[SEC] Lockette - Simple chest and door lock, no databases! [Moved to BukkitDev]

Discussion in 'Inactive/Unsupported Plugins' started by Acru, Feb 14, 2011.

  1. Offline

    Acru

    Lockette - The sign-based container and door lock for Bukkit! - by Acru Jovian

    ElgarL has been assigned as the current maintainer of this project, please forward any important issues to him as well. This post is abandoned, but proceed to BukkitDev for updates.

    Download it at BukkitDev! (Alternate) (JAR) (Source), also view the Change Log on BukkitDev.



    Supported external plugins:
    • Permissions - Permissions/Groups
    • GroupManager - Permissions/Groups
    • PermissionsBukkit - SuperPerms/Groups
    • PermissionsEx - SuperPerms/Groups
    • bPermissions- SuperPerms/Groups
    • Towny - Groups/Zones
    • SimpleClans - Groups
    • mcMMO - Groups (Disabled by default now, due to issues.)
    • Factions - Groups
    • LWC - Zones
    • Register - Economy
    Alternate languages included:
    Confirmed compatible plugins: ColorSign, SpeedSign.
    Conflicting plugins: ChestShop, Most sign editors!


    The active Lockette information page will commute to BukkitDev soon, but the forum thread is still the best place for discussion.



    Overview:

    The purpose of this plugin is to restrict access to the contents of chests, dispensers, furnaces, and doors without the use of a database to track containers.

    To use, simply place a signpost on the floor directly beside a chest or other container to be locked. Enter [Private] as the first line. Your own name will automatically be entered on line 2 as the chest owner. Optionally type in the full names of two other users allowed to access the chest's inventory on lines 3 and 4.

    When done correctly, the sign will automatically fix itself to the side the target chest, protecting it from unauthorized access! Only the chest's owner can then break the sign or chest. (Warning: Anyone with permission to use WorldEdit commands or similar can circumvent the protection by removing the sign.)

    [​IMG]

    Additionally, you can enter [Everyone] on lines 3 or 4 instead of a user name to allow everyone access to the contents of a private container, or [Operators] to allow ops access. If a Permissions plugin is available, you can use groups like [Moderator] or [Admins] or others as defined in the Permissions settings files.

    The owner of a container can add more users by placing additional signs beside the container with the heading [More Users], where lines 2-4 specify the names of the additional users. You can edit the users on previously placed signs by right clicking the sign, and using the command '/lockette <line number> <text>' to change it.


    Working with Doors:

    To protect a door, you can use the same method as protecting a container, the sign will attach to the door automatically. In addition, you can attach a [Private] wall sign to any side of the blocks just above or just below a door. For double doors only one side needs a sign. Door support is enabled by default in the config file.

    Once a door is protected it will only open for someone listed as a user, and will not respond to redstone power or switches unless [Everyone] is listed as a user. Iron doors which usually won't open from clicking will work just as wooden doors. In addition, double doors will open together automatically!

    You can also use [More Users] signs as with containers, with the caveat that the sign cannot be placed on the block above the door if the [Private] sign is not above the door as well! (This is done to prevent a security uncertainty issue.)

    Protected doors will be closed automatically if a timer is set. A timer can be set globally with a configuration option, or individually for each door by using the tag [Timer: #] on line 3 or 4 of the [Private] sign, where # is the number of seconds that the door should remain open. If the timer is set to 0, this means the door will never automatically close. If no timer is specified, protected doors will use a global timer set in the configuration file. If the server is shut down cleanly any open doors will be closed, but in the event of a server crash while a door is open, it may remain so. Note that the initial state of a door is assumed to be closed.

    Care must me taken to place protected doors on a stable block. Building a door on sand, gravel, leaves, TNT and et cetera are allowed by the plugin, but cannot be secured fully. :3 Additionally, it should be noted that most status messages still refer to locked blocks as containers, so for the purpose of simplicity, doors should be considered as a type of container.


