From c6b8b11dc3c18c7b55ef3646970665b969b3067a Mon Sep 17 00:00:00 2001 From: yflory Date: Fri, 19 Mar 2021 18:10:27 +0100 Subject: [PATCH] Fix Destroy and change password when pad not stored --- www/common/cryptpad-common.js | 16 ++++++++++++---- www/common/inner/access.js | 11 +++++++++-- www/common/outer/async-store.js | 2 ++ www/common/proxy-manager.js | 15 ++++++++++++--- www/common/sframe-common-outer.js | 1 + www/secureiframe/main.js | 1 + 6 files changed, 37 insertions(+), 9 deletions(-) diff --git a/www/common/cryptpad-common.js b/www/common/cryptpad-common.js index 31c65bb86..f4419d2cb 100644 --- a/www/common/cryptpad-common.js +++ b/www/common/cryptpad-common.js @@ -1095,6 +1095,7 @@ define([ common.changePadPassword = function (Crypt, Crypto, data, cb) { var href = data.href; + var oldPassword = data.oldPassword; var newPassword = data.password; var teamId = data.teamId; if (!href) { return void cb({ error: 'EINVAL_HREF' }); } @@ -1123,7 +1124,9 @@ define([ var isSharedFolder = parsed.type === 'drive'; - var optsGet = {}; + var optsGet = { + password: oldPassword + }; var optsPut = { password: newPassword, metadata: {}, @@ -1133,7 +1136,7 @@ define([ var cryptgetVal; Nthen(function (waitFor) { - if (parsed.hashData && parsed.hashData.password) { + if (parsed.hashData && parsed.hashData.password && !oldPassword) { common.getPadAttribute('password', waitFor(function (err, password) { optsGet.password = password; }), href); @@ -1418,6 +1421,7 @@ define([ common.changeOOPassword = function (data, _cb) { var cb = Util.once(Util.mkAsync(_cb)); var href = data.href; + var oldPassword = data.oldPassword; var newPassword = data.password; var teamId = data.teamId; if (!href) { return void cb({ error: 'EINVAL_HREF' }); } @@ -1452,12 +1456,16 @@ define([ validateKey: newSecret.keys.validateKey }, }; - var optsGet = {}; + var optsGet = { + password: oldPassword + }; Nthen(function (waitFor) { common.getPadAttribute('', waitFor(function (err, _data) { padData = _data; - optsGet.password = padData.password; + if (!oldPassword) { + optsGet.password = padData.password; + } }), href); common.getAccessKeys(waitFor(function (keys) { optsGet.accessKeys = keys; diff --git a/www/common/inner/access.js b/www/common/inner/access.js index 3bbef91e9..a09f98bfb 100644 --- a/www/common/inner/access.js +++ b/www/common/inner/access.js @@ -888,9 +888,16 @@ define([ }); } + var href = data.href; + var hashes = priv.hashes || {}; + var bestHash = hashes.editHash || hashes.viewHash || hashes.fileHash; + if (data.fakeHref) { + href = Hash.hashToHref(bestHash, priv.app); + } sframeChan.query(q, { teamId: typeof(owned) !== "boolean" ? owned : undefined, - href: data.href, + href: href, + oldPassword: priv.password, password: newPass }, function (err, data) { $(passwordOk).text(Messages.properties_changePasswordButton); @@ -956,7 +963,7 @@ define([ spinner.spin(); sframeChan.query('Q_DELETE_OWNED', { teamId: typeof(owned) !== "boolean" ? owned : undefined, - channel: data.channel + channel: data.channel || priv.channel }, function (err, obj) { spinner.done(); UI.findCancelButton().click(); diff --git a/www/common/outer/async-store.js b/www/common/outer/async-store.js index d4f49014f..8ac1a77c3 100644 --- a/www/common/outer/async-store.js +++ b/www/common/outer/async-store.js @@ -331,6 +331,8 @@ define([ teamId = data.teamId; } + // XXX CLEAR CACHE + if (channel === store.driveChannel && !force) { return void cb({error: 'User drive removal blocked!'}); } diff --git a/www/common/proxy-manager.js b/www/common/proxy-manager.js index 7093f0ec5..011ec4f36 100644 --- a/www/common/proxy-manager.js +++ b/www/common/proxy-manager.js @@ -868,7 +868,6 @@ define([ if (fId && Env.folders[fId] && Env.folders[fId].deleting) { delete Env.folders[fId].deleting; } - console.error(obj.error, chan); Feedback.send('ERROR_DELETING_OWNED_PAD=' + chan + '|' + obj.error, true); return void cb(); } @@ -881,6 +880,11 @@ define([ ids.push(fId); } + if (!ids.length) { + toDelete = undefined; + return void cb(); + } + ids.forEach(function (id) { var paths = findFile(Env, id); var _resolved = _resolvePaths(Env, paths); @@ -912,8 +916,13 @@ define([ }); }); }).nThen(function () { - // Remove deleted pads from the drive - _delete(Env, { resolved: toDelete }, cb); + if (!toDelete) { + // Nothing to delete + cb(); + } else { + // Remove deleted pads from the drive + _delete(Env, { resolved: toDelete }, cb); + } // If we were using the access modal, send a refresh command if (data.channel) { Env.Store.refreshDriveUI(); diff --git a/www/common/sframe-common-outer.js b/www/common/sframe-common-outer.js index e74fb882c..687d3a54b 100644 --- a/www/common/sframe-common-outer.js +++ b/www/common/sframe-common-outer.js @@ -1407,6 +1407,7 @@ define([ }; config.data = { app: parsed.type, + channel: secret.channel, hashes: hashes, password: password, isTemplate: isTemplate, diff --git a/www/secureiframe/main.js b/www/secureiframe/main.js index bb7f05cca..be026194e 100644 --- a/www/secureiframe/main.js +++ b/www/secureiframe/main.js @@ -101,6 +101,7 @@ define([ origin: window.location.origin, pathname: window.location.pathname, feedbackAllowed: Utils.Feedback.state, + channel: config.data.channel, hashes: config.data.hashes, password: config.data.password, propChannels: config.data.getPropChannels(),