rethink needed
This commit is contained in:
@@ -3,7 +3,6 @@ package httpRequest
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"log/slog"
|
||||
"net/http"
|
||||
|
||||
"go-socket/packages/convertions"
|
||||
@@ -100,29 +99,13 @@ func getHubChannelIfValidWithResponseOnFail(ctx context.Context, response http.R
|
||||
}
|
||||
channel, ok := hub.Channels[channelUuid]
|
||||
if !ok {
|
||||
http.Error(response, "invalid channelid", http.StatusUnauthorized)
|
||||
http.Error(response, "invalid channelid", http.StatusBadRequest)
|
||||
return nil, errors.New("invalid channelid")
|
||||
}
|
||||
|
||||
group := hub.Groups[channel.ParentId]
|
||||
if group == nil {
|
||||
slog.Warn("hub channel has no parent group", "Hub", hub.Id, "Channel", channel.Id)
|
||||
http.Error(response, "internal server error", http.StatusInternalServerError)
|
||||
return nil, errors.New("internal server error")
|
||||
}
|
||||
|
||||
if !group.RolesCanView.HasSameId(hubUser.Roles) {
|
||||
http.Error(response, "invalid channelid", http.StatusUnauthorized)
|
||||
return nil, errors.New("invalid channelid")
|
||||
}
|
||||
|
||||
if !channel.RolesCanView.HasSameId(hubUser.Roles) {
|
||||
http.Error(response, "invalid channelid", http.StatusUnauthorized)
|
||||
if !haveUserPermissionsOnChannel(types.CachedUserCanView, hubUser, channel) {
|
||||
return nil, errors.New("invalid channelid")
|
||||
}
|
||||
|
||||
return channel, nil
|
||||
}
|
||||
|
||||
// TODO cache on roles or channels needed for quick lookup
|
||||
func getHubChannelReadHistorayAndViewChannel(hub *types.Hub, channel *types.HubChannel) []*types.HubUser
|
||||
|
||||
@@ -6,11 +6,18 @@ import (
|
||||
|
||||
"go-socket/packages/convertions"
|
||||
"go-socket/packages/types"
|
||||
"go-socket/packages/wsServer"
|
||||
|
||||
"github.com/google/uuid"
|
||||
)
|
||||
|
||||
func canHubUserMessage(channel)
|
||||
func haveUserPermissionsOnChannel(permissions types.CachedUserPermissions, user *types.HubUser, channel *types.HubChannel) bool {
|
||||
checkAgainst, ok := channel.UsersCachedPermissions[user.OriginalId]
|
||||
if !ok || (permissions&checkAgainst) == checkAgainst {
|
||||
return false
|
||||
}
|
||||
return true
|
||||
}
|
||||
|
||||
func HandleHubCreate(response http.ResponseWriter, request *http.Request) {
|
||||
if !validCheckWithResponseOnFail(&response, request, normal) {
|
||||
@@ -58,6 +65,7 @@ func HandleHubCreate(response http.ResponseWriter, request *http.Request) {
|
||||
Color: types.Rgba{}.GetRandom(),
|
||||
CreatedAt: hub.CreatedAt,
|
||||
}
|
||||
hub.JoinRole = memberRole
|
||||
hub.Roles[memberRole.Id] = memberRole
|
||||
creator.Roles.Add(memberRole.Id)
|
||||
|
||||
@@ -83,7 +91,7 @@ func HandleHubCreate(response http.ResponseWriter, request *http.Request) {
|
||||
channel.RolesCanView.Add(memberRole.Id)
|
||||
channel.RolesCanReadHistory.Add(rootGroup.Id)
|
||||
channel.RolesCanReadHistory.Add(memberRole.Id)
|
||||
channel.UsersCanView.Add()
|
||||
channel.UsersCachedPermissions[creator.OriginalId] = types.CachedUserPermissionsAll
|
||||
hub.Channels[channel.Id] = channel
|
||||
}
|
||||
|
||||
@@ -122,4 +130,18 @@ func HandleChannelSendMessage(response http.ResponseWriter, request *http.Reques
|
||||
return
|
||||
}
|
||||
|
||||
if !haveUserPermissionsOnChannel(types.CachedUserCanMessage, hubUser, channel) {
|
||||
http.Error(response, "cannot send messages here", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
for id, userCachedPerms := range channel.UsersCachedPermissions {
|
||||
if !userCachedPerms.CanReadHistory() || id == user.Id {
|
||||
continue
|
||||
}
|
||||
|
||||
targetUser, ok :=
|
||||
|
||||
wsServer.WsSendMessageCloseIfTimeout()
|
||||
}
|
||||
}
|
||||
|
||||
@@ -206,6 +206,8 @@ const (
|
||||
CachedUserCanMessage
|
||||
)
|
||||
|
||||
const CachedUserPermissionsAll = CachedUserCanMessage | CachedUserCanReadHistory | CachedUserCanReadHistory
|
||||
|
||||
func (p *CachedUserPermissions) SetCanView() { *p |= CachedUserCanView }
|
||||
func (p *CachedUserPermissions) ClearCanView() { *p &^= CachedUserCanView }
|
||||
func (p CachedUserPermissions) CanView() bool { return p&CachedUserCanView != 0 }
|
||||
@@ -284,7 +286,9 @@ type HubGroup struct {
|
||||
}
|
||||
|
||||
func NewHubGroup() *HubGroup {
|
||||
return &HubGroup{}
|
||||
return &HubGroup{
|
||||
UsersCachedPermissions: make(map[uuid.UUID]CachedUserPermissions),
|
||||
}
|
||||
}
|
||||
|
||||
type HubChannel struct {
|
||||
@@ -308,6 +312,7 @@ type HubChannel struct {
|
||||
func NewHubChannel() *HubChannel {
|
||||
return &HubChannel{
|
||||
MessagesBuff: make([]*Message, config.MaxHubChannelMsgCache),
|
||||
UsersCachedPermissions: make(map[uuid.UUID]CachedUserPermissions),
|
||||
}
|
||||
}
|
||||
func (conn *HubChannel) AddMessageToBuff(message *Message) {
|
||||
|
||||
Reference in New Issue
Block a user