    Features:
    • No passwords or databases needed!
    • Permission checks run in constant time, no matter how many protected containers.
      • One owner and up to 11 additional users supported. (17 for double chests!)
      • Allows access to [Everyone] while still protecting the container from vandalism.
      • Allows group names in conjunction with many other plugins.
    • Special powers for ops or admins, configurable with permissions.
      • Reports when an admin does something naughty.
    • Protects single and double chests, dispensers, and furnaces.
      • Explosion and block-break protection for the protected container and sign.
        • Option to protect all containers from explosions.
    • Full support for doors, both wooden and iron!
      • Double doors are handled automatically, with no redstone.
      • Doors can be set to close automatically, via a timer setting.
      • Redstone hacking is disabled for protected doors.
    • Prevents creation of chests larger than 2 blocks.
    • Informative or helpful messages when interacting with containers.
      • The first time a chest is placed, a help message will be shown.
      • Types of messages shown are configurable in settings.
      • Additional language support.

    Advanced Setup (Permissions) (open)

    Advanced Setup:
    There are a few things you can now customize in the configuration files for the plugin, found in the plugins/Lockette folder. After running the plugin for the first time, two files will be created, config.yml and strings.yml. The first holds the following settings:
    • enable-permissions - Allows the use of permission nodes to specify who can do what. If this is disabled, groups will still be used but admin status is taken from the ops file. Defaults to false.
    • enable-messages-* - Enables or disables groups of messages listed in the strings.yml file. Not counting the broadcast ones.
    • broadcast-*-target - Sets the group or player that specific broadcast messages should be sent to. This can be set to "" for no one.
    • explosion-protection-all - Enabling this extends explosion protection to all containers on the server, not just [Private] ones. Default is disabled.
    • allow-admin-bypass - Allows admins to go though any protected door. Default is true.
    • allow-admin-snoop - Allows admins to peek into chests owned by other people. Default is false, and this setting is recommended! A broadcast message will be sent each time an admin snoops in a protected container where the admin doesn't have permission to. The message will be sent to a player or group as specified in another option. Admins can still break protection on chests if this is disabled, however.
    • enable-protection-doors - Enables support for private doors, defaults to true.
    • default-door-timer - Sets the door closing timer for all protected doors on the server, unless overridden by a specific sign. Defaults to 0, which disables the door closing timer.
    In the strings.yml file, you can set alternate language tags for [Private] and such, in ANSI format. If you need characters not in ANSI then you might try UTF-8 format, though it seems bugged tight now. The default alternate tags are in French, but server ops are free to translate the whole file into the language of their choice. If you do this, please share it back to me~ :3 If you want to disable only a specific message, you can set it to "", the empty string. Admins can use the command '/lockette reload' after editing the configuration files, to reload them.

    If a Permissions plugin is not available or the enable-permissions option is set to false, Lockette will use the ops file to determine who are admins. Admins can break the protection on any chest, and look inside protected chests (only if the related option is set), as well as reload the plugins configuration files. All non-ops will be able to create protected containers for themselves.

    If a Permissions plugin is available and the enable-permissions option is set to true, the following nodes will be used instead of the ops file and are included by default in the '*' node:
    • lockette.user.create.* - Permission required to create a protected container or door. Possible sub-nodes include chest, dispenser, furnace, and door. (The permission lockette.create.all is still supported, but obsolete.)
    • lockette.admin.create.* - Allows admins to create containers and doors for other users. Possible sub-nodes include chest, dispenser, furnace, and door. Leave line 2 blank for the default behavior or enter the name of your choice. Capitalization matters.
    • lockette.admin.break - Allows breaking protection on containers.
    • lockette.admin.bypass - Allows opening of any locked door.
    • lockette.admin.snoop - Allows peeking in protected containers. (The setting allow-admin-snoop must be true.)
    • lockette.admin.reload - Allows use of the reload command.

