kick unauthorized users from restricted channels

and update dependencies
5 years ago · 7ee8778210
parent 77785e79af
commit 7ee8778210
3 changed files with 55 additions and 21 deletions
--- a/lib/commands/metadata.js
+++ b/lib/commands/metadata.js
@ -71,7 +71,7 @@ Data.setMetadata = function (Env, safeKey, data, cb, Server) {
    if (Meta.commands.indexOf(command) === -1) { return void cb('UNSUPPORTED_COMMAND'); }
    queueMetadata(channel, function (next) {
-        Data.getMetadata(Env, channel, function (err, metadata) {
+        Data.getMetadataRaw(Env, channel, function (err, metadata) {
            if (err) {
                cb(err);
                return void next();
@ -133,34 +133,70 @@ Data.setMetadata = function (Env, safeKey, data, cb, Server) {
                    return void next();
                }
-
+                // send the message back to the person who changed it
-            // chainpad-server@4.0.3 supports a removeFromChannel method
+                // since we know they're allowed to see it
            // Server.removeFromChannel(channelName, userId);
            // this lets us kick users from restricted channels
            // XXX RESTRICT
            // if the metadata changes and includes an allowed list
            // kick any current users from the channel
            // if they aren't on it.
            // review Server.channelBroadcast as used for EEXPIRED
            // send them to the user in question, from historyKeeper
                cb(void 0, metadata);
                next();
                const metadata_cache = Env.metadata_cache;
                const channel_cache = Env.channel_cache;
                // update the cached metadata
                metadata_cache[channel] = metadata;
                // as well as the metadata that's attached to the index...
                // XXX determine if we actually need this...
                var index = Util.find(channel_cache, [channel, 'index']);
                if (index && typeof(index) === 'object') { index.metadata = metadata; }
-                Server.channelBroadcast(channel, JSON.stringify(metadata), Env.historyKeeper.id);
+                // it's easy to check if the channel is restricted
                const isRestricted = metadata.restricted;
                // and these values will be used in any case
                const s_metadata = JSON.stringify(metadata);
                const hk_id = Env.historyKeeper.id;
                if (!isRestricted) {
                    // pre-allow-list behaviour
                    // if it's not restricted, broadcast the new metadata to everyone
                    return void Server.channelBroadcast(channel, s_metadata, hk_id);
                }
                // otherwise derive the list of users (unsafeKeys) that are allowed to stay
                const allowed = HK.listAllowedUsers(metadata);
                // anyone who is not allowed will get the same error message
                const s_error = JSON.stringify({
                    error: 'ERESTRICTED',
                    channel: channel,
                });
                // iterate over the channel's userlist
                const toRemove = [];
                Server.getChannelUserList(channel).forEach(function (userId) {
                    const session = HK.getNetfluxSession(Env, userId);
                    // if the user is allowed to remain, send them the metadata
                    if (HK.isUserSessionAllowed(allowed, session)) {
                        return void Server.send(userId, [
                            0,
                            hk_id,
                            'MSG',
                            userId,
                            s_metadata
                        ], function () {});
                    }
                    // otherwise they are not in the list.
                    // send them an error and kick them out!
                    Server.send(userId, [
                        0,
                        hk_id,
                        'MSG',
                        userId,
                        s_error
                    ], function () {});
                });
                Server.removeFromChannel(channel, toRemove);
            });
        });
    });
 };
--- a/package-lock.json
+++ b/package-lock.json
@ -113,9 +113,7 @@
      }
    },
    "chainpad-server": {
-      "version": "4.0.2",
+      "version": "4.0.3",
      "resolved": "https://registry.npmjs.org/chainpad-server/-/chainpad-server-4.0.2.tgz",
      "integrity": "sha512-9NrFsATd70uAdksxsCZBIJ/SiREmJ6QLYTNaeFLH/nJpeZ2b7wblVGABCj3JYWvngdEZ7Umc+afbWH8sUmtgeQ==",
      "requires": {
        "nthen": "0.1.8",
        "pull-stream": "^3.6.9",
--- a/package.json
+++ b/package.json
@ -13,7 +13,7 @@
  },
  "dependencies": {
    "chainpad-crypto": "^0.2.2",
-    "chainpad-server": "^4.0.0",
+    "chainpad-server": "^4.0.3",
    "express": "~4.16.0",
    "fs-extra": "^7.0.0",
    "get-folder-size": "^2.0.1",