[+] SanitizeUserData

[Menci]

Summary by Sourcery

对从服务器接收的用户数据进行消毒，以防止由无效数据导致的崩溃。

新功能：

• 添加了一个新功能，用于对从服务器接收的用户数据进行消毒。

Bug 修复：

• 防止由从服务器接收的无效用户数据导致的崩溃。

增强：

• 将 NetPacketExtension.OnNetPacketResponse 替换为 NetPacketHook.OnNetPacketComplete，以允许对数据包响应进行修改。

Original summary in English

Summary by Sourcery

Sanitize user data received from the server to prevent crashes caused by invalid data.

New Features:

• Added a new feature to sanitize user data received from the server.

Bug Fixes:

• Prevent crashes caused by invalid user data received from the server.

Enhancements:

• Replace NetPacketExtension.OnNetPacketResponse with NetPacketHook.OnNetPacketComplete to allow modifications to the packet response.

新功能：

• 对从服务器接收的用户数据进行清理，防止由无效数据导致的崩溃。

测试：

• 为新的数据清理功能添加了测试。

Original summary in English

Summary by Sourcery

对从服务器接收的用户数据进行消毒，以防止由无效数据导致的崩溃。

新功能：

• 添加了一个新功能，用于对从服务器接收的用户数据进行消毒。

Bug 修复：

• 防止由从服务器接收的无效用户数据导致的崩溃。

增强：

• 将 NetPacketExtension.OnNetPacketResponse 替换为 NetPacketHook.OnNetPacketComplete，以允许对数据包响应进行修改。

Original summary in English

Summary by Sourcery

Sanitize user data received from the server to prevent crashes caused by invalid data.

New Features:

• Added a new feature to sanitize user data received from the server.

Bug Fixes:

• Prevent crashes caused by invalid user data received from the server.

Enhancements:

• Replace NetPacketExtension.OnNetPacketResponse with NetPacketHook.OnNetPacketComplete to allow modifications to the packet response.

[sourcery-ai]

Here's the translation of the review guide to Chinese:

审阅者指南 by Sourcery

此拉取请求引入了一个新系统，用于对从服务器接收的用户数据进行消毒。这是为了防止由无效数据导致的崩溃。更改包括挂接网络数据包处理，以在游戏使用数据之前拦截和修改响应。此外，还添加了一个新的配置选项，用于启用或禁用此功能。

新用户数据消毒流程的序列图

sequenceDiagram
    participant Client
    participant NetPacketHook
    participant SanitizeUserData
    participant Server

    Client->>Server: 发送API请求
    Server-->>NetPacketHook: 带有用户数据的响应
    activate NetPacketHook
    NetPacketHook->>SanitizeUserData: OnNetPacketComplete(api, request, response)
    activate SanitizeUserData
    Note over SanitizeUserData: 根据API类型消毒用户数据
    SanitizeUserData-->>NetPacketHook: 返回修改后的响应
    deactivate SanitizeUserData
    NetPacketHook-->>Client: 消毒后的用户数据
    deactivate NetPacketHook

Loading

数据消毒组件的类图

classDiagram
    class NetPacketHook {
        +OnNetPacketComplete: event NetPacketCompleteHook
        +PreProcImpl(Packet)
    }

    class SanitizeUserData {
        +OnBeforePatch()
        -OnNetPacketComplete(string, Variant, Variant)
        -OnUserDataResponse(ProxyObject, ProxyObject)
        -OnUserItemResponse(ProxyObject, ProxyObject)
        -OnUserFavoriteResponse(ProxyObject, ProxyObject)
        -FilterListResponse(string, ProxyObject, string, Func)
        -SanitizeItemIdField(ProxyObject, string, string)
    }

    class JsonHelper {
        +TryToInt32(Variant, out int)
        +TryToInt64(Variant, out long)
        +DeepEqual(Variant, Variant)
    }

    NetPacketHook --> SanitizeUserData: 通知
    SanitizeUserData --> JsonHelper: 使用

Loading

数据消毒流程图

graph TD
    A[接收服务器响应] --> B{API是否在处理程序映射中？}
    B -->|是| C[获取API类型的处理程序]
    B -->|否| D[返回原始响应]
    C --> E[提取请求和响应对象]
    E --> F[应用数据消毒]
    F --> G{数据是否被修改？}
    G -->|是| H[返回修改后的响应]
    G -->|否| I[返回原始响应]

    subgraph 消毒类型
    F --> J[验证物品ID]
    F --> K[过滤无效条目]
    F --> L[消毒枚举值]
    F --> M[设置默认值]
    end

