anyproto/any-sync
1
0
Fork 0
mirror of https://github.com/anyproto/any-sync.git synced 2025-06-07 21:47:02 +09:00
Code Activity

Improve invite validation

Browse source
This commit is contained in:
Mikhail Rakhmanov 2025-05-12 18:18:54 +02:00
parent 90a75f6e25
commit 9f434b0edd
No known key found for this signature in database
GPG key ID: DED12CFEF5B8396B
2 changed files with 12 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

4
commonspace/object/acl/list/models.go
View file

@ -85,6 +85,10 @@ func (p AclPermissions) IsOwner() bool {
return aclrecordproto.AclUserPermissions(p) == aclrecordproto.AclUserPermissions_Owner
}
func (p AclPermissions) IsGuest() bool {
return aclrecordproto.AclUserPermissions(p) == aclrecordproto.AclUserPermissions_Guest
}
func (p AclPermissions) CanWrite() bool {
switch aclrecordproto.AclUserPermissions(p) {
case aclrecordproto.AclUserPermissions_Admin:

11
commonspace/object/acl/list/validator.go
View file

@ -219,9 +219,14 @@ func (c *contentValidator) ValidateInvite(ch *aclrecordproto.AclAccountInvite, a
if !c.aclState.Permissions(authorIdentity).CanManageAccounts() {
return ErrInsufficientPermissions
}
if ch.InviteType == aclrecordproto.AclInviteType_AnyoneCanJoin &&
(AclPermissions(ch.Permissions).IsOwner() || AclPermissions(ch.Permissions).NoPermissions()) {
return ErrInsufficientPermissions
permissions := AclPermissions(ch.Permissions)
if ch.InviteType == aclrecordproto.AclInviteType_AnyoneCanJoin {
if permissions.IsOwner() || permissions.NoPermissions() || permissions.IsGuest() {
return ErrInsufficientPermissions
}
if ch.EncryptedReadKey == nil {
return ErrIncorrectReadKey
}
}
_, err = c.keyStore.PubKeyFromProto(ch.InviteKey)
return