mirror of https://github.com/xwiki-labs/cryptpad
Clean server code
This commit is contained in:
parent
8a3be878e8
commit
bde6bb0032
|
@ -208,25 +208,37 @@ Channel.trimHistory = function (Env, safeKey, data, cb) {
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
Channel.deleteLine = function (Env, safeKey, data, cb) {
|
// Delete a signed mailbox message. This is used when users want
|
||||||
|
// to delete their form reponses.
|
||||||
|
Channel.deleteMailboxMessage = function (Env, safeKey, data, cb) {
|
||||||
const channelId = data.channel;
|
const channelId = data.channel;
|
||||||
const hash = data.hash;
|
const hash = data.hash;
|
||||||
const proof = data.proof;
|
const proof = data.proof;
|
||||||
const nonce = Nacl.util.decodeBase64(proof.split('|')[0]);
|
let nonce, proofBytes;
|
||||||
const proofBytes = Nacl.util.decodeBase64(proof.split('|')[1]);
|
try {
|
||||||
Env.msgStore.trimChannel(channelId, hash, function (err) {
|
nonce = Nacl.util.decodeBase64(proof.split('|')[0]);
|
||||||
|
proofBytes = Nacl.util.decodeBase64(proof.split('|')[1]);
|
||||||
|
} catch (e) {
|
||||||
|
return void cb('EINVAL');
|
||||||
|
}
|
||||||
|
Env.msgStore.deleteChannelLine(channelId, hash, function (msg) {
|
||||||
|
// Check if you're allowed to delete this hash
|
||||||
|
try {
|
||||||
|
const mySecret = new Uint8Array(32);
|
||||||
|
const msgBytes = Nacl.util.decodeBase64(msg).subarray(64); // Remove signature
|
||||||
|
const theirPublic = msgBytes.subarray(24,56); // 0-24 = nonce; 24-56=publickey (32 bytes)
|
||||||
|
const hashBytes = Nacl.box.open(proofBytes, nonce, theirPublic, mySecret);
|
||||||
|
return Nacl.util.encodeUTF8(hashBytes) === hash;
|
||||||
|
} catch (e) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}, function (err) {
|
||||||
if (err) { return void cb(err); }
|
if (err) { return void cb(err); }
|
||||||
// clear historyKeeper's cache for this channel
|
// clear historyKeeper's cache for this channel
|
||||||
Env.historyKeeper.channelClose(channelId);
|
Env.historyKeeper.channelClose(channelId);
|
||||||
cb();
|
cb();
|
||||||
delete Env.channel_cache[channelId];
|
delete Env.channel_cache[channelId];
|
||||||
delete Env.metadata_cache[channelId];
|
delete Env.metadata_cache[channelId];
|
||||||
}, function (msg) {
|
|
||||||
const mySecret = new Uint8Array(32);
|
|
||||||
const msgBytes = Nacl.util.decodeBase64(msg).subarray(64); // Remove signature
|
|
||||||
const theirPublic = msgBytes.subarray(24,56); // 0-24 = nonce; 24-56=publickey (32 bytes)
|
|
||||||
const hashBytes = Nacl.box.open(proofBytes, nonce, theirPublic, mySecret);
|
|
||||||
return Nacl.util.encodeUTF8(hashBytes) === hash;
|
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -47,7 +47,7 @@ const AUTHENTICATED_USER_TARGETED = {
|
||||||
CLEAR_OWNED_CHANNEL: Channel.clearOwnedChannel,
|
CLEAR_OWNED_CHANNEL: Channel.clearOwnedChannel,
|
||||||
REMOVE_OWNED_CHANNEL: Channel.removeOwnedChannel,
|
REMOVE_OWNED_CHANNEL: Channel.removeOwnedChannel,
|
||||||
TRIM_HISTORY: Channel.trimHistory,
|
TRIM_HISTORY: Channel.trimHistory,
|
||||||
DELETE_LINE: Channel.deleteLine,
|
DELETE_MAILBOX_MESSAGE: Channel.deleteMailboxMessage,
|
||||||
UPLOAD_STATUS: Upload.status,
|
UPLOAD_STATUS: Upload.status,
|
||||||
UPLOAD: Upload.upload,
|
UPLOAD: Upload.upload,
|
||||||
UPLOAD_COMPLETE: Upload.complete,
|
UPLOAD_COMPLETE: Upload.complete,
|
||||||
|
|
|
@ -928,7 +928,7 @@ var getMessages = function (env, chanName, handler, cb) {
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
var trimChannel = function (env, channelName, hash, _cb, deleteOneLine) {
|
var filterMessages = function (env, channelName, check, filterHandler, _cb) {
