merge communities-allow-list and lint compliance
This commit is contained in:
ansuz
@@ -261,6 +261,8 @@ Channel.writePrivateMessage = function (Env, args, cb, Server) {
|
||||
msg // the actual message content. Generally a string
|
||||
];
|
||||
|
||||
// XXX RESTRICT respect allow lists
|
||||
|
||||
// historyKeeper already knows how to handle metadata and message validation, so we just pass it off here
|
||||
// if the message isn't valid it won't be stored.
|
||||
Env.historyKeeper.channelMessage(Server, channelStruct, fullMessage);
|
||||
|
||||
@@ -2,21 +2,24 @@
|
||||
const Data = module.exports;
|
||||
|
||||
const Meta = require("../metadata");
|
||||
const BatchRead = require("../batch-read");
|
||||
const WriteQueue = require("../write-queue");
|
||||
const Core = require("./core");
|
||||
const Util = require("../common-util");
|
||||
const HK = require("../hk-util");
|
||||
|
||||
const batchMetadata = BatchRead("GET_METADATA");
|
||||
Data.getMetadata = function (Env, channel, cb/* , Server */) {
|
||||
Data.getMetadataRaw = function (Env, channel /* channelName */, _cb) {
|
||||
const cb = Util.once(Util.mkAsync(_cb));
|
||||
if (!Core.isValidId(channel)) { return void cb('INVALID_CHAN'); }
|
||||
if (channel.length !== 32) { return cb("INVALID_CHAN_LENGTH"); }
|
||||
if (channel.length !== HK.STANDARD_CHANNEL_LENGTH) { return cb("INVALID_CHAN_LENGTH"); }
|
||||
|
||||
// FIXME get metadata from the server cache if it is available
|
||||
batchMetadata(channel, cb, function (done) {
|
||||
var cached = Env.metadata_cache[channel];
|
||||
if (HK.isMetadataMessage(cached)) {
|
||||
return void cb(void 0, cached);
|
||||
}
|
||||
|
||||
Env.batchMetadata(channel, cb, function (done) {
|
||||
var ref = {};
|
||||
var lineHandler = Meta.createLineHandler(ref, Env.Log.error);
|
||||
|
||||
return void Env.msgStore.readChannelMetadata(channel, lineHandler, function (err) {
|
||||
if (err) {
|
||||
// stream errors?
|
||||
@@ -27,6 +30,28 @@ Data.getMetadata = function (Env, channel, cb/* , Server */) {
|
||||
});
|
||||
};
|
||||
|
||||
Data.getMetadata = function (Env, channel, cb, Server, netfluxId) {
|
||||
Data.getMetadataRaw(Env, channel, function (err, metadata) {
|
||||
if (err) { return void cb(err); }
|
||||
|
||||
if (!(metadata && metadata.restricted)) {
|
||||
// if it's not restricted then just call back
|
||||
return void cb(void 0, metadata);
|
||||
}
|
||||
|
||||
const session = HK.getNetfluxSession(Env, netfluxId);
|
||||
const allowed = HK.listAllowedUsers(metadata);
|
||||
|
||||
if (!HK.isUserSessionAllowed(allowed, session)) {
|
||||
return void cb(void 0, {
|
||||
restricted: metadata.restricted,
|
||||
allowed: allowed,
|
||||
});
|
||||
}
|
||||
cb(void 0, metadata);
|
||||
});
|
||||
};
|
||||
|
||||
/* setMetadata
|
||||
- write a new line to the metadata log if a valid command is provided
|
||||
- data is an object: {
|
||||
@@ -46,7 +71,7 @@ Data.setMetadata = function (Env, safeKey, data, cb, Server) {
|
||||
if (Meta.commands.indexOf(command) === -1) { return void cb('UNSUPPORTED_COMMAND'); }
|
||||
|
||||
queueMetadata(channel, function (next) {
|
||||
Data.getMetadata(Env, channel, function (err, metadata) {
|
||||
Data.getMetadataRaw(Env, channel, function (err, metadata) {
|
||||
if (err) {
|
||||
cb(err);
|
||||
return void next();
|
||||
@@ -108,21 +133,70 @@ Data.setMetadata = function (Env, safeKey, data, cb, Server) {
|
||||
return void next();
|
||||
}
|
||||
|
||||
// send the message back to the person who changed it
|
||||
// since we know they're allowed to see it
|
||||
cb(void 0, metadata);
|
||||
next();
|
||||
|
||||
const metadata_cache = Env.metadata_cache;
|
||||
const channel_cache = Env.channel_cache;
|
||||
|
||||
// update the cached metadata
|
||||
metadata_cache[channel] = metadata;
|
||||
|
||||
// as well as the metadata that's attached to the index...
|
||||
// XXX determine if we actually need this...
|
||||
var index = Util.find(channel_cache, [channel, 'index']);
|
||||
if (index && typeof(index) === 'object') { index.metadata = metadata; }
|
||||
|
||||
Server.channelBroadcast(channel, JSON.stringify(metadata), Env.historyKeeper.id);
|
||||
// it's easy to check if the channel is restricted
|
||||
const isRestricted = metadata.restricted;
|
||||
// and these values will be used in any case
|
||||
const s_metadata = JSON.stringify(metadata);
|
||||
const hk_id = Env.historyKeeper.id;
|
||||
|
||||
if (!isRestricted) {
|
||||
// pre-allow-list behaviour
|
||||
// if it's not restricted, broadcast the new metadata to everyone
|
||||
return void Server.channelBroadcast(channel, s_metadata, hk_id);
|
||||
}
|
||||
|
||||
// otherwise derive the list of users (unsafeKeys) that are allowed to stay
|
||||
const allowed = HK.listAllowedUsers(metadata);
|
||||
// anyone who is not allowed will get the same error message
|
||||
const s_error = JSON.stringify({
|
||||
error: 'ERESTRICTED',
|
||||
channel: channel,
|
||||
});
|
||||
|
||||
// iterate over the channel's userlist
|
||||
const toRemove = [];
|
||||
Server.getChannelUserList(channel).forEach(function (userId) {
|
||||
const session = HK.getNetfluxSession(Env, userId);
|
||||
|
||||
// if the user is allowed to remain, send them the metadata
|
||||
if (HK.isUserSessionAllowed(allowed, session)) {
|
||||
return void Server.send(userId, [
|
||||
0,
|
||||
hk_id,
|
||||
'MSG',
|
||||
userId,
|
||||
s_metadata
|
||||
], function () {});
|
||||
}
|
||||
// otherwise they are not in the list.
|
||||
// send them an error and kick them out!
|
||||
Server.send(userId, [
|
||||
0,
|
||||
hk_id,
|
||||
'MSG',
|
||||
userId,
|
||||
s_error
|
||||
], function () {});
|
||||
});
|
||||
|
||||
Server.removeFromChannel(channel, toRemove);
|
||||
});
|
||||
});
|
||||
});
|
||||
};
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user