commit df9407ebf59b080b86ae6c519cf15aecabc2c361
parent 32ff4aed364390290cceddb54fc3070883016af6
Author: n0tr1v <n0tr1v@protonmail.com>
Date: Fri, 26 May 2023 04:35:25 -0700
cleanup
Diffstat:
5 files changed, 23 insertions(+), 62 deletions(-)
diff --git a/pkg/database/tableChatRooms.go b/pkg/database/tableChatRooms.go
@@ -90,37 +90,37 @@ func (r *ChatRoom) IsOfficialRoom() bool {
r.Name == "club"
}
-func (r *ChatRoom) HasAccess(c echo.Context) bool {
+func (r *ChatRoom) HasAccess(c echo.Context) (bool, string) {
authUser := c.Get("authUser").(*User)
db := c.Get("database").(*DkfDB)
if authUser == nil {
- return false
+ return false, ""
}
if r.Name == "club" && !authUser.IsClubMember {
- return false
+ return false, ""
}
if r.Name == "moderators" && !authUser.IsModerator() {
- return false
+ return false, ""
}
if r.Mode == UserWhitelistRoomMode {
if r.OwnerUserID != nil && *r.OwnerUserID != authUser.ID {
if !db.IsUserWhitelistedInRoom(authUser.ID, r.ID) {
- return false
+ return false, ""
}
}
}
if !r.IsProtected() {
- return true
+ return true, ""
}
cookie, err := hutils.GetRoomCookie(c, int64(r.ID))
if err != nil {
- return false
+ return false, ""
}
if !r.VerifyPasswordHash(cookie.Value) {
hutils.DeleteRoomCookie(c, int64(r.ID))
- return false
+ return false, ""
}
- return true
+ return true, cookie.Value
}
func (d *DkfDB) GetChatRoomByID(roomID RoomID) (out ChatRoom, err error) {
diff --git a/pkg/database/utils/utils.go b/pkg/database/utils/utils.go
@@ -5,7 +5,6 @@ import (
"dkforest/pkg/database"
"dkforest/pkg/managers"
"dkforest/pkg/utils"
- hutils "dkforest/pkg/web/handlers/utils"
"errors"
"fmt"
"github.com/labstack/echo"
@@ -163,15 +162,9 @@ func GetRoomAndKey(db *database.DkfDB, c echo.Context, roomName string) (databas
if err != nil {
return room, roomKey, c.NoContent(http.StatusNotFound)
}
- if !room.HasAccess(c) {
+ hasAccess, roomKey := room.HasAccess(c)
+ if !hasAccess {
return room, roomKey, c.NoContent(http.StatusForbidden)
}
- if room.IsProtected() {
- key, err := hutils.GetRoomKeyCookie(c, int64(room.ID))
- if err != nil {
- return room, roomKey, c.NoContent(http.StatusForbidden)
- }
- roomKey = key.Value
- }
return room, roomKey, nil
}
diff --git a/pkg/web/handlers/api/v1/handlers.go b/pkg/web/handlers/api/v1/handlers.go
@@ -149,21 +149,13 @@ func chatMessages(c echo.Context) (status int, data ChatMessagesData) {
if err != nil {
return http.StatusNotFound, data
}
- if !room.HasAccess(c) {
+ hasAccess, roomKey := room.HasAccess(c)
+ if !hasAccess {
return http.StatusForbidden, data
}
managers.ActiveUsers.UpdateUserInRoom(room, managers.NewUserInfo(authUser))
- roomKey := ""
- if room.IsProtected() {
- key, err := hutils.GetRoomKeyCookie(c, int64(room.ID))
- if err != nil {
- return http.StatusForbidden, data
- }
- roomKey = key.Value
- }
-
displayHellbanned := authUser.DisplayHellbanned || authUser.IsHellbanned
displayIgnoredMessages := false
msgs, err := db.GetChatMessages(room.ID, roomKey, authUser.Username, authUser.ID, pmOnlyQuery, mentionsOnlyQuery,
