From e25756ceca35411191ca9efbe864e1aeb174e71e Mon Sep 17 00:00:00 2001 From: yflory Date: Wed, 24 Jun 2020 11:20:43 +0200 Subject: [PATCH] Don't add the shared folder to your drive is there is an access list --- www/common/outer/async-store.js | 3 +++ www/common/proxy-manager.js | 13 ++++++++++++- www/common/sframe-common-outer.js | 2 +- www/common/sframe-common.js | 4 ++++ www/drive/main.js | 7 ++++++- 5 files changed, 26 insertions(+), 3 deletions(-) diff --git a/www/common/outer/async-store.js b/www/common/outer/async-store.js index eb04c7310..d49353b01 100644 --- a/www/common/outer/async-store.js +++ b/www/common/outer/async-store.js @@ -2083,6 +2083,9 @@ define([ Store.addSharedFolder = function (clientId, data, cb) { var s = getStore(data.teamId); s.manager.addSharedFolder(data, function (id) { + if (id && typeof(id) == "object" && id.error) { + return void cb(id); + } var send = data.teamId ? s.sendEvent : sendDriveEvent; send('DRIVE_CHANGE', { path: ['drive', UserObject.FILES_DATA] diff --git a/www/common/proxy-manager.js b/www/common/proxy-manager.js index 7e458df23..95bab2c24 100644 --- a/www/common/proxy-manager.js +++ b/www/common/proxy-manager.js @@ -214,7 +214,7 @@ define([ if (!Env.folders[id]) { return {}; } var obj = Env.folders[id].proxy.metadata || {}; for (var k in Env.user.proxy[UserObject.SHARED_FOLDERS][id] || {}) { - var data = JSON.parse(JSON.stringify(Env.user.proxy[UserObject.SHARED_FOLDERS][id][k])); + var data = JSON.parse(JSON.stringify(Env.user.proxy[UserObject.SHARED_FOLDERS][id][k] || {})); if (k === "href" && data.indexOf('#') === -1) { try { data = Env.user.userObject.cryptor.decrypt(data); @@ -503,6 +503,17 @@ define([ }; if (data.password) { folderData.password = data.password; } if (data.owned) { folderData.owners = [Env.edPublic]; } + }).nThen(function (waitFor) { + Env.Store.getPadMetadata(null, { + channel: folderData.channel + }, waitFor(function (obj) { + if (obj && (obj.error || obj.rejected)) { + waitFor.abort(); + return void cb({ + error: obj.error || 'ERESTRICTED' + }); + } + })); }).nThen(function (waitFor) { Env.pinPads([folderData.channel], waitFor()); }).nThen(function (waitFor) { diff --git a/www/common/sframe-common-outer.js b/www/common/sframe-common-outer.js index ef983503c..df4139200 100644 --- a/www/common/sframe-common-outer.js +++ b/www/common/sframe-common-outer.js @@ -363,7 +363,7 @@ define([ } }).nThen(function (waitFor) { if (cfg.afterSecrets) { - cfg.afterSecrets(Cryptpad, Utils, secret, waitFor()); + cfg.afterSecrets(Cryptpad, Utils, secret, waitFor(), sframeChan); } }).nThen(function (waitFor) { // Check if the pad exists on server diff --git a/www/common/sframe-common.js b/www/common/sframe-common.js index 48e6782ef..26a9ae66d 100644 --- a/www/common/sframe-common.js +++ b/www/common/sframe-common.js @@ -671,6 +671,10 @@ define([ UIElements.displayPasswordPrompt(funcs, cfg); }); + ctx.sframeChan.on("EV_RESTRICTED_ERROR", function () { + UI.errorLoadingScreen(Messages.restrictedError); + }); + ctx.sframeChan.on("EV_PAD_PASSWORD_ERROR", function () { UI.errorLoadingScreen(Messages.password_error_seed); }); diff --git a/www/drive/main.js b/www/drive/main.js index 4f5b9daba..8db013c0f 100644 --- a/www/drive/main.js +++ b/www/drive/main.js @@ -45,11 +45,16 @@ define([ }; window.addEventListener('message', onMsg); }).nThen(function (/*waitFor*/) { - var afterSecrets = function (Cryptpad, Utils, secret, cb) { + var afterSecrets = function (Cryptpad, Utils, secret, cb, sframeChan) { var _hash = hash.slice(1); if (_hash && Utils.LocalStore.isLoggedIn()) { // Add a shared folder! Cryptpad.addSharedFolder(null, secret, function (id) { + if (id && typeof(id) === "object" && id.error) { + sframeChan.event("EV_RESTRICTED_ERROR"); + return; + } + window.CryptPad_newSharedFolder = id; // Clear the hash now that the secrets have been generated