dnrops
/
cryptpad
mirror of https://github.com/xwiki-labs/cryptpad
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Clean server code

This commit is contained in:
yflory 2022-10-14 16:53:38 +02:00
parent 8a3be878e8
commit bde6bb0032
7 changed files with 76 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
lib/commands/channel.js
View File

@ -208,25 +208,37 @@ Channel.trimHistory = function (Env, safeKey, data, cb) {
}); });
}; };
Channel.deleteLine = function (Env, safeKey, data, cb) { // Delete a signed mailbox message. This is used when users want
// to delete their form reponses.
Channel.deleteMailboxMessage = function (Env, safeKey, data, cb) {
const channelId = data.channel; const channelId = data.channel;
const hash = data.hash; const hash = data.hash;
const proof = data.proof; const proof = data.proof;
const nonce = Nacl.util.decodeBase64(proof.split('|')[0]); let nonce, proofBytes;
const proofBytes = Nacl.util.decodeBase64(proof.split('|')[1]); try {
Env.msgStore.trimChannel(channelId, hash, function (err) { nonce = Nacl.util.decodeBase64(proof.split('|')[0]);
proofBytes = Nacl.util.decodeBase64(proof.split('|')[1]);
} catch (e) {
return void cb('EINVAL');
}
Env.msgStore.deleteChannelLine(channelId, hash, function (msg) {
// Check if you're allowed to delete this hash
try {
const mySecret = new Uint8Array(32);
const msgBytes = Nacl.util.decodeBase64(msg).subarray(64); // Remove signature
const theirPublic = msgBytes.subarray(24,56); // 0-24 = nonce; 24-56=publickey (32 bytes)
const hashBytes = Nacl.box.open(proofBytes, nonce, theirPublic, mySecret);
return Nacl.util.encodeUTF8(hashBytes) === hash;
} catch (e) {
return false;
}
}, function (err) {
if (err) { return void cb(err); } if (err) { return void cb(err); }
// clear historyKeeper's cache for this channel // clear historyKeeper's cache for this channel
Env.historyKeeper.channelClose(channelId); Env.historyKeeper.channelClose(channelId);
cb(); cb();
delete Env.channel_cache[channelId]; delete Env.channel_cache[channelId];
delete Env.metadata_cache[channelId]; delete Env.metadata_cache[channelId];
}, function (msg) {
const mySecret = new Uint8Array(32);
const msgBytes = Nacl.util.decodeBase64(msg).subarray(64); // Remove signature
const theirPublic = msgBytes.subarray(24,56); // 0-24 = nonce; 24-56=publickey (32 bytes)
const hashBytes = Nacl.box.open(proofBytes, nonce, theirPublic, mySecret);
return Nacl.util.encodeUTF8(hashBytes) === hash;
}); });
}; };

2
lib/rpc.js
View File

@ -47,7 +47,7 @@ const AUTHENTICATED_USER_TARGETED = {
CLEAR_OWNED_CHANNEL: Channel.clearOwnedChannel, CLEAR_OWNED_CHANNEL: Channel.clearOwnedChannel,
REMOVE_OWNED_CHANNEL: Channel.removeOwnedChannel, REMOVE_OWNED_CHANNEL: Channel.removeOwnedChannel,
TRIM_HISTORY: Channel.trimHistory, TRIM_HISTORY: Channel.trimHistory,
DELETE_LINE: Channel.deleteLine, DELETE_MAILBOX_MESSAGE: Channel.deleteMailboxMessage,
UPLOAD_STATUS: Upload.status, UPLOAD_STATUS: Upload.status,
UPLOAD: Upload.upload, UPLOAD: Upload.upload,
UPLOAD_COMPLETE: Upload.complete, UPLOAD_COMPLETE: Upload.complete,

