From b3415d97bb5eb3a551ede6bf154990679df460a8 Mon Sep 17 00:00:00 2001 From: Bilal <39002942+byhlel@users.noreply.github.com> Date: Mon, 23 Sep 2024 06:14:11 +0000 Subject: [PATCH 1/3] refactor: replaced all whitelist and blacklist occurences by allowlist and blocklist We want to demonstrate our openness and inclusiveness in our code Resolves #5275 --- .gitignore | 6 +- docs/Modding-API.md | 6 +- docs/Module-Security.md | 2 +- docs/Playing.md | 8 +- .../engine/HeadlessEnvironment.java | 4 +- .../engine/ModuleEnvironmentTest.java | 6 +- .../terasology/documentation/ApiScraper.java | 6 +- .../apiScraper/CompleteApiScraper.java | 6 +- .../reflection/TypeRegistryTest.java | 8 +- .../engine/core/TerasologyEngine.java | 6 +- ...itelist.java => ExternalApiAllowlist.java} | 4 +- .../engine/core/module/ModuleManager.java | 4 +- .../internal/ServerConnectListManager.java | 90 +++++++++---------- .../nui/layers/mainMenu/SelectGameScreen.java | 16 ++-- .../types/object/SubtypeLayoutBuilder.java | 2 +- 15 files changed, 87 insertions(+), 87 deletions(-) rename engine/src/main/java/org/terasology/engine/core/module/{ExternalApiWhitelist.java => ExternalApiAllowlist.java} (99%) diff --git a/.gitignore b/.gitignore index 8114c1e13ee..5b6891b3326 100644 --- a/.gitignore +++ b/.gitignore @@ -94,9 +94,9 @@ config/metrics/ API_file.txt New_API_file.txt -# Ignore Whitelist and Blacklist files -whitelist.json -blacklist.json +# Ignore Allowlist and Denylist files +allowlist.json +denylist.json # Profiling related terasology.jfr diff --git a/docs/Modding-API.md b/docs/Modding-API.md index 7424c1ae358..ed5065fe078 100644 --- a/docs/Modding-API.md +++ b/docs/Modding-API.md @@ -1,13 +1,13 @@ Modding API ================= -Terasology's engine uses a whitelisting approach to expose an API for modules using two primary methods and a rarely needed third one: +Terasology's engine uses allowlisting approach to expose an API for modules using two primary methods and a rarely needed third one: * Classes or packages marked with the `@API` annotation -* Classes or packages in the basic whitelist defined in `ExternalApiWhitelist.java` +* Classes or packages in the basic allowlist defined in `ExternalApiAllowlist.java` * Rarely blocks of code in the engine may be hit in a way requiring use of `AccessController.doPrivileged(...)` - usually module authors do not need to worry about this but once in a while it could explain something quirky. -This is to both protect the user's system from malicious code (for instance you cannot use `java.io.File` directly) and to better document what is available. If you attempt to use a class not on the whitelist you'll get log message like: +This is to both protect the user's system from malicious code (for instance you cannot use `java.io.File` directly) and to better document what is available. If you attempt to use a class not on the allowlist you'll get log message like: `Denied access to class (not allowed with this module's permissions): some.package.and.class` diff --git a/docs/Module-Security.md b/docs/Module-Security.md index 66ae66f19a8..11d4028d209 100644 --- a/docs/Module-Security.md +++ b/docs/Module-Security.md @@ -44,7 +44,7 @@ The game creates new objects and executes methods on them in response to network Terasology relies on [Gestalt Module Sandboxing](https://github.com/MovingBlocks/gestalt/wiki/Module%20Sandboxing) to protect from these risks of running untrusted JVM code. However, it's up to the application to make sure the sandbox is configured and applied correctly. -* [o.t.engine.core.module.ExternalApiWhitelist](https://github.com/MovingBlocks/Terasology/blob/develop/engine/src/main/java/org/terasology/engine/core/module/ExternalApiWhitelist.java) defines a hardcoded