|
||||||
var cb = Util.once(Util.mkAsync(_cb));
|
var cb = Util.once(Util.mkAsync(_cb));
|
||||||
// this function is queued as a blocking action for the relevant channel
|
// this function is queued as a blocking action for the relevant channel
|
||||||
|
|
||||||
|
@ -987,8 +987,8 @@ var trimChannel = function (env, channelName, hash, _cb, deleteOneLine) {
|
||||||
}));
|
}));
|
||||||
}).nThen(function (w) {
|
}).nThen(function (w) {
|
||||||
// If we want to delete a signle line of the file, make sure this pad allows it
|
// If we want to delete a signle line of the file, make sure this pad allows it
|
||||||
if (!deleteOneLine) { return; }
|
if (typeof(check) !== "function") { return; }
|
||||||
if (!metadataReference.meta || !metadataReference.meta.deleteLines) {
|
if (!metadataReference.meta || !check(metadataReference.meta)) {
|
||||||
w.abort();
|
w.abort();
|
||||||
return void cb("EFORBIDDEN");
|
return void cb("EFORBIDDEN");
|
||||||
}
|
}
|
||||||
|
@ -1030,28 +1030,15 @@ var trimChannel = function (env, channelName, hash, _cb, deleteOneLine) {
|
||||||
if (!msg) { return void readMore(); }
|
if (!msg) { return void readMore(); }
|
||||||
var msgHash = Extras.getHash(msg[4]);
|
var msgHash = Extras.getHash(msg[4]);
|
||||||
|
|
||||||
// If we only want to delete the selected hash...
|
var remove = function () { readMore(); };
|
||||||
if (deleteOneLine) {
|
var preserve = function () {
|
||||||
if (msgHash === hash) {
|
tempStream.write(s_msg + '\n', function () {
|
||||||
if (!deleteOneLine(msg[4])) {
|
|
||||||
return void abort();
|
|
||||||
}
|
|
||||||
retain = true;
|
|
||||||
return void readMore();
|
|
||||||
}
|
|
||||||
return void tempStream.write(s_msg + '\n', function () {
|
|
||||||
readMore();
|
readMore();
|
||||||
});
|
});
|
||||||
}
|
};
|
||||||
|
var preserveRemaining = function () { retain = true; };
|
||||||
|
|
||||||
if (msgHash === hash) {
|
filterHandler(msg, msgHash, abort, remove, preserve, preserveRemaining);
|
||||||
// everything from this point on should be retained
|
|
||||||
retain = true;
|
|
||||||
return void tempStream.write(s_msg + '\n', function () {
|
|
||||||
readMore();
|
|
||||||
});
|
|
||||||
}
|
|
||||||
readMore();
|
|
||||||
};
|
};
|
||||||
|
|
||||||
readMessagesBin(env, channelName, 0, handler, w(function (err) {
|
readMessagesBin(env, channelName, 0, handler, w(function (err) {
|
||||||
|
@ -1123,6 +1110,35 @@ var trimChannel = function (env, channelName, hash, _cb, deleteOneLine) {
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
var deleteChannelLine = function (env, channelName, hash, checkRights, _cb) {
|
||||||
|
var check = function (meta) { return Boolean(meta.deleteLines); };
|
||||||
|
var handler = function (msg, msgHash, abort, remove, preserve, preserveRemaining) {
|
||||||
|
if (msgHash === hash) {
|
||||||
|
if (typeof(checkRights) === "function" && !checkRights(msg[4])) {
|
||||||
|
// Not allowed: abort
|
||||||
|
return void abort();
|
||||||
|
}
|
||||||
|
// Line found: remove it and preserve all remaining lines
|
||||||
|
preserveRemaining();
|
||||||
|
return void remove();
|
||||||
|
}
|
||||||
|
// Continue until we find the correct hash
|
||||||
|
preserve();
|
||||||
|
};
|
||||||
|
filterMessages(env, channelName, check, handler, _cb);
|
||||||
|
};
|
||||||
|
var trimChannel = function (env, channelName, hash, _cb) {
|
||||||
|
var handler = function (msg, msgHash, abort, remove, preserve, preserveRemaining) {
|
||||||
|
if (msgHash === hash) {
|
||||||
|
// Everything from this point on should be retained
|
||||||
|
preserveRemaining();
|
||||||
|
return void preserve();
|
||||||
|
}
|
||||||
|
// Remove until we find our hash