Loading

文件级更改

更改	详情	文件
引入一个新系统，用于消毒从服务器接收的用户数据。	创建了一个新类 SanitizeUserData 来处理消毒逻辑。 实现了一个方法 OnNetPacketComplete，挂接到网络数据包处理。 添加了消毒各种用户数据字段的逻辑，如物品ID、枚举值和列表。 添加了从用户数据列表中过滤无效条目的逻辑。 添加了为无效字段设置默认值的逻辑。 添加了在过滤或消毒无效数据时的日志记录。	AquaMai.Mods/Fix/Stability/SanitizeUserData.cs
挂接网络数据包处理以拦截和修改响应。	创建了一个新类 NetPacketHook 来处理网络数据包拦截。 实现了一个方法 PreProcImpl，挂接到 Packet.ProcImpl 方法。 添加了解密响应数据的逻辑。 添加了将响应数据解析为JSON的逻辑。 添加了调用 OnNetPacketComplete 事件的逻辑。 添加了将修改后的响应数据序列化回字节的逻辑。 添加了将修改后的响应数据写回内存流的逻辑。 添加了在响应被修改时的日志记录。	AquaMai.Core/Helpers/NetPacketHook.cs
删除旧的 NetPacketExtension 并替换为 NetPacketHook。	删除了 NetPacketExtension 类。 将 NetPacketExtension.OnNetPacketResponse 的使用替换为 NetPacketHook.OnNetPacketComplete。 更新 ServerAnnouncement 类以使用新的 NetPacketHook。	AquaMai.Mods/UX/ServerAnnouncement.cs AquaMai.Core/Startup.cs AquaMai.Core/Helpers/NetPacketExtension.cs
添加一个用于JSON操作的辅助类。	创建了一个新类 JsonHelper 来处理JSON操作。 添加了将 Variant 转换为 int32 或 int64 的方法。 添加了比较两个 Variant 对象是否深度相等的方法。	AquaMai.Core/Helpers/JsonHelper.cs
更新 LogNetworkRequests 以使用 HarmonyPriority.First。	在 LogNetworkRequests 的 Harmony 补丁中添加了 HarmonyPriority(Priority.First)。	AquaMai.Mods/Utils/LogNetworkRequests.cs

---

提示和命令

与 Sourcery 交互

• 触发新的审阅： 在拉取请求中评论 @sourcery-ai review。
• 继续讨论： 直接回复 Sourcery 的审阅评论。
• 从审阅评论生成 GitHub 问题： 通过回复审阅评论，要求 Sourcery 创建一个问题。您也可以回复审阅评论 @sourcery-ai issue 来从中创建问题。
• 生成拉取请求标题： 在拉取请求标题中的任何位置写 @sourcery-ai 以随时生成标题。您也可以在拉取请求中评论 @sourcery-ai title 以随时（重新）生成标题。
• 生成拉取请求摘要： 在拉取请求正文的任何位置写 @sourcery-ai summary 以在您想要的确切位置生成 PR 摘要。您也可以在拉取请求中评论 @sourcery-ai summary 以随时（重新）生成摘要。
• 生成审阅者指南： 在拉取请求中评论 @sourcery-ai guide 以随时（重新）生成审阅者指南。
• 解决所有 Sourcery 评论： 在拉取请求中评论 @sourcery-ai resolve 以解决所有 Sourcery 评论。如果您已经处理了所有评论，并且不想再看到它们，这很有用。
• 取消所有 Sourcery 审阅： 在拉取请求中评论 @sourcery-ai dismiss 以取消所有现有的 Sourcery 审阅。特别是在您想要重新开始审阅时很有用 - 别忘了评论 @sourcery-ai review 以触发新的审阅！
• 为问题生成行动计划： 在问题中评论 @sourcery-ai plan 以为其生成行动计划。

自定义您的体验

访问您的仪表板以：

• 启用或禁用审阅功能，如 Sourcery 生成的拉取请求摘要、审阅者指南等。
• 更改审阅语言。
• 添加、删除或编辑自定义审阅说明。
• 调整其他审阅设置。

获取帮助

• 联系我们的支持团队以获取问题或反馈。
• 访问我们的文档以获取详细指南和信息。
• 通过关注我们的 X/Twitter、LinkedIn 或 GitHub 与 Sourcery 团队保持联系。

Original review guide in English

Reviewer's Guide by Sourcery

This pull request introduces a new system for sanitizing user data received from the server. This is done to prevent crashes caused by invalid data. The changes include hooking into the network packet processing to intercept and modify the responses before they are used by the game. Additionally, a new config option was added to enable or disable this feature.