list of allowable packages and classes. +* [o.t.engine.core.module.ExternalApiAllowlist](https://github.com/MovingBlocks/Terasology/blob/develop/engine/src/main/java/org/terasology/engine/core/module/ExternalApiAllowlist.java) defines a hardcoded list of allowable packages and classes. ## ClassLoaders diff --git a/docs/Playing.md b/docs/Playing.md index bcf41abd131..5176bef8d7a 100644 --- a/docs/Playing.md +++ b/docs/Playing.md @@ -143,13 +143,13 @@ Alternatively you can run from source and supply parameters for game configurati This will all become easier as the project and especially the launcher mature further :-) -### Server Whitelist and Blacklist +### Server Allowlist and Denylist -Hosting a server will create a whitelist and a blacklist that can be used to manage who is able to connect to that server. +Hosting a server will create a allowlist and a denylist that can be used to manage who is able to connect to that server. -If the whitelist contains at least one client ID, only the ID(s) on the list will be allowed to connect to the server. All IDs not on the whitelist are effectively blacklisted. +If the allowlist contains at least one client ID, only the ID(s) on the list will be allowed to connect to the server. All IDs not on the allowlist are effectively denylisted. -If the whitelist is empty, any ID not on the blacklist will be able to connect. +If the allowlist is empty, any ID not on the denylist will be able to connect. Client IDs are added to the lists in JSON format, for example: ["6a5f11f7-4038-4ef0-91ac-86cb957588b1","01264d12-27cf-4699-b8e2-bdc92ac8ef73"] diff --git a/engine-tests/src/main/java/org/terasology/engine/HeadlessEnvironment.java b/engine-tests/src/main/java/org/terasology/engine/HeadlessEnvironment.java index b64e3848c3e..f337fbe3aa1 100644 --- a/engine-tests/src/main/java/org/terasology/engine/HeadlessEnvironment.java +++ b/engine-tests/src/main/java/org/terasology/engine/HeadlessEnvironment.java @@ -19,7 +19,7 @@ import org.terasology.engine.core.Time; import org.terasology.engine.core.bootstrap.EntitySystemSetupUtil; import org.terasology.engine.core.modes.loadProcesses.LoadPrefabs; -import org.terasology.engine.core.module.ExternalApiWhitelist; +import org.terasology.engine.core.module.ExternalApiAllowlist; import org.terasology.engine.core.module.ModuleManager; import org.terasology.engine.core.subsystem.headless.assets.HeadlessMaterial; import org.terasology.engine.core.subsystem.headless.assets.HeadlessMesh; @@ -264,7 +264,7 @@ protected void setupConfig() { @Override protected void setupModuleManager(Set moduleNames) throws RuntimeException { - TypeRegistry.WHITELISTED_CLASSES = ExternalApiWhitelist.CLASSES.stream().map(Class::getName).collect(Collectors.toSet()); + TypeRegistry.WHITELISTED_CLASSES = ExternalApiAllowlist.CLASSES.stream().map(Class::getName).collect(Collectors.toSet()); ModuleManager moduleManager = ModuleManagerFactory.create(); ModuleTypeRegistry typeRegistry = new ModuleTypeRegistry(moduleManager.getEnvironment()); diff --git a/engine-tests/src/main/java/org/terasology/engine/ModuleEnvironmentTest.java b/engine-tests/src/main/java/org/terasology/engine/ModuleEnvironmentTest.java index b5444fa1599..f73b7c4facc 100644 --- a/engine-tests/src/main/java/org/terasology/engine/ModuleEnvironmentTest.java +++ b/engine-tests/src/main/java/org/terasology/engine/ModuleEnvironmentTest.java @@ -6,7 +6,7 @@ import org.junit.jupiter.api.Tag; import org.junit.jupiter.api.io.TempDir; import org.terasology.engine.core.PathManager; -import org.terasology.engine.core.module.ExternalApiWhitelist; +import org.terasology.engine.core.module.ExternalApiAllowlist; import org.terasology.engine.core.module.ModuleManager; import