From 544a26f6b322a23ddd0efe735088a59d71996893 Mon Sep 17 00:00:00 2001 From: ansuz Date: Fri, 19 Jan 2018 10:25:29 +0100 Subject: [PATCH 1/2] fix a typo --- rpc.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rpc.js b/rpc.js index 87f01a057..eae1bf22f 100644 --- a/rpc.js +++ b/rpc.js @@ -773,7 +773,7 @@ var clearOwnedChannel = function (Env, channelId, unsafeKey, cb) { Env.msgStore.getChannelMetadata(channelId, function (e, metadata) { if (e) { return cb(e); } if (!(metadata && Array.isArray(metadata.owners))) { return void cb('E_NO_OWNERS'); } - // Confirm that the channel is owned by the user is question + // Confirm that the channel is owned by the user in question if (metadata.owners.indexOf(unsafeKey) === -1) { return void cb('INSUFFICIENT_PERMISSIONS'); } From 5114292b433ff661aff65d701a9da9dc015144b8 Mon Sep 17 00:00:00 2001 From: ansuz Date: Fri, 19 Jan 2018 10:26:21 +0100 Subject: [PATCH 2/2] implement 'removeOwnedChannel' rpc and... additional checks for rpc permissions --- rpc.js | 35 ++++++++++++++++++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) diff --git a/rpc.js b/rpc.js index eae1bf22f..b48df570a 100644 --- a/rpc.js +++ b/rpc.js @@ -784,6 +784,27 @@ var clearOwnedChannel = function (Env, channelId, unsafeKey, cb) { }); }; +var removeOwnedChannel = function (Env, channelId, unsafeKey, cb) { + if (typeof(channelId) !== 'string' || channelId.length !== 32) { + return cb('INVALID_ARGUMENTS'); + } + + if (!(Env.msgStore && Env.msgStore.removeChannel && Env.msgStore.getChannelMetadata)) { + return cb("E_NOT_IMPLEMENTED"); + } + + Env.msgStore.getChannelMetadata(channelId, function (e, metadata) { + if (e) { return cb(e); } + if (!(metadata && Array.isArray(metadata.owners))) { return void cb('E_NO_OWNERS'); } + if (metadata.owners.indexOf(unsafeKey) === -1) { + return void cb('INSUFFICIENT_PERMISSIONS'); + } + return void Env.msgStore.removeChannel(channelId, function (e) { + cb(e); + }); + }); +}; + var upload = function (Env, publicKey, content, cb) { var paths = Env.paths; var dec; @@ -998,9 +1019,12 @@ var isAuthenticatedCall = function (call) { 'GET_TOTAL_SIZE', 'UPDATE_LIMITS', 'GET_LIMIT', + 'UPLOAD_STATUS', 'UPLOAD_COMPLETE', 'UPLOAD_CANCEL', - 'EXPIRE_SESSION' + 'EXPIRE_SESSION', + 'CLEAR_OWNED_CHANNEL', + 'REMOVE_OWNED_CHANNEL', ].indexOf(call) !== -1; }; @@ -1140,6 +1164,9 @@ RPC.create = function (config /*:typeof(ConfigType)*/, cb /*:(?Error, ?Function) if (checkSignature(serialized, signature, publicKey) !== true) { return void respond("INVALID_SIGNATURE_OR_PUBLIC_KEY"); } + } else if (msg[1] !== 'UPLOAD') { + console.error("INVALID_RPC CALL:", msg[1]); + return void respond("INVALID_RPC_CALL"); } var safeKey = escapeKeyCharacters(publicKey); @@ -1241,6 +1268,12 @@ RPC.create = function (config /*:typeof(ConfigType)*/, cb /*:(?Error, ?Function) if (e) { return void Respond(e); } Respond(void 0, response); }); + + case 'REMOVE_OWNED_CHANNEL': + return void removeOwnedChannel(Env, msg[1], publicKey, function (e, response) { + if (e) { return void Respond(e); } + Respond(void 0, response); + }); // restricted to privileged users... case 'UPLOAD': if (!privileged) { return deny(); }