infra
/
cryptpad
2
1
Fork 0
Code Issues Pull Requests Projects Releases 1 Activity

implement 'removeOwnedChannel' rpc and...

Browse Source 
additional checks for rpc permissions
pull/1/head
ansuz 7 years ago
parent 544a26f6b3
commit 5114292b43
1 changed files with 34 additions and 1 deletions
Show Stats Download Patch File Download Diff File

35
rpc.js
Unescape Escape View File

@ -784,6 +784,27 @@ var clearOwnedChannel = function (Env, channelId, unsafeKey, cb) {
}); });
}; };
var removeOwnedChannel = function (Env, channelId, unsafeKey, cb) {
if (typeof(channelId) !== 'string' || channelId.length !== 32) {
return cb('INVALID_ARGUMENTS');
}
if (!(Env.msgStore && Env.msgStore.removeChannel && Env.msgStore.getChannelMetadata)) {
return cb("E_NOT_IMPLEMENTED");
}
Env.msgStore.getChannelMetadata(channelId, function (e, metadata) {
if (e) { return cb(e); }
if (!(metadata && Array.isArray(metadata.owners))) { return void cb('E_NO_OWNERS'); }
if (metadata.owners.indexOf(unsafeKey) === -1) {
return void cb('INSUFFICIENT_PERMISSIONS');
}
return void Env.msgStore.removeChannel(channelId, function (e) {
cb(e);
});
});
};
var upload = function (Env, publicKey, content, cb) { var upload = function (Env, publicKey, content, cb) {
var paths = Env.paths; var paths = Env.paths;
var dec; var dec;
@ -998,9 +1019,12 @@ var isAuthenticatedCall = function (call) {
'GET_TOTAL_SIZE', 'GET_TOTAL_SIZE',
'UPDATE_LIMITS', 'UPDATE_LIMITS',
'GET_LIMIT', 'GET_LIMIT',
'UPLOAD_STATUS',
'UPLOAD_COMPLETE', 'UPLOAD_COMPLETE',
'UPLOAD_CANCEL', 'UPLOAD_CANCEL',
'EXPIRE_SESSION' 'EXPIRE_SESSION',
'CLEAR_OWNED_CHANNEL',
'REMOVE_OWNED_CHANNEL',
].indexOf(call) !== -1; ].indexOf(call) !== -1;
}; };
@ -1140,6 +1164,9 @@ RPC.create = function (config /*:typeof(ConfigType)*/, cb /*:(?Error, ?Function)
if (checkSignature(serialized, signature, publicKey) !== true) { if (checkSignature(serialized, signature, publicKey) !== true) {
return void respond("INVALID_SIGNATURE_OR_PUBLIC_KEY"); return void respond("INVALID_SIGNATURE_OR_PUBLIC_KEY");
} }
} else if (msg[1] !== 'UPLOAD') {
console.error("INVALID_RPC CALL:", msg[1]);
return void respond("INVALID_RPC_CALL");
} }
var safeKey = escapeKeyCharacters(publicKey); var safeKey = escapeKeyCharacters(publicKey);
@ -1241,6 +1268,12 @@ RPC.create = function (config /*:typeof(ConfigType)*/, cb /*:(?Error, ?Function)
if (e) { return void Respond(e); } if (e) { return void Respond(e); }
Respond(void 0, response); Respond(void 0, response);
}); });
case 'REMOVE_OWNED_CHANNEL':
return void removeOwnedChannel(Env, msg[1], publicKey, function (e, response) {
if (e) { return void Respond(e); }
Respond(void 0, response);
});
// restricted to privileged users... // restricted to privileged users...
case 'UPLOAD': case 'UPLOAD':
if (!privileged) { return deny(); } if (!privileged) { return deny(); }

Write Preview
Loading…
Cancel
Save