Core/Account: Make account password change security variable and various changes

Settings within worldserver.conf:

Three settings for secruity level:
0 - None - No change to current system
1 - Email - Always requires the email entered on registration for confirming.
2 - RBAC - Groups applied with the RBAC role always require the email entered on registration for confirming.

RBAC default to every group. Changed some logs to make it more clear what is going on at all.

Emails may now no longer exceed 64 chars. Current email is used as regmail.

On account creation, two emails are saved. Registration email and normal email. Normal email is relevant afterwards. Registration email can be changed by console ONLY.

Includes new commands and changes to existing ones:
.account fulfills several new functions:
* Still prints GM Level.
* If account has permission, it displays the current email. This is not defaulted to any group.
* Security level is displayed. Also displays if user has RBAC perm if RBAC security mode is selected
.account email allows user to change email with sufficient confirmation
.account set sec email allows higher sec with higher sec than account to change the normal email. Registrationemail remains untouched here.
.account set sec regmail allows console to change registration email.
.pinfo now displays the registration and normal mail.

Also fixes .learn all crafts.
Closes #10558

6 files changed, 121 insertions, 6 deletions

diff --git a/src/server/game/Accounts/AccountMgr.cpp b/src/server/game/Accounts/AccountMgr.cpp
index a9f178685d9..819a3b85fe6 100644
--- a/src/server/game/Accounts/AccountMgr.cpp
+++ b/src/server/game/Accounts/AccountMgr.cpp
@@ -34,21 +34,24 @@ AccountMgr::~AccountMgr()
     ClearRBAC();
 }
 
-AccountOpResult AccountMgr::CreateAccount(std::string username, std::string password)
+AccountOpResult AccountMgr::CreateAccount(std::string username, std::string password, std::string email = "")
 {
     if (utf8length(username) > MAX_ACCOUNT_STR)
         return AOR_NAME_TOO_LONG;                           // username's too long
 
     normalizeString(username);
     normalizeString(password);
+    normalizeString(email);
 
     if (GetId(username))
-        return AOR_NAME_ALREDY_EXIST;                       // username does already exist
+        return AOR_NAME_ALREADY_EXIST;                       // username does already exist
 
     PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_ACCOUNT);
 
     stmt->setString(0, username);
     stmt->setString(1, CalculateShaPassHash(username, password));
+    stmt->setString(2, email);
+    stmt->setString(3, email);
 
     LoginDatabase.DirectExecute(stmt); // Enforce saving, otherwise AddGroup can fail
 
@@ -202,6 +205,52 @@ AccountOpResult AccountMgr::ChangePassword(uint32 accountId, std::string newPass
     return AOR_OK;
 }
 
+AccountOpResult AccountMgr::ChangeEmail(uint32 accountId, std::string newEmail)
+{
+    std::string username;
+
+    if (!GetName(accountId, username))
+        return AOR_NAME_NOT_EXIST;                          // account doesn't exist
+
+    if (utf8length(newEmail) > MAX_EMAIL_STR)
+        return AOR_EMAIL_TOO_LONG;
+
+    normalizeString(username);
+    normalizeString(newEmail);
+
+    PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_EMAIL);
+
+    stmt->setString(0, newEmail);
+    stmt->setUInt32(1, accountId);
+
+    LoginDatabase.Execute(stmt);
+
+    return AOR_OK;
+}
+
+AccountOpResult AccountMgr::ChangeRegEmail(uint32 accountId, std::string newEmail)
+{
+    std::string username;
+
+    if (!GetName(accountId, username))
+        return AOR_NAME_NOT_EXIST;                          // account doesn't exist
+
+    if (utf8length(newEmail) > MAX_EMAIL_STR)
+        return AOR_EMAIL_TOO_LONG;
+
+    normalizeString(username);
+    normalizeString(newEmail);
+
+    PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_REG_EMAIL);
+
+    stmt->setString(0, newEmail);
+    stmt->setUInt32(1, accountId);
+
+    LoginDatabase.Execute(stmt);
+
+    return AOR_OK;
+}
+
 uint32 AccountMgr::GetId(std::string const& username)
 {
     PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_GET_ACCOUNT_ID_BY_USERNAME);
@@ -245,6 +294,21 @@ bool AccountMgr::GetName(uint32 accountId, std::string& name)
     return false;
 }
 