Sequence diagram for the new user data sanitization flow

sequenceDiagram
    participant Client
    participant NetPacketHook
    participant SanitizeUserData
    participant Server

    Client->>Server: Send API request
    Server-->>NetPacketHook: Response with user data
    activate NetPacketHook
    NetPacketHook->>SanitizeUserData: OnNetPacketComplete(api, request, response)
    activate SanitizeUserData
    Note over SanitizeUserData: Sanitize user data based on API type
    SanitizeUserData-->>NetPacketHook: Return modified response
    deactivate SanitizeUserData
    NetPacketHook-->>Client: Sanitized user data
    deactivate NetPacketHook

Loading

Class diagram for the new data sanitization components

classDiagram
    class NetPacketHook {
        +OnNetPacketComplete: event NetPacketCompleteHook
        +PreProcImpl(Packet)
    }

    class SanitizeUserData {
        +OnBeforePatch()
        -OnNetPacketComplete(string, Variant, Variant)
        -OnUserDataResponse(ProxyObject, ProxyObject)
        -OnUserItemResponse(ProxyObject, ProxyObject)
        -OnUserFavoriteResponse(ProxyObject, ProxyObject)
        -FilterListResponse(string, ProxyObject, string, Func)
        -SanitizeItemIdField(ProxyObject, string, string)
    }

    class JsonHelper {
        +TryToInt32(Variant, out int)
        +TryToInt64(Variant, out long)
        +DeepEqual(Variant, Variant)
    }

    NetPacketHook --> SanitizeUserData: notifies
    SanitizeUserData --> JsonHelper: uses

Loading

Flow diagram for data sanitization process

graph TD
    A[Receive Server Response] --> B{Is API in Handler Map?}
    B -->|Yes| C[Get Handler for API Type]
    B -->|No| D[Return Original Response]
    C --> E[Extract Request & Response Objects]
    E --> F[Apply Data Sanitization]
    F --> G{Data Modified?}
    G -->|Yes| H[Return Modified Response]
    G -->|No| I[Return Original Response]

    subgraph Sanitization Types
    F --> J[Validate Item IDs]
    F --> K[Filter Invalid Entries]
    F --> L[Sanitize Enum Values]
    F --> M[Set Default Values]
    end

Loading

File-Level Changes

Change	Details	Files
Introduce a new system for sanitizing user data received from the server.	Created a new class SanitizeUserData to handle the sanitization logic. Implemented a method OnNetPacketComplete that hooks into the network packet processing. Added logic to sanitize various user data fields, such as item IDs, enum values, and lists. Added logic to filter out invalid entries from lists of user data. Added logic to set default values for invalid fields. Added logging for when invalid data is filtered out or sanitized.	AquaMai.Mods/Fix/Stability/SanitizeUserData.cs
Hook into the network packet processing to intercept and modify the responses.	Created a new class NetPacketHook to handle the network packet interception. Implemented a method PreProcImpl that hooks into the Packet.ProcImpl method. Added logic to decrypt the response data. Added logic to parse the response data as JSON. Added logic to invoke the OnNetPacketComplete event. Added logic to serialize the modified response data back to bytes. Added logic to write the modified response data back to the memory stream. Added logging for when a response is modified.	AquaMai.Core/Helpers/NetPacketHook.cs
Remove the old NetPacketExtension and replace it with NetPacketHook.	Removed the NetPacketExtension class. Replaced the usage of NetPacketExtension.OnNetPacketResponse with NetPacketHook.OnNetPacketComplete. Updated the ServerAnnouncement class to use the new NetPacketHook.	AquaMai.Mods/UX/ServerAnnouncement.cs AquaMai.Core/Startup.cs AquaMai.Core/Helpers/NetPacketExtension.cs
Add a helper class for JSON operations.	Created a new class JsonHelper to handle JSON operations. Added methods to try to convert a Variant to an int32 or int64. Added a method to compare two Variant objects for deep equality.	AquaMai.Core/Helpers/JsonHelper.cs
Update LogNetworkRequests to use HarmonyPriority.First.	Added HarmonyPriority(Priority.First) to the Harmony patches in LogNetworkRequests.	AquaMai.Mods/Utils/LogNetworkRequests.cs

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!
• Generate a plan of action for an issue: Comment @sourcery-ai plan on
  an issue to generate a plan of action for it.

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

嘿 @Menci - 我已经审查了你的更改 - 以下是一些反馈：

整体评论：

• NetPacketHook.PreProcImpl 中的 'modified' 标志已设置，但在数据包修改逻辑中从未使用，这可能会阻止响应修改生效

以下是我在审查期间查看的内容

• 🟢 一般问题：一切看起来都很好
• 🟢 安全性：一切看起来都很好
• 🟢 测试：一切看起来都很好
• 🟢 复杂性：一切看起来都很好
• 🟢 文档：一切看起来都很好

---

Sourcery 对开源项目是免费的 - 如果你喜欢我们的评论，请考虑分享它们 ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{帮助我变得更有用！请在每条评论上点击 👍 或 👎，我将使用这些反馈来改进你的评论。}

Original comment in English

Hey @Menci - I've reviewed your changes - here's some feedback:

