[daemon] Use database to check history read permissions

author: bt <bt@rctt.net> 2026-05-24 19:41:57 +0200
committer: bt <bt@rctt.net> 2026-05-24 19:41:57 +0200
commit: 509bfdbcfc483240f31f9ecd0b4f97dbba96f6f7 (patch)
tree: a22a488d079175f75129e81fd2d32ba4d21d3996 /server
parent: bd2ebe456996a51ad4230ea9c69f2d7c0879cf9d (diff)
download: solec-509bfdbcfc483240f31f9ecd0b4f97dbba96f6f7.tar.gz
solec-509bfdbcfc483240f31f9ecd0b4f97dbba96f6f7.zip
1 files changed, 8 insertions, 2 deletions
diff --git a/server/user.go b/server/user.go
index c27c6a1..6ca857a 100644
--- a/server/user.go
+++ b/server/user.go
@@ -171,13 +171,19 @@ func (s *Server) handleUsermode(user *User, conn net.Conn, mode core.Usermode) e
 // TODO: Better errors
 
 func (s *Server) handleHistory(user *User, conn net.Conn, hist core.History) error {
-	addr, err := core.ReadAddr(hist.Channel)
+	_, err := core.ReadAddr(hist.Channel)
 	if err != nil {
 		fmt.Println("cannot parse address:", err)
 		return user.Send(conn, core.Error{core.ErrorNotFound})
 	}
 
-	if _, ok := user.Channels[addr.Channel]; !ok {
+	perm, err := s.Storage.GetPermission(user.Name+"@"+s.cfg.Name, hist.Channel)
+	if err != nil {
+		fmt.Println("cannot get message history:", err)
+		return user.Send(conn, core.Error{core.ErrorNotFound})
+	}
+
+	if perm.Read == false {
 		fmt.Println("cannot get message history: not authorized")
 		return user.Send(conn, core.Error{core.ErrorNotFound})
 	}
author	bt <bt@rctt.net>	2026-05-24 19:41:57 +0200
committer	bt <bt@rctt.net>	2026-05-24 19:41:57 +0200
commit	509bfdbcfc483240f31f9ecd0b4f97dbba96f6f7 (patch)
tree	a22a488d079175f75129e81fd2d32ba4d21d3996 /server
parent	bd2ebe456996a51ad4230ea9c69f2d7c0879cf9d (diff)
download	solec-509bfdbcfc483240f31f9ecd0b4f97dbba96f6f7.tar.gz solec-509bfdbcfc483240f31f9ecd0b4f97dbba96f6f7.zip