org.terasology.engine.testUtil.ModuleManagerFactory; import org.terasology.reflection.ModuleTypeRegistry; @@ -26,8 +26,8 @@ public void before(@TempDir Path tempHome) throws IOException { PathManager.getInstance().useOverrideHomePath(tempHome); moduleManager = ModuleManagerFactory.create(); - TypeRegistry.WHITELISTED_CLASSES = ExternalApiWhitelist.CLASSES.stream().map(Class::getName).collect(Collectors.toSet()); - TypeRegistry.WHITELISTED_PACKAGES = ExternalApiWhitelist.PACKAGES; + TypeRegistry.WHITELISTED_CLASSES = ExternalApiAllowlist.CLASSES.stream().map(Class::getName).collect(Collectors.toSet()); + TypeRegistry.WHITELISTED_PACKAGES = ExternalApiAllowlist.PACKAGES; typeRegistry = new ModuleTypeRegistry(moduleManager.getEnvironment()); setup(); diff --git a/engine-tests/src/test/java/org/terasology/documentation/ApiScraper.java b/engine-tests/src/test/java/org/terasology/documentation/ApiScraper.java index df8c071036f..168fb4fb340 100644 --- a/engine-tests/src/test/java/org/terasology/documentation/ApiScraper.java +++ b/engine-tests/src/test/java/org/terasology/documentation/ApiScraper.java @@ -6,7 +6,7 @@ import com.google.common.collect.SortedSetMultimap; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.terasology.engine.core.module.ExternalApiWhitelist; +import org.terasology.engine.core.module.ExternalApiAllowlist; import org.terasology.engine.core.module.ModuleManager; import org.terasology.engine.testUtil.ModuleManagerFactory; import org.terasology.gestalt.module.ModuleEnvironment; @@ -99,9 +99,9 @@ public static void main(String[] args) throws Exception { LOGGER.info("Unknown protocol for: {}, came from {}", apiClass, location); } } - sortedApi.putAll("external", ExternalApiWhitelist.CLASSES.stream() + sortedApi.putAll("external", ExternalApiAllowlist.CLASSES.stream() .map(clazz -> clazz.getName() + " (CLASS)").collect(Collectors.toSet())); - sortedApi.putAll("external", ExternalApiWhitelist.PACKAGES.stream() + sortedApi.putAll("external", ExternalApiAllowlist.PACKAGES.stream() .map(packagee -> packagee + " (PACKAGE)").collect(Collectors.toSet())); System.out.println("# Modding API:\n"); diff --git a/engine-tests/src/test/java/org/terasology/documentation/apiScraper/CompleteApiScraper.java b/engine-tests/src/test/java/org/terasology/documentation/apiScraper/CompleteApiScraper.java index 0ad8412a59e..ff1769abe02 100644 --- a/engine-tests/src/test/java/org/terasology/documentation/apiScraper/CompleteApiScraper.java +++ b/engine-tests/src/test/java/org/terasology/documentation/apiScraper/CompleteApiScraper.java @@ -6,7 +6,7 @@ import com.google.common.collect.Multimaps; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.terasology.engine.core.module.ExternalApiWhitelist; +import org.terasology.engine.core.module.ExternalApiAllowlist; import org.terasology.engine.core.module.ModuleManager; import org.terasology.engine.testUtil.ModuleManagerFactory; import org.terasology.gestalt.module.ModuleEnvironment; @@ -100,9 +100,9 @@ static StringBuffer getApi() throws Exception { logger.error("Unknown protocol for: {} , came from {}", apiClass, location); } } - api.putAll(EXTERNAL, ExternalApiWhitelist.CLASSES.stream() + api.putAll(EXTERNAL, ExternalApiAllowlist.CLASSES.stream() .map(clazz -> clazz.getName() + " (CLASS)").collect(Collectors.toSet())); - api.putAll(EXTERNAL, ExternalApiWhitelist.PACKAGES.stream() + api.putAll(EXTERNAL, ExternalApiAllowlist.PACKAGES.stream() .map(packagee -> packagee + " (PACKAGE)").collect(Collectors.toSet())); //Puts the information in the StringBuffer diff --git a/engine-tests/src/test/java/org/terasology/reflection/TypeRegistryTest.java b/engine-tests/src/test/java/org/terasology/reflection/TypeRegistryTest.java index 311ea4a98af..d3aa65fcede 100644 --- a/engine-tests/src/test/java/org/terasology/reflection/TypeRegistryTest.java +++ b/engine-tests/src/test/java/org/terasology/reflection/TypeRegistryTest.java @@ -6,7 +6,7 @@ import org.junit.jupiter.api.Test; import org.reflections.Reflections; import org.terasology.engine.ModuleEnvironmentTest; -import org.terasology.engine.core.module.ExternalApiWhitelist; +import org.terasology.engine.core.module.ExternalApiAllowlist; import org.terasology.gestalt.entitysystem.component.Component; import org.terasology.gestalt.naming.Name; @@ -49,10 +49,10 @@ public void testModuleTypes() { // TODO: Re-enable as gradlew check seems to still stall even with the Ignore in place? @Disabled("Seems to intermittently stall, at least on Win10") @Test - public void testWhitelistedTypes() { + public void testAllowlistedTypes() { Set> allTypes = typeRegistry.getSubtypesOf(Object.class); - for (Class whitelisted : ExternalApiWhitelist.CLASSES) { - assumeTrue(allTypes.contains(whitelisted), () -> allTypes.toString() + " should contain " + whitelisted.getName()); + for (Class allowlisted : ExternalApiAllowlist.CLASSES) { + assumeTrue(allTypes.contains(allowlisted), () -> allTypes.toString() + " should contain " + allowlisted.getName()); } } } diff --git a/engine/src/main/java/org/terasology/engine/core/TerasologyEngine.java b/engine/src/main/java/org/terasology/engine/core/TerasologyEngine.java index 9b704e6ffb7..812b519b9f1 100644 --- a/engine/src/main/java/org/terasology/engine/core/TerasologyEngine.java +++ b/engine/src/main/java/org/terasology/engine/core/TerasologyEngine.java @@ -14,7 +14,7 @@ import org.terasology.engine.context.internal.ContextImpl; import org.terasology.engine.core.bootstrap.EnvironmentSwitchHandler; import org.terasology.engine.core.modes.GameState; -import org.terasology.engine.core.module.ExternalApiWhitelist; +import org.terasology.engine.core.module.ExternalApiAllowlist; import org.terasology.engine.core.module.ModuleManager; import org.terasology.engine.core.subsystem.DisplayDevice; import org.terasology.engine.core.subsystem.EngineSubsystem; @@ -327,8 +327,8 @@ private void initManagers() { changeStatus(TerasologyEngineStatus.INITIALIZING_MODULE_MANAGER); TypeRegistry.WHITELISTED_CLASSES = - ExternalApiWhitelist.CLASSES.stream().map(Class::getName).collect(Collectors.toSet()); - TypeRegistry.WHITELISTED_PACKAGES = ExternalApiWhitelist.PACKAGES; + ExternalApiAllowlist.CLASSES.stream().map(Class::getName).collect(Collectors.toSet()); + TypeRegistry.WHITELISTED_PACKAGES = ExternalApiAllowlist.PACKAGES; ModuleManager moduleManager = new ModuleManager(rootContext.get(Config.class), classesOnClasspathsToAddToEngine); diff --git a/engine/src/main/java/org/terasology/engine/core/module/ExternalApiWhitelist.java b/engine/src/main/java/org/terasology/engine/core/module/ExternalApiAllowlist.java similarity index 99% rename from engine/src/main/java/org/terasology/engine/core/module/ExternalApiWhitelist.java rename to engine/src/main/java/org/terasology/engine/core/module/ExternalApiAllowlist.java index e93d9ab45e8..0b4542cbb5b 100644 --- a/engine/src/main/java/org/terasology/engine/core/module/ExternalApiWhitelist.java +++ b/engine/src/main/java/org/terasology/engine/core/module/ExternalApiAllowlist.java @@ -10,7 +10,7 @@ import java.lang.reflect.InvocationTargetException; import java.util.Set; -public final class ExternalApiWhitelist { +public final class ExternalApiAllowlist { private static final Set NUI_PACKAGES = new ImmutableSet.Builder() .add("org.terasology.input") .add("org.terasology.input.device") @@ -188,6 +188,6 @@ public final class ExternalApiWhitelist { .add(org.terasology.reflection.metadata.FieldMetadata.class) .build(); - private ExternalApiWhitelist() { + private ExternalApiAllowlist() { } } diff --git a/engine/src/main/java/org/terasology/engine/core/module/ModuleManager.java b/engine/src/main/java/org/terasology/engine/core/module/ModuleManager.java index 997d5382453..2c008c8f3d8 100644 --- a/engine/src/main/java/org/terasology/engine/core/module/ModuleManager.java +++ b/engine/src/main/java/org/terasology/engine/core/module/ModuleManager.java @@ -256,8 +256,8 @@ private static ModuleMetadataJsonAdapter newMetadataReader() { private void setupSandbox() { PermissionSet permissionSet = permissionProviderFactory.getBasePermissionSet(); - ExternalApiWhitelist.CLASSES.forEach(permissionSet::addAPIClass); - ExternalApiWhitelist.PACKAGES.forEach(permissionSet::addAPIPackage); + ExternalApiAllowlist.CLASSES.forEach(permissionSet::addAPIClass); + ExternalApiAllowlist.PACKAGES.forEach(permissionSet::addAPIPackage); APIScanner apiScanner = new APIScanner(permissionProviderFactory); for (Module module : registry) { diff --git a/engine/src/main/java/org/terasology/engine/network/internal/ServerConnectListManager.java b/engine/src/main/java/org/terasology/engine/network/internal/ServerConnectListManager.java index 2763485aad6..1c91de0fd88 100644 --- a/engine/src/main/java/org/terasology/engine/network/internal/ServerConnectListManager.java +++ b/engine/src/main/java/org/terasology/engine/network/internal/ServerConnectListManager.java @@ -19,7 +19,7 @@ /** * This class provides the methods needed to determine if a client is allowed to connect or not, - * based on the blacklist and whitelist files. + * based on the denylist and allowlist files. */ public class ServerConnectListManager { @@ -28,14 +28,14 @@ public class ServerConnectListManager { private static final Gson GSON = new Gson(); private Context context; - private Set blacklistedIDs; - private Set whitelistedIDs; - private final Path blacklistPath; - private final Path whitelistPath; + private Set denylistedIDs; + private Set allowlistedIDs; + private final Path denylistPath; + private final Path allowlistPath; public ServerConnectListManager(Context context) { - blacklistPath = PathManager.getInstance().getHomePath().resolve("blacklist.json"); - whitelistPath = PathManager.getInstance().getHomePath().resolve("whitelist.json"); + denylistPath = PathManager.getInstance().getHomePath().resolve("denylist.json"); + allowlistPath = PathManager.getInstance().getHomePath().resolve("allowlist.json"); this.context = context; loadLists(); } @@ -44,29 +44,29 @@ public ServerConnectListManager(Context context) { private void loadLists() { try { if (createFiles()) { - blacklistedIDs = GSON.fromJson(Files.newBufferedReader(blacklistPath), Set.class); - whitelistedIDs = GSON.fromJson(Files.newBufferedReader(whitelistPath), Set.class); - if (blacklistedIDs == null) { - blacklistedIDs = new HashSet<>(); + denylistedIDs = GSON.fromJson(Files.newBufferedReader(denylistPath), Set.class); + allowlistedIDs = GSON.fromJson(Files.newBufferedReader(allowlistPath), Set.class); + if (denylistedIDs == null) { + denylistedIDs = new HashSet<>(); } - if (whitelistedIDs == null) { - whitelistedIDs = new HashSet<>(); + if (allowlistedIDs == null) { + allowlistedIDs = new HashSet<>(); } } } catch (IOException e) { - logger.error("Whitelist or blacklist files not found:", e); + logger.error("Allowlist or denylist files not found:", e); } } private void saveLists() { try { if (createFiles()) { - Writer blacklistWriter = Files.newBufferedWriter(blacklistPath); - Writer whitelistWriter = Files.newBufferedWriter(whitelistPath); - blacklistWriter.write(GSON.toJson(blacklistedIDs)); - whitelistWriter.write(GSON.toJson(whitelistedIDs)); - blacklistWriter.close(); - whitelistWriter.close(); + Writer denylistWriter = Files.newBufferedWriter(denylistPath); + Writer