+bool AccountMgr::GetEmail(uint32 accountId, std::string& email)
+{
+    PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_GET_EMAIL_BY_ID);
+    stmt->setUInt32(0, accountId);
+    PreparedQueryResult result = LoginDatabase.Query(stmt);
+
+    if (result)
+    {
+        email = (*result)[0].GetString();
+        return true;
+    }
+
+    return false;
+}
+
 bool AccountMgr::CheckPassword(uint32 accountId, std::string password)
 {
     std::string username;
@@ -263,6 +327,23 @@ bool AccountMgr::CheckPassword(uint32 accountId, std::string password)
     return (result) ? true : false;
 }
 
+bool AccountMgr::CheckEmail(uint32 accountId, std::string newEmail)
+{
+    std::string oldEmail;
+
+    // We simply return false for a non-existing email
+    if (!GetEmail(accountId, oldEmail))
+        return false;
+
+    normalizeString(oldEmail);
+    normalizeString(newEmail);
+
+    if (strcmp(oldEmail.c_str(), newEmail.c_str()) == 0)
+        return true;
+
+    return false;
+}
+
 uint32 AccountMgr::GetCharactersCount(uint32 accountId)
 {
     // check character count
diff --git a/src/server/game/Accounts/AccountMgr.h b/src/server/game/Accounts/AccountMgr.h
index 878ecde24f9..92c1e2292d0 100644
--- a/src/server/game/Accounts/AccountMgr.h
+++ b/src/server/game/Accounts/AccountMgr.h
@@ -27,12 +27,21 @@ enum AccountOpResult
     AOR_OK,
     AOR_NAME_TOO_LONG,
     AOR_PASS_TOO_LONG,
-    AOR_NAME_ALREDY_EXIST,
+    AOR_EMAIL_TOO_LONG,
+    AOR_NAME_ALREADY_EXIST,
     AOR_NAME_NOT_EXIST,
     AOR_DB_INTERNAL_ERROR
 };
 
+enum PasswordChangeSecurity
+{
+    PW_NONE,
+    PW_EMAIL,
+    PW_RBAC
+};
+
 #define MAX_ACCOUNT_STR 16
+#define MAX_EMAIL_STR 64
 
 typedef std::map<uint32, RBACPermission*> RBACPermissionsContainer;
 typedef std::map<uint32, RBACRole*> RBACRolesContainer;
@@ -48,16 +57,20 @@ class AccountMgr
         ~AccountMgr();
 
     public:
-        AccountOpResult CreateAccount(std::string username, std::string password);
+        AccountOpResult CreateAccount(std::string username, std::string password, std::string email);
         static AccountOpResult DeleteAccount(uint32 accountId);
         static AccountOpResult ChangeUsername(uint32 accountId, std::string newUsername, std::string newPassword);
         static AccountOpResult ChangePassword(uint32 accountId, std::string newPassword);
+        static AccountOpResult ChangeEmail(uint32 accountId, std::string newEmail);
+        static AccountOpResult ChangeRegEmail(uint32 accountId, std::string newEmail);
         static bool CheckPassword(uint32 accountId, std::string password);
+        static bool CheckEmail(uint32 accountId, std::string newEmail);
 
         static uint32 GetId(std::string const& username);
         static uint32 GetSecurity(uint32 accountId);
         static uint32 GetSecurity(uint32 accountId, int32 realmId);
         static bool GetName(uint32 accountId, std::string& name);
+        static bool GetEmail(uint32 accountId, std::string& email);
         static uint32 GetCharactersCount(uint32 accountId);
 
         static std::string CalculateShaPassHash(std::string const& name, std::string const& password);
diff --git a/src/server/game/Accounts/RBAC.h b/src/server/game/Accounts/RBAC.h
index be4356f6b54..ab8354554ec 100644
--- a/src/server/game/Accounts/RBAC.h
+++ b/src/server/game/Accounts/RBAC.h
@@ -96,6 +96,8 @@ enum RBACPermissions
     RBAC_PERM_CHANGE_CHANNEL_NOT_MODERATOR                   = 46,

     RBAC_PERM_CHECK_FOR_LOWER_SECURITY                       = 47,

     RBAC_PERM_COMMANDS_PINFO_CHECK_PERSONAL_DATA             = 48,

+    RBAC_PERM_EMAIL_CONFIRM_FOR_PASS_CHANGE                  = 49,

+    RBAC_PERM_MAY_CHECK_OWN_EMAIL                            = 50,
     // Leave some space for core permissions

