diff options
| author | bt <bt@rctt.net> | 2026-05-24 19:41:57 +0200 |
|---|---|---|
| committer | bt <bt@rctt.net> | 2026-05-24 19:41:57 +0200 |
| commit | 509bfdbcfc483240f31f9ecd0b4f97dbba96f6f7 (patch) | |
| tree | a22a488d079175f75129e81fd2d32ba4d21d3996 | |
| parent | bd2ebe456996a51ad4230ea9c69f2d7c0879cf9d (diff) | |
| download | solec-509bfdbcfc483240f31f9ecd0b4f97dbba96f6f7.tar.gz solec-509bfdbcfc483240f31f9ecd0b4f97dbba96f6f7.zip | |
[daemon] Use database to check history read permissions
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | server/user.go | 10 | ||||
| -rw-r--r-- | storage/storage.go | 22 |
3 files changed, 25 insertions, 8 deletions
@@ -1,2 +1,3 @@ test.db +test.db-journal *.pem
\ No newline at end of file diff --git a/server/user.go b/server/user.go index c27c6a1..6ca857a 100644 --- a/server/user.go +++ b/server/user.go @@ -171,13 +171,19 @@ func (s *Server) handleUsermode(user *User, conn net.Conn, mode core.Usermode) e // TODO: Better errors func (s *Server) handleHistory(user *User, conn net.Conn, hist core.History) error { - addr, err := core.ReadAddr(hist.Channel) + _, err := core.ReadAddr(hist.Channel) if err != nil { fmt.Println("cannot parse address:", err) return user.Send(conn, core.Error{core.ErrorNotFound}) } - if _, ok := user.Channels[addr.Channel]; !ok { + perm, err := s.Storage.GetPermission(user.Name+"@"+s.cfg.Name, hist.Channel) + if err != nil { + fmt.Println("cannot get message history:", err) + return user.Send(conn, core.Error{core.ErrorNotFound}) + } + + if perm.Read == false { fmt.Println("cannot get message history: not authorized") return user.Send(conn, core.Error{core.ErrorNotFound}) } diff --git a/storage/storage.go b/storage/storage.go index 28f2564..510b587 100644 --- a/storage/storage.go +++ b/storage/storage.go @@ -109,16 +109,26 @@ func (db *Database) SetPermission(perm core.PermissionData) error { } func (db *Database) GetPermission(user, channel string) (core.PermissionData, error) { - var perm core.PermissionData + var read, write int err := db.QueryRow( - "SELECT (read, write) FROM permissions WHERE user = ? AND channel = ?", user, channel). - Scan(&perm.Read, &perm.Write) + "SELECT read, write FROM permissions WHERE user = ? AND channel = ?", user, channel). + Scan(&read, &write) if err != nil { return core.PermissionData{}, err } - perm.User = user - perm.Channel = channel - return perm, nil + return core.PermissionData{ + User: user, + Channel: channel, + Read: itob(read), + Write: itob(write), + }, nil +} + +func itob(v int) bool { + if v == 1 { + return true + } + return false } |