Overall Comments:

• The 'modified' flag in NetPacketHook.PreProcImpl is set but never used in the packet modification logic, which could prevent response modifications from taking effect

Here's what I looked at during the review

• 🟢 General issues: all looks good
• 🟢 Security: all looks good
• 🟢 Testing: all looks good
• 🟢 Complexity: all looks good
• 🟢 Documentation: all looks good

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[Menci]

@sourcery-ai review

[sourcery-ai]

嘿 @Menci - 我已经审查了你的更改，看起来非常棒！

以下是我在审查期间查看的内容

• 🟡 一般性问题：发现2个问题
• 🟢 安全性：一切看起来都很好
• 🟢 测试：一切看起来都很好
• 🟢 复杂性：一切看起来都很好
• 🟢 文档：一切看起来都很好

---

Sourcery 对开源项目是免费的 - 如果你喜欢我们的评论，请考虑分享 ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{帮助我变得更有用！请在每条评论上点击 👍 或 👎，我将使用这些反馈来改进你的评论。}

Original comment in English

Hey @Menci - I've reviewed your changes and they look great!

Here's what I looked at during the review

• 🟡 General issues: 2 issues found
• 🟢 Security: all looks good
• 🟢 Testing: all looks good
• 🟢 Complexity: all looks good
• 🟢 Documentation: all looks good

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[sourcery-ai]

建议（性能）： 考虑缓存已解析的枚举类型，以避免重复扫描程序集

使用静态字典缓存枚举类型查找的结果，以避免重复扫描所有程序集。

Suggested change

	private static System.Type ResolveEnumType(string enumName)
	{
	return AppDomain.CurrentDomain
	.GetAssemblies()
	.SelectMany(assembly => assembly.GetTypes())
	.FirstOrDefault(type => type.FullName == enumName && type.IsEnum);
	}
	private static readonly Dictionary<string, System.Type> _enumTypeCache = new Dictionary<string, System.Type>();
	private static System.Type ResolveEnumType(string enumName)
	{
	// 检查类型是否已在缓存中
	if (_enumTypeCache.TryGetValue(enumName, out var cachedType))
	{
	return cachedType;
	}
	// 如果不在缓存中，则解析并添加到缓存
	var resolvedType = AppDomain.CurrentDomain
	.GetAssemblies()
	.SelectMany(assembly => assembly.GetTypes())
	.FirstOrDefault(type => type.FullName == enumName && type.IsEnum);
	if (resolvedType != null)
	{
	_enumTypeCache[enumName] = resolvedType;
	}
	return resolvedType;
	}

Original comment in English

suggestion (performance): Consider caching resolved enum types to avoid repeated assembly scanning

Use a static Dictionary to cache the results of enum type lookups to avoid scanning all assemblies repeatedly.

Suggested change

	private static System.Type ResolveEnumType(string enumName)
	{
	return AppDomain.CurrentDomain
	.GetAssemblies()
	.SelectMany(assembly => assembly.GetTypes())
	.FirstOrDefault(type => type.FullName == enumName && type.IsEnum);
	}
	private static readonly Dictionary<string, System.Type> _enumTypeCache = new Dictionary<string, System.Type>();
	private static System.Type ResolveEnumType(string enumName)
	{
	// Check if the type is already in cache
	if (_enumTypeCache.TryGetValue(enumName, out var cachedType))
	{
	return cachedType;
	}
	// If not in cache, resolve it and add to cache
	var resolvedType = AppDomain.CurrentDomain
	.GetAssemblies()
	.SelectMany(assembly => assembly.GetTypes())
	.FirstOrDefault(type => type.FullName == enumName && type.IsEnum);
	if (resolvedType != null)
	{
	_enumTypeCache[enumName] = resolvedType;
	}
	return resolvedType;
	}

[sourcery-ai]

建议： 在错误日志中包含更多上下文

在错误日志中添加API名称和其他相关上下文，以帮助调试生产问题。

Suggested change

	catch (Exception e)
	{
	MelonLogger.Error($"[NetPacketExtension] Failed to process NetPacket: {e}");
	catch (Exception e)
	{
	MelonLogger.Error($"[NetPacketExtension] 处理 API '{api}' 的 NetPacket 失败（响应长度：{decodedResponse?.Length ?? 0} 字节）：{e}");

Original comment in English

suggestion: Include more context in error logging

Add API name and other relevant context to the error log to aid in debugging production issues.

Suggested change

	catch (Exception e)
	{
	MelonLogger.Error($"[NetPacketExtension] Failed to process NetPacket: {e}");
	catch (Exception e)
	{
	MelonLogger.Error($"[NetPacketExtension] Failed to process NetPacket for API '{api}' (response length: {decodedResponse?.Length ?? 0} bytes): {e}");