70
lib/storage/file.js
View File

@ -928,7 +928,7 @@ var getMessages = function (env, chanName, handler, cb) {
}); });
}; };
var trimChannel = function (env, channelName, hash, _cb, deleteOneLine) { var filterMessages = function (env, channelName, check, filterHandler, _cb) {
var cb = Util.once(Util.mkAsync(_cb)); var cb = Util.once(Util.mkAsync(_cb));
// this function is queued as a blocking action for the relevant channel // this function is queued as a blocking action for the relevant channel
@ -987,8 +987,8 @@ var trimChannel = function (env, channelName, hash, _cb, deleteOneLine) {
})); }));
}).nThen(function (w) { }).nThen(function (w) {
// If we want to delete a signle line of the file, make sure this pad allows it // If we want to delete a signle line of the file, make sure this pad allows it
if (!deleteOneLine) { return; } if (typeof(check) !== "function") { return; }
if (!metadataReference.meta || !metadataReference.meta.deleteLines) { if (!metadataReference.meta || !check(metadataReference.meta)) {
w.abort(); w.abort();
return void cb("EFORBIDDEN"); return void cb("EFORBIDDEN");
} }
@ -1030,28 +1030,15 @@ var trimChannel = function (env, channelName, hash, _cb, deleteOneLine) {
if (!msg) { return void readMore(); } if (!msg) { return void readMore(); }
var msgHash = Extras.getHash(msg[4]); var msgHash = Extras.getHash(msg[4]);
// If we only want to delete the selected hash... var remove = function () { readMore(); };
if (deleteOneLine) { var preserve = function () {
if (msgHash === hash) { tempStream.write(s_msg + '\n', function () {
if (!deleteOneLine(msg[4])) {
return void abort();
}
retain = true;
return void readMore();
}
return void tempStream.write(s_msg + '\n', function () {
readMore(); readMore();
}); });
} };
var preserveRemaining = function () { retain = true; };
if (msgHash === hash) { filterHandler(msg, msgHash, abort, remove, preserve, preserveRemaining);
// everything from this point on should be retained
retain = true;
return void tempStream.write(s_msg + '\n', function () {
readMore();
});
}
readMore();
}; };
readMessagesBin(env, channelName, 0, handler, w(function (err) { readMessagesBin(env, channelName, 0, handler, w(function (err) {
@ -1123,6 +1110,35 @@ var trimChannel = function (env, channelName, hash, _cb, deleteOneLine) {
}); });
}); });
}; };
var deleteChannelLine = function (env, channelName, hash, checkRights, _cb) {
var check = function (meta) { return Boolean(meta.deleteLines); };
var handler = function (msg, msgHash, abort, remove, preserve, preserveRemaining) {
if (msgHash === hash) {
if (typeof(checkRights) === "function" && !checkRights(msg[4])) {
// Not allowed: abort
return void abort();
}
// Line found: remove it and preserve all remaining lines
preserveRemaining();
return void remove();
}
// Continue until we find the correct hash
preserve();
};
filterMessages(env, channelName, check, handler, _cb);
};
var trimChannel = function (env, channelName, hash, _cb) {
var handler = function (msg, msgHash, abort, remove, preserve, preserveRemaining) {
if (msgHash === hash) {
// Everything from this point on should be retained
preserveRemaining();
return void preserve();
}
// Remove until we find our hash
remove();
};
filterMessages(env, channelName, null, handler, _cb);
};
module.exports.create = function (conf, _cb) { module.exports.create = function (conf, _cb) {
var cb = Util.once(Util.mkAsync(_cb)); var cb = Util.once(Util.mkAsync(_cb));
@ -1251,10 +1267,16 @@ module.exports.create = function (conf, _cb) {
clearChannel(env, channelName, Util.both(cb, next)); clearChannel(env, channelName, Util.both(cb, next));
}); });
}, },
trimChannel: function (channelName, hash, cb, deleteOne) { trimChannel: function (channelName, hash, cb) {
if (!isValidChannelId(channelName)) { return void cb(new Error('EINVAL')); } if (!isValidChannelId(channelName)) { return void cb(new Error('EINVAL')); }
schedule.blocking(channelName, function (next) { schedule.blocking(channelName, function (next) {
trimChannel(env, channelName, hash, Util.both(cb, next), deleteOne); trimChannel(env, channelName, hash, Util.both(cb, next));
});
},
deleteChannelLine: function (channelName, hash, checkRights, cb) {
if (!isValidChannelId(channelName)) { return void cb(new Error('EINVAL')); }
schedule.blocking(channelName, function (next) {
deleteChannelLine(env, channelName, hash, checkRights, Util.both(cb, next));
}); });
}, },

5
www/common/cryptpad-common.js
View File

@ -206,12 +206,11 @@ define([
hash: hash, hash: hash,
proof: proof proof: proof
}; };
postMessage("DELETE_PAD_LINE", lineData, waitFor(function (obj) { postMessage("DELETE_MAILBOX_MESSAGE", lineData, waitFor(function (obj) {
if (obj && obj.error === 'EFORBIDDEN') { if (obj && obj.error) {
waitFor.abort(); waitFor.abort();
return void cb(obj); return void cb(obj);
} }
if (obj || obj.error) { return; }
toDelete.push(hash); toDelete.push(hash);
})); }));
}).nThen; }).nThen;

4
www/common/outer/async-store.js
View File

@ -2179,9 +2179,9 @@ define([
} }
}; };
Store.deletePadLine = function (clientId, data, cb) { Store.deleteMailboxMessage = function (clientId, data, cb) {
if (!store.rpc) { return void cb({error: 'RPC_NOT_READY'}); } if (!store.rpc) { return void cb({error: 'RPC_NOT_READY'}); }
store.rpc.deleteLine(data, function (e) { store.rpc.deleteMailboxMessage(data, function (e) {
cb({error:e}); cb({error:e});
}); });
}; };

2
www/common/outer/store-rpc.js
View File

@ -88,7 +88,7 @@ define([
GET_LAST_HASH: Store.getLastHash, GET_LAST_HASH: Store.getLastHash,
GET_SNAPSHOT: Store.getSnapshot, GET_SNAPSHOT: Store.getSnapshot,
CORRUPTED_CACHE: Store.corruptedCache, CORRUPTED_CACHE: Store.corruptedCache,
DELETE_PAD_LINE: Store.deletePadLine, DELETE_MAILBOX_MESSAGE: Store.deleteMailboxMessage,
// Drive // Drive
DRIVE_USEROBJECT: Store.userObjectCommand, DRIVE_USEROBJECT: Store.userObjectCommand,
// Settings, // Settings,

4
www/common/pinpad.js
View File

@ -249,8 +249,8 @@ var factory = function (Util, Rpc) {
}, cb); }, cb);
}; };
exp.deleteLine = function (obj, cb) { exp.deleteMailboxMessage = function (obj, cb) {
rpc.send('DELETE_LINE', { rpc.send('DELETE_MAILBOX_MESSAGE', {
channel: obj.channel, channel: obj.channel,
hash: obj.hash, hash: obj.hash,
proof: obj.proof proof: obj.proof