admin/go-socket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

rethink needed

Browse Source
This commit is contained in:
Sisi
2026-04-26 21:56:00 +02:00
parent 472b4ea703
commit ca084a21fa
3 changed files with 33 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/httpRequest/get.go
+2 -19
View File
@@ -3,7 +3,6 @@ package httpRequest
import ( import (
"context" "context"
"errors" "errors"
"log/slog"
"net/http" "net/http"
"go-socket/packages/convertions" "go-socket/packages/convertions"
@@ -100,29 +99,13 @@ func getHubChannelIfValidWithResponseOnFail(ctx context.Context, response http.R
} }
channel, ok := hub.Channels[channelUuid] channel, ok := hub.Channels[channelUuid]
if !ok { if !ok {
http.Error(response, "invalid channelid", http.StatusUnauthorized) http.Error(response, "invalid channelid", http.StatusBadRequest)
return nil, errors.New("invalid channelid") return nil, errors.New("invalid channelid")
} }
group := hub.Groups[channel.ParentId] if !haveUserPermissionsOnChannel(types.CachedUserCanView, hubUser, channel) {
if group == nil {
slog.Warn("hub channel has no parent group", "Hub", hub.Id, "Channel", channel.Id)
http.Error(response, "internal server error", http.StatusInternalServerError)
return nil, errors.New("internal server error")
}
if !group.RolesCanView.HasSameId(hubUser.Roles) {
http.Error(response, "invalid channelid", http.StatusUnauthorized)
return nil, errors.New("invalid channelid")
}
if !channel.RolesCanView.HasSameId(hubUser.Roles) {
http.Error(response, "invalid channelid", http.StatusUnauthorized)
return nil, errors.New("invalid channelid") return nil, errors.New("invalid channelid")
} }
return channel, nil return channel, nil
} }
// TODO cache on roles or channels needed for quick lookup
func getHubChannelReadHistorayAndViewChannel(hub *types.Hub, channel *types.HubChannel) []*types.HubUser
packages/httpRequest/hubs.go
+24 -2
View File
@@ -6,11 +6,18 @@ import (
"go-socket/packages/convertions" "go-socket/packages/convertions"
"go-socket/packages/types" "go-socket/packages/types"
"go-socket/packages/wsServer"
"github.com/google/uuid" "github.com/google/uuid"
) )
func canHubUserMessage(channel) func haveUserPermissionsOnChannel(permissions types.CachedUserPermissions, user *types.HubUser, channel *types.HubChannel) bool {
checkAgainst, ok := channel.UsersCachedPermissions[user.OriginalId]
if !ok || (permissions&checkAgainst) == checkAgainst {
return false
}
return true
}
func HandleHubCreate(response http.ResponseWriter, request *http.Request) { func HandleHubCreate(response http.ResponseWriter, request *http.Request) {
if !validCheckWithResponseOnFail(&response, request, normal) { if !validCheckWithResponseOnFail(&response, request, normal) {
@@ -58,6 +65,7 @@ func HandleHubCreate(response http.ResponseWriter, request *http.Request) {
Color: types.Rgba{}.GetRandom(), Color: types.Rgba{}.GetRandom(),
CreatedAt: hub.CreatedAt, CreatedAt: hub.CreatedAt,
} }
hub.JoinRole = memberRole
hub.Roles[memberRole.Id] = memberRole hub.Roles[memberRole.Id] = memberRole
creator.Roles.Add(memberRole.Id) creator.Roles.Add(memberRole.Id)
@@ -83,7 +91,7 @@ func HandleHubCreate(response http.ResponseWriter, request *http.Request) {
channel.RolesCanView.Add(memberRole.Id) channel.RolesCanView.Add(memberRole.Id)
channel.RolesCanReadHistory.Add(rootGroup.Id) channel.RolesCanReadHistory.Add(rootGroup.Id)
channel.RolesCanReadHistory.Add(memberRole.Id) channel.RolesCanReadHistory.Add(memberRole.Id)
channel.UsersCanView.Add() channel.UsersCachedPermissions[creator.OriginalId] = types.CachedUserPermissionsAll
hub.Channels[channel.Id] = channel hub.Channels[channel.Id] = channel
} }
@@ -122,4 +130,18 @@ func HandleChannelSendMessage(response http.ResponseWriter, request *http.Reques
return return
} }
if !haveUserPermissionsOnChannel(types.CachedUserCanMessage, hubUser, channel) {
http.Error(response, "cannot send messages here", http.StatusUnauthorized)
return
}
for id, userCachedPerms := range channel.UsersCachedPermissions {
if !userCachedPerms.CanReadHistory() || id == user.Id {
continue
}
targetUser, ok :=
wsServer.WsSendMessageCloseIfTimeout()
}
} }
packages/types/types.go
+6 -1
View File
@@ -206,6 +206,8 @@ const (
CachedUserCanMessage CachedUserCanMessage
) )
const CachedUserPermissionsAll = CachedUserCanMessage | CachedUserCanReadHistory | CachedUserCanReadHistory
func (p *CachedUserPermissions) SetCanView() { *p |= CachedUserCanView } func (p *CachedUserPermissions) SetCanView() { *p |= CachedUserCanView }
func (p *CachedUserPermissions) ClearCanView() { *p &^= CachedUserCanView } func (p *CachedUserPermissions) ClearCanView() { *p &^= CachedUserCanView }
func (p CachedUserPermissions) CanView() bool { return p&CachedUserCanView != 0 } func (p CachedUserPermissions) CanView() bool { return p&CachedUserCanView != 0 }
@@ -284,7 +286,9 @@ type HubGroup struct {
} }
func NewHubGroup() *HubGroup { func NewHubGroup() *HubGroup {
return &HubGroup{} return &HubGroup{
UsersCachedPermissions: make(map[uuid.UUID]CachedUserPermissions),
}
} }
type HubChannel struct { type HubChannel struct {
@@ -308,6 +312,7 @@ type HubChannel struct {
func NewHubChannel() *HubChannel { func NewHubChannel() *HubChannel {
return &HubChannel{ return &HubChannel{
MessagesBuff: make([]*Message, config.MaxHubChannelMsgCache), MessagesBuff: make([]*Message, config.MaxHubChannelMsgCache),
UsersCachedPermissions: make(map[uuid.UUID]CachedUserPermissions),
} }
} }
func (conn *HubChannel) AddMessageToBuff(message *Message) { func (conn *HubChannel) AddMessageToBuff(message *Message) {