kick unauthorized users from restricted channels
and update dependencies
This commit is contained in:
ansuz
parent
77785e79af
commit
7ee8778210
@ -71,7 +71,7 @@ Data.setMetadata = function (Env, safeKey, data, cb, Server) {
|
|||||||
if (Meta.commands.indexOf(command) === -1) { return void cb('UNSUPPORTED_COMMAND'); }
|
if (Meta.commands.indexOf(command) === -1) { return void cb('UNSUPPORTED_COMMAND'); }
|
||||||
|
|
||||||
queueMetadata(channel, function (next) {
|
queueMetadata(channel, function (next) {
|
||||||
Data.getMetadata(Env, channel, function (err, metadata) {
|
Data.getMetadataRaw(Env, channel, function (err, metadata) {
|
||||||
if (err) {
|
if (err) {
|
||||||
cb(err);
|
cb(err);
|
||||||
return void next();
|
return void next();
|
||||||
@ -133,34 +133,70 @@ Data.setMetadata = function (Env, safeKey, data, cb, Server) {
|
|||||||
return void next();
|
return void next();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// send the message back to the person who changed it
|
||||||
// chainpad-server@4.0.3 supports a removeFromChannel method
|
// since we know they're allowed to see it
|
||||||
// Server.removeFromChannel(channelName, userId);
|
|
||||||
// this lets us kick users from restricted channels
|
|
||||||
|
|
||||||
// XXX RESTRICT
|
|
||||||
// if the metadata changes and includes an allowed list
|
|
||||||
// kick any current users from the channel
|
|
||||||
// if they aren't on it.
|
|
||||||
|
|
||||||
// review Server.channelBroadcast as used for EEXPIRED
|
|
||||||
// send them to the user in question, from historyKeeper
|
|
||||||
|
|
||||||
cb(void 0, metadata);
|
cb(void 0, metadata);
|
||||||
next();
|
next();
|
||||||
|
|
||||||
const metadata_cache = Env.metadata_cache;
|
const metadata_cache = Env.metadata_cache;
|
||||||
const channel_cache = Env.channel_cache;
|
const channel_cache = Env.channel_cache;
|
||||||
|
|
||||||
|
// update the cached metadata
|
||||||
metadata_cache[channel] = metadata;
|
metadata_cache[channel] = metadata;
|
||||||
|
|
||||||
|
// as well as the metadata that's attached to the index...
|
||||||
|
// XXX determine if we actually need this...
|
||||||
var index = Util.find(channel_cache, [channel, 'index']);
|
var index = Util.find(channel_cache, [channel, 'index']);
|
||||||
if (index && typeof(index) === 'object') { index.metadata = metadata; }
|
if (index && typeof(index) === 'object') { index.metadata = metadata; }
|
||||||
|
|
||||||
Server.channelBroadcast(channel, JSON.stringify(metadata), Env.historyKeeper.id);
|
// it's easy to check if the channel is restricted
|
||||||
|
const isRestricted = metadata.restricted;
|
||||||
|
// and these values will be used in any case
|
||||||
|
const s_metadata = JSON.stringify(metadata);
|
||||||
|
const hk_id = Env.historyKeeper.id;
|
||||||
|
|
||||||
|
if (!isRestricted) {
|
||||||
|
// pre-allow-list behaviour
|
||||||
|
// if it's not restricted, broadcast the new metadata to everyone
|
||||||
|
return void Server.channelBroadcast(channel, s_metadata, hk_id);
|
||||||
|
}
|
||||||
|
|
||||||
|
// otherwise derive the list of users (unsafeKeys) that are allowed to stay
|
||||||
|
const allowed = HK.listAllowedUsers(metadata);
|
||||||
|
// anyone who is not allowed will get the same error message
|
||||||
|
const s_error = JSON.stringify({
|
||||||
|
error: 'ERESTRICTED',
|
||||||
|
channel: channel,
|
||||||
|
});
|
||||||
|
|
||||||
|
// iterate over the channel's userlist
|
||||||
|
const toRemove = [];
|
||||||
|
Server.getChannelUserList(channel).forEach(function (userId) {
|
||||||
|
const session = HK.getNetfluxSession(Env, userId);
|
||||||
|
|
||||||
|
// if the user is allowed to remain, send them the metadata
|
||||||
|
if (HK.isUserSessionAllowed(allowed, session)) {
|
||||||
|
return void Server.send(userId, [
|
||||||
|
0,
|
||||||
|
hk_id,
|
||||||
|
'MSG',
|
||||||
|
userId,
|
||||||
|
s_metadata
|
||||||
|
], function () {});
|
||||||
|
}
|
||||||
|
// otherwise they are not in the list.
|
||||||
|
// send them an error and kick them out!
|
||||||
|
Server.send(userId, [
|
||||||
|
0,
|
||||||
|
hk_id,
|
||||||
|
'MSG',
|
||||||
|
userId,
|
||||||
|
s_error
|
||||||
|
], function () {});
|
||||||
|
});
|
||||||
|
|
||||||
|
Server.removeFromChannel(channel, toRemove);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
4
package-lock.json
generated
4
package-lock.json
generated
@ -113,9 +113,7 @@
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
"chainpad-server": {
|
"chainpad-server": {
|
||||||
"version": "4.0.2",
|
"version": "4.0.3",
|
||||||
"resolved": "https://registry.npmjs.org/chainpad-server/-/chainpad-server-4.0.2.tgz",
|
|
||||||
"integrity": "sha512-9NrFsATd70uAdksxsCZBIJ/SiREmJ6QLYTNaeFLH/nJpeZ2b7wblVGABCj3JYWvngdEZ7Umc+afbWH8sUmtgeQ==",
|
|
||||||
"requires": {
|
"requires": {
|
||||||
"nthen": "0.1.8",
|
"nthen": "0.1.8",
|
||||||
"pull-stream": "^3.6.9",
|
"pull-stream": "^3.6.9",
|
||||||
|
|||||||
@ -13,7 +13,7 @@
|
|||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"chainpad-crypto": "^0.2.2",
|
"chainpad-crypto": "^0.2.2",
|
||||||
"chainpad-server": "^4.0.0",
|
"chainpad-server": "^4.0.3",
|
||||||
"express": "~4.16.0",
|
"express": "~4.16.0",
|
||||||
"fs-extra": "^7.0.0",
|
"fs-extra": "^7.0.0",
|
||||||
"get-folder-size": "^2.0.1",
|
"get-folder-size": "^2.0.1",
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user