Core/Account: Make account password change security variable and various changes

Settings within worldserver.conf:

Three settings for secruity level:
0 - None - No change to current system
1 - Email - Always requires the email entered on registration for confirming.
2 - RBAC - Groups applied with the RBAC role always require the email entered on registration for confirming.

RBAC default to every group. Changed some logs to make it more clear what is going on at all.

Emails may now no longer exceed 64 chars. Current email is used as regmail.

On account creation, two emails are saved. Registration email and normal email. Normal email is relevant afterwards. Registration email can be changed by console ONLY.

Includes new commands and changes to existing ones:
.account fulfills several new functions:
* Still prints GM Level.
* If account has permission, it displays the current email. This is not defaulted to any group.
* Security level is displayed. Also displays if user has RBAC perm if RBAC security mode is selected
.account email allows user to change email with sufficient confirmation
.account set sec email allows higher sec with higher sec than account to change the normal email. Registrationemail remains untouched here.
.account set sec regmail allows console to change registration email.
.pinfo now displays the registration and normal mail.

Also fixes .learn all crafts.
Closes #10558

3 files changed, 95 insertions, 0 deletions

diff --git a/sql/updates/auth/2013_08_17_00_auth_rbac.sql b/sql/updates/auth/2013_08_17_00_auth_rbac.sql
new file mode 100644
index 00000000000..14c219deaf4
--- /dev/null
+++ b/sql/updates/auth/2013_08_17_00_auth_rbac.sql
@@ -0,0 +1,35 @@
+ALTER TABLE `account`
+	ADD COLUMN `reg_mail` VARCHAR(255) NOT NULL DEFAULT '' AFTER `s`;
+
+UPDATE `account` SET reg_mail = email;
+
+DELETE FROM `rbac_permissions` WHERE `id` = 49;
+INSERT INTO `rbac_permissions` (`id`, `name`) VALUES (49, 'Forces to enter the email for confirmation on password change');
+
+DELETE FROM `rbac_roles` WHERE `id` = 40;
+INSERT INTO `rbac_roles` (`id`, `name`) VALUES (40, 'Forces to enter the email for confirmation on password change');
+
+DELETE FROM `rbac_role_permissions` WHERE `roleId` = 40 AND `permissionId` = 49;
+INSERT INTO `rbac_role_permissions` (`roleId`, `permissionId`) VALUES (40, 49);
+
+DELETE FROM `rbac_group_roles` WHERE `groupId` = 1 AND `roleId` = 40;
+INSERT INTO `rbac_group_roles` (`groupId`, `roleId`) VALUES (1, 40);
+
+DELETE FROM `rbac_group_roles` WHERE `groupId` = 2 AND `roleId` = 40;
+INSERT INTO `rbac_group_roles` (`groupId`, `roleId`) VALUES (2, 40);
+
+DELETE FROM `rbac_group_roles` WHERE `groupId` = 3 AND `roleId` = 40;
+INSERT INTO `rbac_group_roles` (`groupId`, `roleId`) VALUES (3, 40);
+
+DELETE FROM `rbac_group_roles` WHERE `groupId` = 4 AND `roleId` = 40;
+INSERT INTO `rbac_group_roles` (`groupId`, `roleId`) VALUES (4, 40);
+
+DELETE FROM `rbac_permissions` WHERE `id` = 50;
+INSERT INTO `rbac_permissions` (`id`, `name`) VALUES (50, 'Allow user to check his own email with .account');
+
+DELETE FROM `rbac_roles` WHERE `id` = 41;
+INSERT INTO `rbac_roles` (`id`, `name`) VALUES (41, 'Allow user to check his own email with .account');
+
+DELETE FROM `rbac_role_permissions` WHERE `roleId` = 41 AND `permissionId` = 50;
+INSERT INTO `rbac_role_permissions` (`roleId`, `permissionId`) VALUES (41, 50);
+
diff --git a/sql/updates/auth/2013_09_01_00_auth_misc.sql b/sql/updates/auth/2013_09_01_00_auth_misc.sql
new file mode 100644
index 00000000000..5a48a4233ba
--- /dev/null
+++ b/sql/updates/auth/2013_09_01_00_auth_misc.sql
@@ -0,0 +1,34 @@
+/* account email */
+SET @amail = 263;
+
+-- Add new permissions for account mail
+DELETE FROM `rbac_permissions` WHERE `id` = @amail;
+INSERT INTO `rbac_permissions` (`id`, `name`) VALUES
+(@amail, 'account email');
+
+-- Add permissions to "corresponding Commands Role"