allowlistWriter = Files.newBufferedWriter(allowlistPath); + denylistWriter.write(GSON.toJson(denylistedIDs)); + allowlistWriter.write(GSON.toJson(allowlistedIDs)); + denylistWriter.close(); + allowlistWriter.close(); } } catch (IOException e) { e.printStackTrace(); @@ -78,63 +78,63 @@ private boolean createFiles() throws IOException { if (display == null || !display.isHeadless()) { return false; } - if (!Files.exists(blacklistPath)) { - Files.createFile(blacklistPath); + if (!Files.exists(denylistPath)) { + Files.createFile(denylistPath); } - if (!Files.exists(whitelistPath)) { - Files.createFile(whitelistPath); + if (!Files.exists(allowlistPath)) { + Files.createFile(allowlistPath); } return true; } public String getErrorMessage(String clientID) { - if (isClientBlacklisted(clientID)) { - return "client on blacklist"; + if (isClientDenylisted(clientID)) { + return "client on denylist"; } - if (!isClientWhitelisted(clientID)) { - return "client not on whitelist"; + if (!isClientAllowlisted(clientID)) { + return "client not on allowlist"; } return null; } @SuppressWarnings("BooleanMethodIsAlwaysInverted") public boolean isClientAllowedToConnect(String clientID) { - return !isClientBlacklisted(clientID) && isClientWhitelisted(clientID); + return !isClientDenylisted(clientID) && isClientAllowlisted(clientID); } - public void addToWhitelist(String clientID) { - whitelistedIDs.add(clientID); + public void addToAllowlist(String clientID) { + allowlistedIDs.add(clientID); saveLists(); } - public void removeFromWhitelist(String clientID) { - whitelistedIDs.remove(clientID); + public void removeFromAllowlist(String clientID) { + allowlistedIDs.remove(clientID); saveLists(); } - public Set getWhitelist() { - return Collections.unmodifiableSet(whitelistedIDs); + public Set getAllowlist() { + return Collections.unmodifiableSet(allowlistedIDs); } - public void addToBlacklist(String clientID) { - blacklistedIDs.add(clientID); + public void addToDenylist(String clientID) { + denylistedIDs.add(clientID); saveLists(); } - public void removeFromBlacklist(String clientID) { - blacklistedIDs.remove(clientID); + public void removeFromDenylist(String clientID) { + denylistedIDs.remove(clientID); saveLists(); } - public Set getBlacklist() { - return Collections.unmodifiableSet(blacklistedIDs); + public Set getDenylist() { + return Collections.unmodifiableSet(denylistedIDs); } - private boolean isClientBlacklisted(String clientID) { - return blacklistedIDs != null && blacklistedIDs.contains(clientID); + private boolean isClientDenylisted(String clientID) { + return denylistedIDs != null && denylistedIDs.contains(clientID); } - private boolean isClientWhitelisted(String clientID) { - return whitelistedIDs == null || whitelistedIDs.isEmpty() || whitelistedIDs.contains(clientID); + private boolean isClientAllowlisted(String clientID) { + return allowlistedIDs == null || allowlistedIDs.isEmpty() || allowlistedIDs.contains(clientID); } } diff --git a/engine/src/main/java/org/terasology/engine/rendering/nui/layers/mainMenu/SelectGameScreen.java b/engine/src/main/java/org/terasology/engine/rendering/nui/layers/mainMenu/SelectGameScreen.java index c56498d7f95..293a07ed19f 100644 --- a/engine/src/main/java/org/terasology/engine/rendering/nui/layers/mainMenu/SelectGameScreen.java +++ b/engine/src/main/java/org/terasology/engine/rendering/nui/layers/mainMenu/SelectGameScreen.java @@ -149,20 +149,20 @@ public void onOpened() { private void loadGame(GameInfo item) { if (isLoadingAsServer()) { - Path blacklistPath = PathManager.getInstance().getHomePath().resolve("blacklist.json"); - Path whitelistPath = PathManager.getInstance().getHomePath().resolve("whitelist.json"); - if (!Files.exists(blacklistPath)) { + Path denylistPath = PathManager.getInstance().getHomePath().resolve("denylist.json"); + Path allowlistPath = PathManager.getInstance().getHomePath().resolve("allowlist.json"); + if (!Files.exists(denylistPath)) { try { - Files.createFile(blacklistPath); + Files.createFile(denylistPath); } catch (IOException e) { - logger.error("IO Exception on blacklist generation", e); + logger.error("IO Exception on denylist generation", e); } } - if (!Files.exists(whitelistPath)) { + if (!Files.exists(allowlistPath)) { try { - Files.createFile(whitelistPath); + Files.createFile(allowlistPath); } catch (IOException e) { - logger.error("IO Exception on whitelist generation", e); + logger.error("IO Exception on allowlist generation", e); } } } diff --git a/engine/src/main/java/org/terasology/engine/rendering/nui/widgets/types/object/SubtypeLayoutBuilder.java b/engine/src/main/java/org/terasology/engine/rendering/nui/widgets/types/object/SubtypeLayoutBuilder.java index 531c6278db0..2f97113fc3e 100644 --- a/engine/src/main/java/org/terasology/engine/rendering/nui/widgets/types/object/SubtypeLayoutBuilder.java +++ b/engine/src/main/java/org/terasology/engine/rendering/nui/widgets/types/object/SubtypeLayoutBuilder.java @@ -65,7 +65,7 @@ public SubtypeLayoutBuilder(TypeInfo baseType, List> allowedSubclasses = typeRegistry.getSubtypesOf(baseType.getRawType()) .stream() - // Type must come from an allowed module or be in the whitelist + // Type must come from an allowed module or be in the allowlist .filter(clazz -> allowedProvidingModules.contains(getModuleProviding(clazz)) || permissionProvider.isPermitted(clazz)) // Filter public, instantiable types From a0a4b91356c5b61e0ddea4d707e96be86b22b944 Mon Sep 17 00:00:00 2001 From: Bilal <39002942+byhlel@users.noreply.github.com> Date: Thu, 26 Sep 2024 04:51:08 +0000 Subject: [PATCH 2/3] refactor: allow-deny lists refactor also allows for backwards compatibility Code strucutre is different in SelectGameScreen and ServerConnectListManager due to compiling error otherwise. We check if path exist then we set the value if it does, otherwise it applies "previous" behaviour (meaning in case if even blacklist or whitelist) do not exist it sets the file to null. So no different behaviour is to be expected. --- .gitignore | 4 +++- docs/Modding-API.md | 2 +- .../internal/ServerConnectListManager.java | 16 ++++++++++++++-- .../nui/layers/mainMenu/SelectGameScreen.java | 7 +++++++ 4 files changed, 25 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index 5b6891b3326..eb905b576f0 100644 --- a/.gitignore +++ b/.gitignore @@ -94,9 +94,11 @@ config/metrics/ API_file.txt New_API_file.txt -# Ignore Allowlist and Denylist files +# Ignore Allowlist and Denylist files (Whitelist and Blacklist are old filenames) allowlist.json denylist.json +whitelist.json +blacklist.json # Profiling related terasology.jfr diff --git a/docs/Modding-API.md b/docs/Modding-API.md index ed5065fe078..d2e81b2c284 100644 --- a/docs/Modding-API.md +++ b/docs/Modding-API.md @@ -1,7 +1,7 @@ Modding API ================= -Terasology's engine uses allowlisting approach to expose an API for modules using two primary methods and a rarely needed third one: +Terasology's engine uses an allowlisting approach to expose an API for modules using two primary methods and a rarely needed third one: * Classes or packages marked with the `@API` annotation * Classes or packages in the basic allowlist defined in `ExternalApiAllowlist.java` diff --git a/engine/src/main/java/org/terasology/engine/network/internal/ServerConnectListManager.java b/engine/src/main/java/org/terasology/engine/network/internal/ServerConnectListManager.java index 1c91de0fd88..c2189f19abd 100644 --- a/engine/src/main/java/org/terasology/engine/network/internal/ServerConnectListManager.java +++ b/engine/src/main/java/org/terasology/engine/network/internal/ServerConnectListManager.java @@ -34,8 +34,20 @@ public class ServerConnectListManager { private final Path allowlistPath; public ServerConnectListManager(Context context) { - denylistPath = PathManager.getInstance().getHomePath().resolve("denylist.json"); - allowlistPath = PathManager.getInstance().getHomePath().resolve("allowlist.json"); + // although this seems redundant, compiler wouldn't accept assigning then checking + if (Files.exists(PathManager.getInstance().getHomePath().resolve("denylist.json"))) { + denylistPath = PathManager.getInstance().getHomePath().resolve("denylist.json"); + } + else { + denylistPath = PathManager.getInstance().getHomePath().resolve("blacklist.json"); + } + // although this seems redundant, compiler wouldn't accept assigning then checking + if (Files.exists(PathManager.getInstance().getHomePath().resolve("allowlist.json"))) { + allowlistPath = PathManager.getInstance().getHomePath().resolve("allowlist.json"); + } + else { + allowlistPath = PathManager.getInstance().getHomePath().resolve("whitelist.json"); + } this.context = context; loadLists(); } diff --git a/engine/src/main/java/org/terasology/engine/rendering/nui/layers/mainMenu/SelectGameScreen.java b/engine/src/main/java/org/terasology/engine/rendering/nui/layers/mainMenu/SelectGameScreen.java index 293a07ed19f..af6e05371a6 100644 --- a/engine/src/main/java/org/terasology/engine/rendering/nui/layers/mainMenu/SelectGameScreen.java +++ b/engine/src/main/java/org/terasology/engine/rendering/nui/layers/mainMenu/SelectGameScreen.java @@ -151,6 +151,13 @@ private void loadGame(GameInfo item) { if (isLoadingAsServer()) { Path denylistPath = PathManager.getInstance().getHomePath().resolve("denylist.json"); Path allowlistPath = PathManager.getInstance().getHomePath().resolve("allowlist.json"); + if (!Files.exists(denylistPath)) { + denylistPath = PathManager.getInstance().getHomePath().resolve("blacklist.json"); + } + + if (!Files.exists(allowlistPath)) { + allowlistPath = PathManager.getInstance().getHomePath().resolve("whitelist.json"); + } if (!Files.exists(denylistPath)) { try { Files.createFile(denylistPath); From 5f7294f35bbfb0bd144f32f77ee539f5d5b933bd Mon Sep 17 00:00:00 2001 From: jdrueckert Date: Sun, 29 Sep 2024 16:03:10 +0200 Subject: [PATCH 3/3] chore: fix checkstyle RightCurlyCheck errors --- .../engine/network/internal/ServerConnectListManager.java | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/engine/src/main/java/org/terasology/engine/network/internal/ServerConnectListManager.java b/engine/src/main/java/org/terasology/engine/network/internal/ServerConnectListManager.java index c2189f19abd..21e769167f1 100644 --- a/engine/src/main/java/org/terasology/engine/network/internal/ServerConnectListManager.java +++ b/engine/src/main/java/org/terasology/engine/network/internal/ServerConnectListManager.java @@ -37,15 +37,13 @@ public ServerConnectListManager(Context context) { // although this seems redundant, compiler wouldn't accept assigning then checking if (Files.exists(PathManager.getInstance().getHomePath().resolve("denylist.json"))) { denylistPath = PathManager.getInstance().getHomePath().resolve("denylist.json"); - } - else { + } else { denylistPath = PathManager.getInstance().getHomePath().resolve("blacklist.json"); } // although this seems redundant, compiler wouldn't accept assigning then checking if (Files.exists(PathManager.getInstance().getHomePath().resolve("allowlist.json"))) { allowlistPath = PathManager.getInstance().getHomePath().resolve("allowlist.json"); - } - else { + } else { allowlistPath = PathManager.getInstance().getHomePath().resolve("whitelist.json"); } this.context = context;