@@ -292,20 +284,13 @@ func RoomNotifierHandler(c echo.Context) error {
if err != nil {
return c.NoContent(http.StatusNotFound)
}
- if !room.HasAccess(c) {
+ hasAccess, roomKey := room.HasAccess(c)
+ if !hasAccess {
return c.NoContent(http.StatusForbidden)
}
managers.ActiveUsers.UpdateUserInRoom(room, managers.NewUserInfo(authUser))
- roomKey := ""
- if room.IsProtected() {
- key, err := hutils.GetRoomKeyCookie(c, int64(room.ID))
- if err != nil {
- return c.NoContent(http.StatusForbidden)
- }
- roomKey = key.Value
- }
displayHellbanned := authUser.DisplayHellbanned || authUser.IsHellbanned
mentionsOnly := false
displayIgnoredMessages := false
diff --git a/pkg/web/handlers/chat.go b/pkg/web/handlers/chat.go
@@ -82,7 +82,7 @@ func chatHandler(c echo.Context, redRoom, stream bool) error {
// If you don't have access to the room (room is protected and user is nil or no cookie with the password)
// We display the page to enter room password.
- if !room.HasAccess(c) {
+ if hasAccess, _ := room.HasAccess(c); !hasAccess {
if !room.IsProtected() && room.Mode == database.UserWhitelistRoomMode {
return c.Render(http.StatusOK, "standalone.chat-whitelist", data)
}
diff --git a/pkg/web/handlers/handlers.go b/pkg/web/handlers/handlers.go
@@ -3279,7 +3279,8 @@ func ChatArchiveHandler(c echo.Context) error {
return c.Redirect(http.StatusFound, "/")
}
- if !room.HasAccess(c) {
+ hasAccess, roomKey := room.HasAccess(c)
+ if !hasAccess {
return c.Redirect(http.StatusFound, "/chat")
}
@@ -3369,12 +3370,8 @@ func ChatArchiveHandler(c echo.Context) error {
}
}
- if room.IsProtected() {
- key, err := hutils.GetRoomKeyCookie(c, int64(room.ID))
- if err != nil {
- return c.NoContent(http.StatusForbidden)
- }
- if err := data.Messages.DecryptAll(key.Value); err != nil {
+ if roomKey != "" {
+ if err := data.Messages.DecryptAll(roomKey); err != nil {
return c.NoContent(http.StatusInternalServerError)
}
}
@@ -4881,7 +4878,7 @@ func ChatStreamMenuHandler(c echo.Context) error {
if err != nil {
return c.NoContent(http.StatusNotFound)
}
- if !room.HasAccess(c) {
+ if hasAccess, _ := room.HasAccess(c); !hasAccess {
return c.NoContent(http.StatusForbidden)
}
@@ -5018,17 +5015,6 @@ func applyUserFilters(db *database.DkfDB, authUser *database.User, msg *database
return true
}
-func getRoomKey(c echo.Context, room database.ChatRoom) (string, error) {
- if room.IsProtected() {
- key, err := hutils.GetRoomKeyCookie(c, int64(room.ID))
- if err != nil {
- return "", err
- }
- return key.Value, nil
- }
- return "", nil
-}
-
func ChatStreamMessagesHandler(c echo.Context) error {
db := c.Get("database").(*database.DkfDB)
authUser := c.Get("authUser").(*database.User)
@@ -5038,13 +5024,10 @@ func ChatStreamMessagesHandler(c echo.Context) error {
if err != nil {
return c.Redirect(http.StatusFound, "/")
}
- if !room.HasAccess(c) {
+ hasAccess, roomKey := room.HasAccess(c)
+ if !hasAccess {
return c.Redirect(http.StatusForbidden, "/")
}
- roomKey, err := getRoomKey(c, room)
- if err != nil {
- return c.Redirect(http.StatusFound, "/")
- }
quit := closeSignalChan(c)