    Technical Information (open)

    Technical Information:

    This plugin has been tested and shown to be working for many builds of CraftBucket though a number of the more recent builds had a serious issue, so I'm suggesting a minimum build of 561 now. If you update past what is listed in the post's title and the plugin seems to break, it is probably not my fault. Post a note anyway and I'll see about fixing. I'll try and keep up with the new recommended build system, but for latest builds that break things, you should expect some time to pass before I take care of the issue, as this plugin is now mature. :3

    If there are multiple containers by the placed sign, the plugin will use the NESW rule to choose the first container that is not yet private. To elaborate, the plugin will check to the north of the sign first, and if no container or door is available to the north, it will continue checking clockwise around the sign.

    Due to the current implementation of the explosion event, this plugin will cancel all explosions that would damage the container or sign, rather than just remove the container and sign from the blocks to be damaged. Canceled explosions still knock signs off the walls. Canceled explosions leave signs looking blank, but this is just a graphic glitch, reconnect to fix.

    Bonus: This plugin will prevent chests bigger than 2 blocks from being created via glitches. (Again, this could be circumvented using WorldEdit commands, so take care who has access to such a plugin.)

    This plugin was inspired by the old hmod plugins Lock by Roman "kingseta" Pramberger and ChestCapsule by Fernando "Fergo".

    Hooking into Lockette (open)

    Hooking into Lockette:

    If you are a plugin author and want to connect to Lockette, you can use a public static function to get information about the protected status of a block.

    More info later, perhaps, but if you need the details now then go poke through the source~

    Future Possibilities:

    There are a number of things that have been suggested, and they tend to be added to the list below if I think they might be a good idea. However, some sort of locked container limit is requested often but this is not possible without a database to track the number of locked containers someone has. All things considered, this will not be supported. On the up side, without a database you can have literally millions of locked containers without any sort of lag, and there are permissions to restrict who can create locked chests. Perhaps only allow Moderators to create locked chests for other users, if you don't want to allow infinite locked chests.

    Aside what has already been implemented, the following may or may not appear in future versions:
    • Furnace/dispenser clusters, protected by a single sign.
    • [Log] sign to list recent users of a container or door.
    • iConomy fee for protecting containers/doors.
    • Worldguard connection.
    • [Protected] tag for viewing only.
    • Specific time range that doors can be opened.
    • DataLog plugin support.
    • More types of protected blocks, such as brewing stands.
    If you want any of the above features sooner than never, let me know! However, I currently see Lockette as functionally complete, for the most part, in that it already has all the functionality it needs. Future updates will mostly be to account for changes in Minecraft and Bukkit.


    Final Note:

    Please leave a reply if there are any bugs or suggestions, and if you like this plugin you can click the like button at the bottom of this post~ Thanks to those few that have donated! [​IMG]
     
  2. Offline

    NaldoD20

    My players keep dying anytime they use magenta dye on a locked door or locked chest. Is this a bug or is it part of the plugin?
     
  3. Offline

    Eloston

    Ok the problem has been resolved. I switched back to the original Lockette 1.6 and it worked just fine.
    mcMMO 1.3.05 will not work with NukerNL's Lockette.
     
  4. Offline

    teaearlgraycold

    I've checked the logs, and when a player places a sign on a chest, Hawkeye doesnt record it as anything. I don't need Hawkeye to record whats being typed on the sign, just that the sign is being placed.

    I'm trying to make an automated system of removing everyone's signs on their chests when they get banned, because right now an admin has to find all of their chests and manually remove the signs with their names on them.

    I'm attempting tp run a command like:

    Code:
    /he rollback p:player f:wallsignID
    but when I tested this on a test user who should have 2 Hawkeye logging entries (placing a chest and a sign), nothing turned up. The logs only showed that the player had placed a chest.

    It is possible that I have some weird big or made some mistake, though (and I did check, logging of signs is enabled in the Hawkeye config file)>
     
  5. Offline

    94jp

    I have no clue, but for only doors, whenever any user (moderator, admin, member, etc.) tries to put [private] one block next to the door, it gives [?] and "No unclaimed container nearby to make Private!"

