Provide the secondaryKey to userObject

5 years ago · cf0d0e8e4b
parent dd2f0bd417
commit cf0d0e8e4b
11 changed files with 62 additions and 46 deletions
--- a/www/common/common-hash.js
+++ b/www/common/common-hash.js
@ -420,39 +420,6 @@ Version 1
    };

    // STORAGE
-    Hash.findWeaker = function (href, channel, recents) {
-        var parsed = parsePadUrl(href);
-        if (!parsed.hash) { return false; }
-        // We can't have a weaker hash if we're already in view mode
-        if (parsed.hashData && parsed.hashData.mode === 'view') { return; }
-        var weaker;
-        Object.keys(recents).some(function (id) {
-            var pad = recents[id];
-            if (pad.href || !pad.roHref) {
-                // This pad has an edit link, so it can't be weaker
-                return;
-            }
-            var p = parsePadUrl(pad.roHref);
-            if (p.type !== parsed.type) { return; } // Not the same type
-            if (p.hash === parsed.hash) { return; } // Same hash, not stronger
-            if (channel !== pad.channel) { return; } // Not the same channel
-
-            var pHash = p.hashData;
-            var parsedHash = parsed.hashData;
-            if (!parsedHash || !pHash) { return; }
-
-            // We don't have stronger/weaker versions of files or users
-            if (pHash.type !== 'pad' && parsedHash.type !== 'pad') { return; }
-
-            if (pHash.version !== parsedHash.version) { return; }
-            if (pHash.mode === 'view' && parsedHash.mode === 'edit') {
-                weaker = pad;
-                return true;
-            }
-            return;
-        });
-        return weaker;
-    };
    Hash.findStronger = function (href, channel, recents) {
        var parsed = parsePadUrl(href);
        if (!parsed.hash) { return false; }
@ -472,6 +439,7 @@ Version 1
            if (channel !== pad.channel) { return; }

            // If this pad doesn't have an edit link, it can't be stronger
+            // XXX encrypted href
            if (!pad.href || !pad.roHref) { return; }

            // This is a pad with an EDIT href and using the same channel as our target
--- a/www/common/drive-ui.js
+++ b/www/common/drive-ui.js
@ -542,7 +542,10 @@ define([

        Object.keys(folders).forEach(function (id) {
            var f = folders[id];
-            manager.addProxy(id, f);
+            var sfData = files.sharedFolders[id] || {};
+            var parsed = Hash.parsePadUrl(sfData.href);
+            var secret = Hash.getSecrets('drive', parsed.hash, sfData.password);
+            manager.addProxy(id, f, null, secret.keys.secondaryKey);
        });

        // UI containers
--- a/www/common/mergeDrive.js
+++ b/www/common/mergeDrive.js
@ -38,6 +38,7 @@ define([
                        var data = oldFo.getFileData(id);
                        var channel = data.channel;

+                        // XXX encrypted href: we need to be able to change the value here
                        var datas = manager.findChannel(channel, true);
                        // Do not migrate a pad if we already have it, it would create a duplicate
                        // in the drive
--- a/www/common/outer/mailbox-handlers.js
+++ b/www/common/outer/mailbox-handlers.js
@ -249,6 +249,7 @@ define([
        if (msg.author !== content.user.curvePublic) { return void cb(true); }

        var channel = content.channel;
+        // XXX encrypted href
        var res = ctx.store.manager.findChannel(channel);

        var title;
--- a/www/common/outer/sharedfolder.js
+++ b/www/common/outer/sharedfolder.js
@ -27,13 +27,14 @@ define([

        var parsed = Hash.parsePadUrl(data.href);
        var secret = Hash.getSecrets('drive', parsed.hash, data.password);
+        var secondaryKey = secret.keys.secondaryKey;

        var sf = allSharedFolders[secret.channel];
        if (sf && sf.ready && sf.rt) {
            // The shared folder is already loaded, return its data
            setTimeout(function () {
                var leave = function () { SF.leave(secret.channel, teamId); };
-                store.manager.addProxy(id, sf.rt.proxy, leave);
+                store.manager.addProxy(id, sf.rt.proxy, leave, secondaryKey);
                cb(sf.rt, sf.metadata);
            });
            sf.team.push(teamId);
@ -84,7 +85,7 @@ define([
            }
            sf.queue.forEach(function (obj) {
                var leave = function () { SF.leave(secret.channel, teamId); };
-                obj.store.manager.addProxy(obj.id, rt.proxy, leave);
+                obj.store.manager.addProxy(obj.id, rt.proxy, leave, secondaryKey);
                obj.cb(rt, info.metadata);
            });
            sf.leave = info.leave;
--- a/www/common/outer/team.js
+++ b/www/common/outer/team.js
@ -215,6 +215,11 @@ define([
                    cb(id, rt);
                });
            };
+            var teamData = ctx.store.proxy.teams[team.id];
+            var secret;
+            if (teamData) {
+                secret = Hash.getSecrets('team', teamData.hash, teamData.password);
+            }
            var manager = team.manager = ProxyManager.create(proxy.drive, {
                onSync: function (cb) { ctx.Store.onSync(id, cb); },
                edPublic: keys.drive.edPublic,
@ -223,7 +228,8 @@ define([
                loadSharedFolder: loadSharedFolder,
                settings: {
                    drive: Util.find(ctx.store, ['proxy', 'settings', 'drive'])
-                }
+                },
+                editKey: secret && secret.keys.secondaryKey
            }, {
                outer: true,
                removeOwnedChannel: function (channel, cb) {
--- a/www/common/outer/userObject.js
+++ b/www/common/outer/userObject.js
@ -36,7 +36,7 @@ define([
            var id = exp.getIdFromHref(href);
            if (!id) { return void cb("E_INVAL_HREF"); }
            if (!attr || !attr.trim()) { return void cb("E_INVAL_ATTR"); }
-            var data = exp.getFileData(id);
+            var data = exp.getFileData(id, true);
            data[attr] = clone(value);
            cb(null);
        };
--- a/www/common/proxy-manager.js
+++ b/www/common/proxy-manager.js
@ -14,10 +14,11 @@ define([
    };

