin has been tested and shown to be working for many builds of CraftBucket though a number of the more recent builds had a serious issue, so I'm suggesting a minimum build of 561 now. If you update past what is listed in the post's title and the plugin seems to break, it is probably not my fault. Post a note anyway and I'll see about fixing. I'll try and keep up with the new recommended build system, but for latest builds that break things, you should expect some time to pass before I take care of the issue, as this plugin is now mature. :3

    If there are multiple containers by the placed sign, the plugin will use the NESW rule to choose the first container that is not yet private. To elaborate, the plugin will check to the north of the sign first, and if no container or door is available to the north, it will continue checking clockwise around the sign.

    Due to the current implementation of the explosion event, this plugin will cancel all explosions that would damage the container or sign, rather than just remove the container and sign from the blocks to be damaged. Canceled explosions still knock signs off the walls. Canceled explosions leave signs looking blank, but this is just a graphic glitch, reconnect to fix.

    Bonus: This plugin will prevent chests bigger than 2 blocks from being created via glitches. (Again, this could be circumvented using WorldEdit commands, so take care who has access to such a plugin.)

    This plugin was inspired by the old hmod plugins Lock by Roman "kingseta" Pramberger and ChestCapsule by Fernando "Fergo".

    Hooking into Lockette (open)

    Hooking into Lockette:

    If you are a plugin author and want to connect to Lockette, you can use a public static function to get information about the protected status of a block.

    More info later, perhaps, but if you need the details now then go poke through the source~

    Future Possibilities:

    There are a number of things that have been suggested, and they tend to be added to the list below if I think they might be a good idea. However, some sort of locked container limit is requested often but this is not possible without a database to track the number of locked containers someone has. All things considered, this will not be supported. On the up side, without a database you can have literally millions of locked containers without any sort of lag, and there are permissions to restrict who can create locked chests. Perhaps only allow Moderators to create locked chests for other users, if you don't want to allow infinite locked chests.

    Aside what has already been implemented, the following may or may not appear in future versions:
    • Furnace/dispenser clusters, protected by a single sign.
    • [Log] sign to list recent users of a container or door.
    • iConomy fee for protecting containers/doors.
    • Worldguard connection.
    • [Protected] tag for viewing only.
    • Specific time range that doors can be opened.
    • DataLog plugin support.
    • More types of protected blocks, such as brewing stands.
    If you want any of the above features sooner than never, let me know! However, I currently see Lockette as functionally complete, for the most part, in that it already has all the functionality it needs. Future updates will mostly be to account for changes in Minecraft and Bukkit.


    Final Note:

    Please leave a reply if there are any bugs or suggestions, and if you like this plugin you can click the like button at the bottom of this post~ Thanks to those few that have donated! [​IMG]
     
  2. Offline

    Acru

    There is an ongoing discussion about persistence data in bukkit. Given the apparent popularity of Nijikokun's plugin, however, it may be made official. Time will tell. :3
     
  3. Offline

    Andy Candyman

    A simple yet unbelievably useful plugin
    Exactly what i was looking for

    I thank you for making my life 1000 times easier
     
  4. Offline

    Acru

    Np, you are welcome. XD
     
  5. Offline

    Andy Candyman

    Could you release the source?
    Id love to make it allow OPs to access/modify/create chests for other users <i hate permissions>
     
  6. Offline

    Eric Vyse

    I really appreciate this plugin because ... NO DEPENDENCIES
     
  7. Offline

    SpiiderPig

    It seems that [MoreUsers] isnt working for me, i have a double chest where a Sign with [Private] and 2 names is added. Then i'm going to place another sign with [MoreUsers] infront or beside the chest but it dont get attached and the people cant enter it.

    Bukkit 323 and latest version of the Plugin :)
     
  8. Offline

    Acru

    I have this feature planned and partly coded for version 1.2 of the plugin, using Nijikokun's Permissions plugin, which is entirely optional.

    But if you don't like that plugin, how would you go about telling who are ops and who aren't?
    I could add additional support for another method of determining this? :3

    Edit: Oh, and for the moment I am choosing to reserve the source, but I'm open to suggestions, as I work on the plugin (and a new one) a bit every day.

    --- merged: Feb 19, 2011 10:58 PM ---
    There should be a space between More and Users. Could this be the problem? :3

    As this is a security plugin, I have concerns about people distributing hacked copies of the jar, giving themselves access to all chests. I did not even include any sort of backdoor for myself. :3

    In general, please do not modify someone else's plugins. This can cause trouble for me if users encounter problems and come trying to report the problems to me. (At the very least, add to the plugin.yml something to the plugin name AND version string, eg, "Lockette-mod" and "1.1.4 - modified by <yourname>")

    If you think something should be changed, suggest it to me, this plugin is in active development.

    In version 1.2 of Lockette, I am using the member function Permissions.inGroup() to determine what group a player is in, as an extension of the [Everyone] tag, so you could use a tag like [whitelist] and let users in the whitelist group open the chest. Also some stuff specifically for admins... As for all chests, (even those not protected), I'll think about it.