    I used to be on Lockette, then I moved to Deadbolt for update, then moved back to Lockette, after seeing the compatible patch. Old Lockette didn't do this, neither did Deadbolt.
    (Moved out of Deadbolt, because it had long username errors)
     
  6. Offline

    Greylocke

    teaearlgraycold the Lockette sign is a sign like any other. The 'magic' is in making it stick to a chest like it would stick to a wall. I have not used HE, but I have done pretty much the same query with LogBlock. I hit ghe db directly instead of going through the UI, but basically I just asked it for all the signs placed by player X, where the first line is '[Private]'.

    I'm confident HE can do the same. I'd ask on the HawkEye forums to see what others have done.
     
  7. Offline

    jey585

    its not working for me on 1.2.5 :/
     
  8. Offline

    woodzy

    maby u could add a thing so u can have the chest suck up items like maby
    [takeitem]
     
  9. Offline

    thiagobrez

    Does it work on CraftBukkit 1.2.5 ?
     
  10. Offline

    DragonMasterNYC

    Yes it does.
     
  11. Offline

    kronflux

    Please work on supporting HawkEye. I believe the reason that it does not log it, is due to the fact that the signs do not get "placed" per say, but instead disappear and reappear on the chest.
     
  12. Offline

    Fogest

    I heard of some kind of issue where users could place a fence gate under a protected chest and then be able to get into it. Is this true?
     
  13. Offline

    khamseen_air

    You know, instead of posting in a public forum with what could be a security issue, why not test it privately and if it's true, PM Acru instead of letting everybody know how to bypass the locks?
     
  14. Offline

    Fogest

    I think it's patched I just wanted to make sure though.
     
  15. Offline

    thelaman

    1.2.5 when will you be updating it
     
  16. Offline

    Greylocke

    thelaman if you are having problems, please post some information so that others can help you. If you haven't tried Lockette with 1.2.5 and have not bothered to read any of the previous posts on this forum, please don't post anything until you do.
     
    Michael Erikson and khamseen_air like this.
  17. Offline

    VlperX

    Erm when is Lockette being updated for 1.2.5R1.0 ??

    I get a ton of errors in the console everytime an Admin snoops..
     
  18. Offline

    Greylocke

    VlperX I've seen some issues with mcMMO, but few other problems. Post your CB build# and the important parts of the console log -- someone here may be able to help.
     
  19. Offline

    Dr1nKy

    Too bad ChestShop isnt compatible with it ;(
     
  20. Offline

    Greylocke

    Dr1nKy misterb98 reports in this post that it is working for him, contrary to what is in the OP. I'd advise that you give it a try!
     
  21. Offline

    Fishman_z

    Lockette works on 1.2.5 I use it on my server and there are no huge problems- no random errors and stuff.

    however there is one problem that needs to be adressed: NPC villagers can open the locked doors. I hope this "security breach" will be fixed in the next update
     
  22. Offline

    gawelium

    Very nice plugin and very useful ! Thank's

    But I don't success to use the line in config : strings-file-name: strings-en.yml

    I try to write strings-fr.yml but it's always english in game.

    I try to rename strings-fr.yml by strings-en.yml but when the server starts the .yml reloads in english lol Strange

    Do you know what I mean ?
     
  23. Offline

    cubsboy14

    HELP! My Admins Can Open Locked Chest But I Can't And I'm Owner! When I Demote Myself To Admin, I Still Can't Open It! Please Help!
     
  24. Offline

    Yann Anderson

    Hello, I am Brazilian and I used the google translator to write here.
    I did the translation into Portuguese and think it would be nice to share with everyone, follow the download link so you can officially add if you want:

    http://www.4shared.com/file/S-WOx87X/strings-br.html

    hugs
     
  25. Offline

    ryanhamshire

    Hey thanks for all your hard work on this plugin. Just a few feedbacks, I don't know if you can fix them or not.

    1. I've seen a lot of lockette exploits on youtube, which is making me nervous. What's your confidence level right now about security? Could there be more fresh exploits out there that aren't widely known?

    2. Griefers are placing chests with lockette just to block doorways. I think it's one guy with lots of accounts - no matter how many I ban, more come on and do exactly the same thing. For every instance, I have to come myself and undo the damage. It's a real pain, and players have to work around it until I come online.