+DELETE FROM `rbac_role_permissions` WHERE `permissionId` = @amail;
+INSERT INTO `rbac_role_permissions` (`roleId`, `permissionId`) VALUES
+(1, @amail),
+(2, @amail),
+(3, @amail),
+(4, @amail);
+
+
+/* account set sec email
+   account set sec regmail */
+SET @setsec = 264;
+
+-- Add new permissions for account set sec
+DELETE FROM `rbac_permissions` WHERE `id` BETWEEN @setsec AND @setsec+2;
+INSERT INTO `rbac_permissions` (`id`, `name`) VALUES
+(@setsec+0, 'account set sec'),
+(@setsec+1, 'account set sec email'),
+(@setsec+2, 'account set sec regmail');
+
+-- Add permissions to "corresponding Commands Role"
+DELETE FROM `rbac_role_permissions` WHERE `permissionId` BETWEEN @setsec AND @setsec+2;
+INSERT INTO `rbac_role_permissions` (`roleId`, `permissionId`) VALUES
+(4, @setsec+0),
+(4, @setsec+1),
+(4, @setsec+2);
diff --git a/sql/updates/world/2013_08_19_00_world_trinity_strings.sql b/sql/updates/world/2013_08_19_00_world_trinity_strings.sql
new file mode 100644
index 00000000000..7dd8bb89ee6
--- /dev/null
+++ b/sql/updates/world/2013_08_19_00_world_trinity_strings.sql
@@ -0,0 +1,26 @@
+DELETE FROM `trinity_string` WHERE entry IN (749, 872, 873, 874, 875, 876, 877, 878, 879, 880, 881);
+INSERT INTO `trinity_string` (entry, content_default, content_loc1, content_loc2, content_loc3, content_loc4, content_loc5, content_loc6, content_loc7, content_loc8) VALUES
+(749,'│ OS: %s - Latency: %u ms', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL),
+(872, 'Entered email is not equal to registration email, check input', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL),
+(873, 'The new emails do not match', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL),
+(874, 'The email was changed', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL),
+(875, 'Your email can''t be longer than 64 characters, email not changed!', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL),
+(876, 'Email not changed (unknown error)!', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL),
+(877, 'Email change unnecessary, new email is equal to old email', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL),
+(878, 'Your email is: %s', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL),
+(879, '│ Registration Email: %s - Email: %s', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL),
+(880, 'Security Level: %s', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL),
+(881, 'You require an email to change your password.', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL);
+
+UPDATE `command` SET help = 'Syntax: .account password $old_password $new_password $new_password [$email]\r\n\r\nChange your account password. You may need to check the actual security mode to see if email input is necessary.' WHERE name = 'account password';
+
+UPDATE `command` SET help = 'Syntax: .account\r\n\r\nDisplay the access level of your account and the email adress if you possess the necessary permissions.' WHERE name = 'account';
+
+DELETE FROM `command` WHERE name = 'account email';
+INSERT INTO `command` (name, security, help) VALUES ('account email', 0, 'Syntax: .account email $oldemail $currentpassword $newemail $newemailconfirmation\r\n\r\n Change your account email. You may need to check the actual security mode to see if email input is necessary for password change');
+
+DELETE FROM `command` WHERE name = 'account set sec email';
+INSERT INTO `command` (name, security, help) VALUES ('account set sec email', 3, 'Syntax: .account set sec email $accountname $email $emailconfirmation\r\n\r\nSet the email for entered player account.');
+
+DELETE FROM `command` WHERE name = 'account set sec regmail';
+INSERT INTO `command` (name, security, help) VALUES ('account set sec regmail', 4, 'Syntax: .account set sec regmail $account $regmail $regmailconfirmation\r\n\r\nSets the regmail for entered player account.');