    Fair enough, though I could ask you what messages you were referring to that you didn't like, and try to do something about it myself?
    --- merged: Feb 20, 2011 2:43 AM ---
    Ah, yes, this would be possible. For denying "guest access" to chests, I could use an option there too.

    This plugin is only 5 days old, after all, so I plan to add stuff as people suggest it. :3

    Language options are an issue I'd considered, but until now I had not gotten any requests for, so I haven't put time into. Do you believe it might be necessary to allow a server operator to customize [Private] into [Privé], via the properties file?


    Good advice~!

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
     
    Last edited by a moderator: May 8, 2016
  9. Offline

    Andy Candyman

    pretty good for 5 days :D

    im looking for a way to list the OPs without opening the raw file directly,
    i hate bukkit documentation more than i hate permissions
     
  10. Offline

    Acru

    You mean the ops.txt file? Not sure if bukkit even loads that. XD
    Though the original MC 1.2 server code must read it somewhere. I'll look into it as well.
     
  11. Offline

    Andy Candyman

    it is java after all; it would probably be easier to just load the text file directly

    EDIT: player.isOp() - i stand corrected
     
  12. Offline

    Advert

    Considering using this, since it looks awesome.
    I have a few questions/suggestions (pardon my laziness in reading the entire thread):
    1) Will signs under chests (e.g no space to put it on the sides, chest is in the ground) work?
    2) Negative names, to be used with groups or [Everyone], would prevent those users from accessing the chest.
    3) Is there a way to toggle op/mod/admin override? I don't like being able to open/modify other's stuff, unless they allow me to.
    4) Do I need a single sign, or multiple signs for a cluster of furnaces (furnaces next to each other, will generally be "owned" by the same person)?
    5) Is there a command to quickly add people to a chest's list? (e.g look at a chest, type /lockette (dis)allow <g:group|<name>> ) -- Would notify if there isn't enough space on the signs
    6) Cluster of chests, although this will probably more difficult implementing without storing data.
    Perhaps store the XYZ coordinates (on a sign, obviously :p) of some signs which detail the "cluster"'s permissions?
     
  13. Offline

    Acru

    Ah, thank you, I see it now, in CommandSender class. :3

    1) No, the sign must occupy a space beside the chest. This is partly to keep the code super fast, and partly to simplify the problem of protecting the block the sign is attached to. (The sign is attached directly to the protected container.)

    2) Though possible, I'm not sure if it is needed. Do you forsee a use for this really, once groups are implemented?

    3) I believe in this as well, though others do not, it will be a per-server configurable option soon. (Defaults will be that full admins can break protection, but not be able to look in protected chests.)

    4) At the moment you need one [Private] sign per container, though this is a reasonable suggestion and I will consider furnace/dispenser clusters in the future. This will require additional steps to maintain security, and due to furnaces being stackable verically too, complexify the [More Users] problem. (That is, checking each [More Users] sign only once. I was reluctant to add the sign in the first place, but~ ;3) There would likely be a limit on the cluster size, to maintain speed.. perhaps 8 is a good number. (One can distribute a stack of coal to 8 furnaces, with 8 coal each, enough for each furnace to melt 64 things.)

    5) Not yet, but there will soon be a way for the owner to change specific lines on a [Private] or [More Users] sign. (Right click the sign and then use a console command.)

    6) This will not be supported, I think, as chests can't be placed contiguously like furnaces or dispensers could be.
     
    Advert likes this.
  14. Offline

    Local_Hostt

    @Acru, I also think it would be good if you find a way to let us customise/translate strings.

    I think I read something about it later in the thread, but it would be awesome to protect doors. To keep it simple, we could use only the block right above the door to place the sign. Is it possible to do?
     
  15. Offline

    godsyn

    Admins should have the ability to modify/edit/destroy/etc w/no restrictions, and without having to use worldedit.
    A simple lockette.admin node would be sufficient.
     
  16. Offline

    Bilkokuya

    Would it be at all possible to have an option for restricted access but still allow destruction?
    I know it sounds silly, but for my server; having indestructible (except for admins) chests is not really possible; the inventory protection aspect is something we do really like though.

    I think in relation to the post above; separate nodes would be more useful, such as:
    lockette.admin.destroy
    lockette.admin.modify
     
  17. Offline

    Acru

    @Local_Hostt, @godsyn, @Bilkokuya

    Yes, this has been discussed above, the to-do list is getting a bit long though to do in a single version, I will have to pick out some of the stuff to do immediately and some to do next version. :3

    Edit: Yay! I got my plugin dev tag~! :3
    Now lets see if I can push out an update today~
    --- merged: Feb 20, 2011 9:29 PM ---
    Incidentally, I meant to say that the problem occurs when you first start up the server. Without a persistent database, the plugin won't know where the signs are and what they say, until they are touched or such so they can be loaded into memory.
     