    3. Players complain that even though their doors are locked, people are getting in. I've seen a few cases where bad guys just knocked a hole in the wall near the door, so I assume that's what they're all doing.

    4. It'd be a huge help if I could somehow manage all permissions for all of my chests in an area. When I have like 20 chests, giving even one friend permission takes forever. I know you have groups support and I could handle working with that, but it's too hard for most of my players (and I dread the idea of having to babysit each one of them to learn group management).
     
  26. Offline

    Greylocke

    ryanhamshire
    1. Lockette uses server-side permissions or Ops to control access to chests. There are no client-side hacks.
    2. For a longterm solution, don't run an offline server and don't give untrusted players access to privileges like Lockette. Either whitelist or make a limited-access default group for non-members.
    3. Lockette locks containers and doors. It is not area protection. Use a block logger to find out who broke in. Ban them.
    4. If you have area protection in place, grant your friend access to your area. Then put all 20 chests behind one locked door that has your friend's name on it.
    IMO- it sounds like you need to harden your server. You've got things so wide open and unprotected that you probably run around playing policeman all the time instead of actually playing Minecraft. That's no fun. Devote some time to properly installing and configuring area protections and permissions. Run an online server -- offline mode is an open invitation to all the wrong people. Completely clear out the ops.txt file -- a properly config'd server doesn't need it. Once you've got that all set up... practice ZERO tolerance for griefing. Just boot 'em. Life's too short to put up with that.
     
  27. Offline

    Jay98d

    Hey, When I Use This And Someone Places A Chest, They Can't Open It Unless Their Hand Is Empty, This Problem Has Become A Real Pain In My Server And I Would Appreciate If Somebody Could Tell Me How To Fix! Please Help. Thanks! Please please please help!
     
  28. Offline

    [qwerty]

    What is with this error?

    Code:
    2012-04-16 03:49:02 [INFO] phantom11 lost connection: disconnect.quitting
    2012-04-16 03:49:04 [INFO] [MineBackup] * saving worlds\Donors
    2012-04-16 03:49:18 [INFO] [Lockette] eddiekart just tried to set text for a non-sign. (Bukkit bug, or hacked client?)
    2012-04-16 03:49:24 [INFO] [Lockette] eddiekart just tried to set text for a non-sign. (Bukkit bug, or hacked client?)
    2012-04-16 03:49:32 [INFO] [Lockette] eddiekart just tried to set text for a non-sign. (Bukkit bug, or hacked client?)
    2012-04-16 03:49:40 [INFO] [Lockette] eddiekart just tried to set text for a non-sign. (Bukkit bug, or hacked client?)
    2012-04-16 03:49:43 [INFO] (Guests)[Guest]realbash: win
    2012-04-16 03:49:49 [INFO] [Lockette] eddiekart just tried to set text for a non-sign. (Bukkit bug, or hacked client?)
    2012-04-16 03:49:53 [INFO] Connection reset
    2012-04-16 03:50:02 [INFO] [Lockette] eddiekart just tried to set text for a non-sign. (Bukkit bug, or hacked client?)
    2012-04-16 03:50:04 [INFO] [MineBackup] * saving worlds\Spawn
     
  29. Offline

    gawelium

    Hi ! Does your plugin need to be update for CB 1.2.5 to work with SimpleSignEdit ?

    Because CelticMinstrel says that :
    "The same goes for Lockette support; if someone wants to update the plugin to make it honour Lockette.isOwner(), I'd probably pull it.
    It's theoretically possible that some of the issues people are having were fixed and not released; you could try building the latest source from github and see if that fixes anything."
     
  30. Offline

    Kowak

    How can i set lockette just to 1-2 people and not to the other people in the server?
    I want that just VIPs can use it
    my PEX

    http://pastebin.com/LVnuytGs
     
  31. Offline

    Greylocke

    Kowak you should check out the "Advanced Setup (Permissions)" information at the top. It's all there.
     

Share This Page