|
||||||
|
remove();
|
||||||
|
};
|
||||||
|
filterMessages(env, channelName, null, handler, _cb);
|
||||||
|
};
|
||||||
|
|
||||||
module.exports.create = function (conf, _cb) {
|
module.exports.create = function (conf, _cb) {
|
||||||
var cb = Util.once(Util.mkAsync(_cb));
|
var cb = Util.once(Util.mkAsync(_cb));
|
||||||
|
@ -1251,10 +1267,16 @@ module.exports.create = function (conf, _cb) {
|
||||||
clearChannel(env, channelName, Util.both(cb, next));
|
clearChannel(env, channelName, Util.both(cb, next));
|
||||||
});
|
});
|
||||||
},
|
},
|
||||||
trimChannel: function (channelName, hash, cb, deleteOne) {
|
trimChannel: function (channelName, hash, cb) {
|
||||||
if (!isValidChannelId(channelName)) { return void cb(new Error('EINVAL')); }
|
if (!isValidChannelId(channelName)) { return void cb(new Error('EINVAL')); }
|
||||||
schedule.blocking(channelName, function (next) {
|
schedule.blocking(channelName, function (next) {
|
||||||
trimChannel(env, channelName, hash, Util.both(cb, next), deleteOne);
|
trimChannel(env, channelName, hash, Util.both(cb, next));
|
||||||
|
});
|
||||||
|
},
|
||||||
|
deleteChannelLine: function (channelName, hash, checkRights, cb) {
|
||||||
|
if (!isValidChannelId(channelName)) { return void cb(new Error('EINVAL')); }
|
||||||
|
schedule.blocking(channelName, function (next) {
|
||||||
|
deleteChannelLine(env, channelName, hash, checkRights, Util.both(cb, next));
|
||||||
});
|
});
|
||||||
},
|
},
|
||||||
|
|
||||||
|
|
|
@ -206,12 +206,11 @@ define([
|
||||||
hash: hash,
|
hash: hash,
|
||||||
proof: proof
|
proof: proof
|
||||||
};
|
};
|
||||||
postMessage("DELETE_PAD_LINE", lineData, waitFor(function (obj) {
|
postMessage("DELETE_MAILBOX_MESSAGE", lineData, waitFor(function (obj) {
|
||||||
if (obj && obj.error === 'EFORBIDDEN') {
|
if (obj && obj.error) {
|
||||||
waitFor.abort();
|
waitFor.abort();
|
||||||
return void cb(obj);
|
return void cb(obj);
|
||||||
}
|
}
|
||||||
if (obj || obj.error) { return; }
|
|
||||||
toDelete.push(hash);
|
toDelete.push(hash);
|
||||||
}));
|
}));
|
||||||
}).nThen;
|
}).nThen;
|
||||||
|
|
|
@ -2179,9 +2179,9 @@ define([
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
Store.deletePadLine = function (clientId, data, cb) {
|
Store.deleteMailboxMessage = function (clientId, data, cb) {
|
||||||
if (!store.rpc) { return void cb({error: 'RPC_NOT_READY'}); }
|
if (!store.rpc) { return void cb({error: 'RPC_NOT_READY'}); }
|
||||||
store.rpc.deleteLine(data, function (e) {
|
store.rpc.deleteMailboxMessage(data, function (e) {
|
||||||
cb({error:e});
|
cb({error:e});
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
|
@ -88,7 +88,7 @@ define([
|
||||||
GET_LAST_HASH: Store.getLastHash,
|
GET_LAST_HASH: Store.getLastHash,
|
||||||
GET_SNAPSHOT: Store.getSnapshot,
|
GET_SNAPSHOT: Store.getSnapshot,
|
||||||
CORRUPTED_CACHE: Store.corruptedCache,
|
CORRUPTED_CACHE: Store.corruptedCache,
|
||||||
DELETE_PAD_LINE: Store.deletePadLine,
|
DELETE_MAILBOX_MESSAGE: Store.deleteMailboxMessage,
|
||||||
// Drive
|
// Drive
|
||||||
DRIVE_USEROBJECT: Store.userObjectCommand,
|
DRIVE_USEROBJECT: Store.userObjectCommand,
|
||||||
// Settings,
|
// Settings,
|
||||||
|
|
|
@ -249,8 +249,8 @@ var factory = function (Util, Rpc) {
|
||||||
}, cb);
|
}, cb);
|
||||||
};
|
};
|
||||||
|
|
||||||
exp.deleteLine = function (obj, cb) {
|
exp.deleteMailboxMessage = function (obj, cb) {
|
||||||
rpc.send('DELETE_LINE', {
|
rpc.send('DELETE_MAILBOX_MESSAGE', {
|
||||||
channel: obj.channel,
|
channel: obj.channel,
|
||||||
hash: obj.hash,
|
hash: obj.hash,
|
||||||
proof: obj.proof
|
proof: obj.proof
|
||||||
|
|
Loading…
Reference in New Issue