  18. Offline

    TechnoTy

    Fantastic plugin, since users can lock their own chests I don't have to run around locking things all the time [I'm an OP]
     
  19. Offline

    Advert

    That makes sense, however, I think this would be a useful feature when you want to hide the signs from sight. ( 2011-02-20_11.07.39.png upper chest in the middle, and one at the entrance wouldn't be possible to protect, without removing flooring)
    I don't think the speed impact will be anything to worry about, protecting the block shouldn't be a problem (look up, chest? -> is it protected? ->is remover owner/admin?)

    I can see people wanting this in some cases, but I wouldn't say it'd be a high priority.
    Mainly, if people suspect someone is doing stuff to their chests, but want it public otherwise.

    Awesome!

    For 5), it would be convenient if you could target the chest instead, as the sign may be hidden.

    What I meant, was still a sign per chest, but you could have the sign "point" to another, and use the names listed there.
    --- merged: Feb 21, 2011 1:58 AM ---
    Of course, but I'd like having a toggle for that, I didn't like this when cuboid was around, since you wouldn't know if someone else had reserved a spot unless you constantly checked what cuboid you were in.
     
  20. Offline

    Acru

    The upper chest in the middle you could put a sign under the other chest. Not for the one on the entrance though.

    This is more a cumulative issue, I shall explain;

    To protect a sign from being broken, you must also protect the block it is attached to.

    If the sign isn't attached to a container but just any block, then on breaking any block in the world you must check the 4 blocks around it to see if there is a sign attached, and if so get the text for each sign, before you can determine if the original block is a protected block.

    If you have perhaps 10-30 people on the server with diamond pickaxes all breaking blocks, it adds up fast and could contribute to server lag. Plus there are other plugins which must do a check on each block break as well, like cuboid region protection plugins.

    In the current implementation, such a check only needs to be done for signs (on itself), and chests/furnaces/dispensers (checking for signs in the blocks around them.)

    For this reason, I chose to limit the position of the signs. Sorry.

    Mmm, perhaps it could be the same as right clicking the main [Private] sign, but not the [More Users] signs. And in any case, it is perhaps better to be able to see the signs if you may need to edit them? The way you proposed originally would be a more complex problem, and though it could be done, the time required would perhaps outweigh the benefit. :3 (I'm doing this in my spare time, after all. ;))

    Again, I can see the use for this, but perhaps this adds unnecessary complexity at this point. I have a long to-do list as it is~ I'll put it on the list for the future though, I can see how you could right click the sign, use something like '/lockette link' and then click another sign...
     
  21. Offline

    godsyn

    There is a sign attached to it. Furthermore a notice could be presented in the chat console.
    --- merged: Feb 21, 2011 2:59 AM ---
     
  22. Offline

    Sc1234freak

    Acru,

    Great plug-in by the way. Here is one suggestion though, please make a setting for turning auto sneak on or off in the config and not just a permission. The reason for this, is a vast majority of people that use "Permissions" set their Admin group to have all "*" permissions. In this case, they are auto-sneaked weather they like it or not.

    Sc
     
  23. Offline

    Advert

    Thanks for taking the time to reply, and explain. I know I'm being stubborn, but how about only allowing one block type, and only signs standing up? e.g:
    [chest]
    [wood] <- sign, standing up
    [brickblock] <- configurable (if possible) block, in this case the rather rare brick block

    If you implement the sign pointing, then there probably won't be a need for using the chest instead of the signs to modify the users who can access it, it would certainly be more of a convenience than anything else.
     
  24. Offline

    generalmek

    can u add function for count of chests per user? its prevent some actions
    very nice plugin, rely
     
  25. Offline

    Beetwaaf

    could u pls update to build 405?
     
  26. Offline

    kreaol

    With the latest craftbukkit I was able to get this to work, thank you.

    *Edit*

    Well, at least the craftbukkit I download a couple of days ago.
     
  27. Offline

    Acru

    I'm not sure what you mean by auto-sneak. (Explain auto-sneak and I'll know what you mean for the rest.)

    Stubborn indeed, heh. It might be easier to allow putting a sign post atop the chest... but I think your point is that you want to hide the sign for a chest embeded in the floor.. Actually what would really be easier is removing that one chest at the entrance~ XD

    I'll keep in mind your suggestion but for now you'll have to live with the restriction, due to higher priority things needing doing.

    No, the plugin has no record of the number of locked chests per user, the information isn't obtainable. (Everyone can have unlimited locked chests without slowing server.)

    For some reason bukkit devs decided to block using the plugin constructor, giving me more versioning worries... Looking into this.

    Yer welcome~
     
  28. Offline

    mudzereli

    No issues here, I just wanted to stop by and say that I LOVE this plugin. It makes it so easy for the younger players on my server. Thank you so much!
     
  29. Offline

    Acru

    Yer welcome~ :3
     
  30. Offline

    Local_Hostt

    Feply rail?

    http://forums.bukkit.org/threads/mi...auto-sneak-plugin-to-hide-your-name-302.4869/
     
  31. Offline

    Acru

Share This Page