     RBAC_PERM_COMMAND_RBAC                                   = 200,

     RBAC_PERM_COMMAND_RBAC_ACC                               = 201,

@@ -160,8 +162,12 @@ enum RBACPermissions
     RBAC_PERM_COMMAND_BF_SWITCH                              = 260,

     RBAC_PERM_COMMAND_BF_TIMER                               = 261,

     RBAC_PERM_COMMAND_BF_ENABLE                              = 262,

+    RBAC_PERM_COMMAND_ACCOUNT_EMAIL                          = 263,

+    RBAC_PERM_COMMAND_ACCOUNT_SET_SEC                        = 264,

+    RBAC_PERM_COMMAND_ACCOUNT_SET_SEC_EMAIL                  = 265,

+    RBAC_PERM_COMMAND_ACCOUNT_SET_SEC_REGMAIL                = 266,

 

-    // custom permissions 1000+

+    // custom permissions 1000+
     RBAC_PERM_MAX

 };

 

diff --git a/src/server/game/Miscellaneous/Language.h b/src/server/game/Miscellaneous/Language.h
index 772d5bcfb75..ce280a11fc3 100644
--- a/src/server/game/Miscellaneous/Language.h
+++ b/src/server/game/Miscellaneous/Language.h
@@ -811,6 +811,7 @@ enum TrinityStrings
     LANG_PINFO_ACC_ACCOUNT              = 714,
     LANG_PINFO_ACC_LASTLOGIN            = 716,
     LANG_PINFO_ACC_OS                   = 749,
+    LANG_PINFO_ACC_REGMAILS             = 879,
     LANG_PINFO_ACC_IP                   = 752,
     LANG_PINFO_CHR_LEVEL_LOW            = 843,
     LANG_PINFO_CHR_RACE                 = 844,
@@ -844,7 +845,17 @@ enum TrinityStrings
     LANG_ARENA_INFO_MEMBERS             = 869,
     LANG_ARENA_LOOKUP                   = 870,
     //                                  = 871, see LANG_PINFO_CHR_LEVEL_HIGH
-    // Room for in-game strings           872-999 not used
+    LANG_COMMAND_WRONGEMAIL             = 872,
+    LANG_NEW_EMAILS_NOT_MATCH           = 873,
+    LANG_COMMAND_EMAIL                  = 874,
+    LANG_EMAIL_TOO_LONG                 = 875,
+    LANG_COMMAND_NOTCHANGEEMAIL         = 876,
+    LANG_OLD_EMAIL_IS_NEW_EMAIL         = 877,
+    LANG_COMMAND_EMAIL_OUTPUT           = 878,
+    //                                  = 879, see LANG_PINFO_CHR_REGMAILS
+    LANG_ACCOUNT_SEC_TYPE               = 880,
+    LANG_RBAC_EMAIL_REQUIRED            = 881,
+    // Room for in-game strings           882-999 not used
 
     // Level 4 (CLI only commands)
     LANG_COMMAND_EXIT                   = 1000,
diff --git a/src/server/game/World/World.cpp b/src/server/game/World/World.cpp
index 12ec033dfa7..cf6ad3f9886 100644
--- a/src/server/game/World/World.cpp
+++ b/src/server/game/World/World.cpp
@@ -1192,6 +1192,9 @@ void World::LoadConfigSettings(bool reload)
     // DBC_ItemAttributes
     m_bool_configs[CONFIG_DBC_ENFORCE_ITEM_ATTRIBUTES] = sConfigMgr->GetBoolDefault("DBC.EnforceItemAttributes", true);
 
+    // Accountpassword Secruity
+    m_int_configs[CONFIG_ACC_PASSCHANGESEC] = sConfigMgr->GetIntDefault("Account.PasswordChangeSecurity", 0);
+
     // Max instances per hour
     m_int_configs[CONFIG_MAX_INSTANCES_PER_HOUR] = sConfigMgr->GetIntDefault("AccountInstancesPerHour", 5);
 
diff --git a/src/server/game/World/World.h b/src/server/game/World/World.h
index d4d9c4e2431..907491437c4 100644
--- a/src/server/game/World/World.h
+++ b/src/server/game/World/World.h
@@ -329,6 +329,7 @@ enum WorldIntConfigs
     CONFIG_PACKET_SPOOF_POLICY,
     CONFIG_PACKET_SPOOF_BANMODE,
     CONFIG_PACKET_SPOOF_BANDURATION,
+    CONFIG_ACC_PASSCHANGESEC,
     INT_CONFIG_VALUE_COUNT
 };