    // Add a shared folder to the list
-    var addProxy = function (Env, id, proxy, leave) {
+    var addProxy = function (Env, id, proxy, leave, editKey) {
        var cfg = getConfig(Env);
        cfg.sharedFolder = true;
        cfg.id = id;
+        cfg.editKey = editKey;
        var userObject = UserObject.init(proxy, cfg);
        if (userObject.fixFiles) {
            // Only in outer
--- a/www/common/userObject.js
+++ b/www/common/userObject.js
@ -5,8 +5,9 @@ define([
    '/common/common-realtime.js',
    '/common/common-constants.js',
    '/common/outer/userObject.js',
-    '/customize/messages.js'
-], function (AppConfig, Util, Hash, Realtime, Constants, OuterFO, Messages) {
+    '/customize/messages.js',
+    '/bower_components/chainpad-crypto/crypto.js',
+], function (AppConfig, Util, Hash, Realtime, Constants, OuterFO, Messages, Crypto) {
    var module = {};

    var ROOT = module.ROOT = "root";
@ -31,6 +32,19 @@ define([

    module.init = function (files, config) {
        var exp = {};
+
+        exp.cryptor = {
+            encrypt : function (x) { return x; },
+            decrypt : function (x) { return x; },
+        };
+        if (config.editKey) {
+            try {
+                exp.cryptor = Crypto.createEncryptor(config.editKey);
+            } catch (e) {
+                console.error(e);
+            }
+        }
+
        exp.getDefaultName = module.getDefaultName;

        var sframeChan = config.sframeChan;
@ -205,9 +219,14 @@ define([
        };

        // Get data from AllFiles (Cryptpad_RECENTPADS)
-        var getFileData = exp.getFileData = function (file) {
+        var getFileData = exp.getFileData = function (file, noCopy) {
            if (!file) { return; }
-            return files[FILES_DATA][file] || {};
+            var data = files[FILES_DATA][file] || {};
+            if (!noCopy) {
+                // XXX encrypted href: decrypt or remove "href"
+                data = JSON.parse(JSON.stringify(data));
+            }
+            return data;
        };

        exp.getFolderData = function (folder) {
--- a/www/drive/inner.js
+++ b/www/drive/inner.js
@ -3,6 +3,7 @@ define([
    '/common/toolbar3.js',
    '/common/drive-ui.js',
    '/common/common-util.js',
+    '/common/common-hash.js',
    '/common/common-interface.js',
    '/common/common-feedback.js',
    '/bower_components/nthen/index.js',
@ -19,6 +20,7 @@ define([
    Toolbar,
    DriveUI,
    Util,
+    Hash,
    UI,
    Feedback,
    nThen,
@ -41,13 +43,16 @@ define([
        var oldIds = Object.keys(folders);
        nThen(function (waitFor) {
            Object.keys(drive.sharedFolders).forEach(function (fId) {
+                var sfData = drive.sharedFolders[id] || {};
+                var parsed = Hash.parsePadUrl(sfData.href);
+                var secret = Hash.getSecrets('drive', parsed.hash, sfData.password);
                sframeChan.query('Q_DRIVE_GETOBJECT', {
                    sharedFolder: fId
                }, waitFor(function (err, newObj) {
                    folders[fId] = folders[fId] || {};
                    copyObjectValue(folders[fId], newObj);
                    if (manager && oldIds.indexOf(fId) === -1) {
-                        manager.addProxy(fId, folders[fId]);
+                        manager.addProxy(fId, folders[fId], null, secret.keys.secondaryKey);
                    }
                }));
            });
--- a/www/teams/inner.js
+++ b/www/teams/inner.js
@ -52,13 +52,16 @@ define([
        var oldIds = Object.keys(folders);
        nThen(function (waitFor) {
            Object.keys(drive.sharedFolders).forEach(function (fId) {
+                var sfData = drive.sharedFolders[id] || {};
+                var parsed = Hash.parsePadUrl(sfData.href);
+                var secret = Hash.getSecrets('drive', parsed.hash, sfData.password);
                sframeChan.query('Q_DRIVE_GETOBJECT', {
                    sharedFolder: fId
                }, waitFor(function (err, newObj) {
                    folders[fId] = folders[fId] || {};
                    copyObjectValue(folders[fId], newObj);
                    if (manager && oldIds.indexOf(fId) === -1) {
-                        manager.addProxy(fId, folders[fId]);
+                        manager.addProxy(fId, folders[fId], null, secret.keys.secondaryKey);
                    }
                }));
            });
@ -260,13 +263,21 @@ define([
                $limitContainer.attr('title', Messages.team_quota);
            }, true);
            driveAPP.team = id;
+
+            // Provide secondaryKey
+            var teamData = (proxy.teams || {})[id];
+            var secret;
+            if (teamData) {
+                secret = Hash.getSecrets('team', teamData.hash, teamData.password);
+            }
            var drive = DriveUI.create(common, {
                proxy: proxy,
                folders: folders,
                updateObject: updateObject,
                updateSharedFolders: updateSharedFolders,
                APP: driveAPP,
-                edPublic: APP.teamEdPublic
+                edPublic: APP.teamEdPublic,
+                editKey: secret && secret.keys.secondaryKey
            });
            APP.drive = drive;
            driveAPP.refresh = drive.refresh;