summaryrefslogtreecommitdiff
path: root/src/node/handler
diff options
context:
space:
mode:
Diffstat (limited to 'src/node/handler')
-rw-r--r--src/node/handler/PadMessageHandler.js14
-rw-r--r--src/node/handler/SocketIORouter.js37
2 files changed, 34 insertions, 17 deletions
diff --git a/src/node/handler/PadMessageHandler.js b/src/node/handler/PadMessageHandler.js
index 0dd325e4..6314351b 100644
--- a/src/node/handler/PadMessageHandler.js
+++ b/src/node/handler/PadMessageHandler.js
@@ -240,7 +240,7 @@ exports.handleMessage = function(client, message)
callback();
}else{
var auth = sessioninfos[client.id].auth;
- securityManager.checkAccess(auth.padID, auth.sessionID, auth.token, auth.password, function(err, statusObject)
+ var checkAccessCallback = function(err, statusObject)
{
if(ERR(err, callback)) return;
@@ -254,7 +254,17 @@ exports.handleMessage = function(client, message)
{
client.json.send({accessStatus: statusObject.accessStatus})
}
- });
+ };
+ //check if pad is requested via readOnly
+ if (auth.padID.indexOf("r.") === 0) {
+ //Pad is readOnly, first get the real Pad ID
+ readOnlyManager.getPadId(auth.padID, function(err, value) {
+ ERR(err);
+ securityManager.checkAccess(value, auth.sessionID, auth.token, auth.password, checkAccessCallback);
+ });
+ } else {
+ securityManager.checkAccess(auth.padID, auth.sessionID, auth.token, auth.password, checkAccessCallback);
+ }
}
},
finalHandler
diff --git a/src/node/handler/SocketIORouter.js b/src/node/handler/SocketIORouter.js
index e5bc1ac4..2ca0d80f 100644
--- a/src/node/handler/SocketIORouter.js
+++ b/src/node/handler/SocketIORouter.js
@@ -23,6 +23,7 @@ var ERR = require("async-stacktrace");
var log4js = require('log4js');
var messageLogger = log4js.getLogger("message");
var securityManager = require("../db/SecurityManager");
+var readOnlyManager = require("../db/ReadOnlyManager");
var settings = require('../utils/Settings');
/**
@@ -87,23 +88,29 @@ exports.setSocketIO = function(_socket) {
handleMessage(client, message);
} else { //try to authorize the client
if(message.padId !== undefined && message.sessionID !== undefined && message.token !== undefined && message.password !== undefined) {
- //this message has everything to try an authorization
- securityManager.checkAccess (message.padId, message.sessionID, message.token, message.password,
- function(err, statusObject) {
- ERR(err);
+ var checkAccessCallback = function(err, statusObject) {
+ ERR(err);
- //access was granted, mark the client as authorized and handle the message
- if(statusObject.accessStatus == "grant") {
- clientAuthorized = true;
- handleMessage(client, message);
- }
- //no access, send the client a message that tell him why
- else {
- messageLogger.warn("Authentication try failed:" + stringifyWithoutPassword(message));
- client.json.send({accessStatus: statusObject.accessStatus});
- }
+ //access was granted, mark the client as authorized and handle the message
+ if(statusObject.accessStatus == "grant") {
+ clientAuthorized = true;
+ handleMessage(client, message);
+ }
+ //no access, send the client a message that tell him why
+ else {
+ messageLogger.warn("Authentication try failed:" + stringifyWithoutPassword(message));
+ client.json.send({accessStatus: statusObject.accessStatus});
}
- );
+ };
+ if (message.padId.indexOf("r.") === 0) {
+ readOnlyManager.getPadId(message.padId, function(err, value) {
+ ERR(err);
+ securityManager.checkAccess (value, message.sessionID, message.token, message.password, checkAccessCallback);
+ });
+ } else {
+ //this message has everything to try an authorization
+ securityManager.checkAccess (message.padId, message.sessionID, message.token, message.password, checkAccessCallback);
+ }
} else { //drop message
messageLogger.warn("Dropped message cause of bad permissions:" + stringifyWithoutPassword(message));
}