From 30f4793342173c5effe22fce6603c720874e0ce1 Mon Sep 17 00:00:00 2001 From: Gregoire Parant Date: Mon, 1 Mar 2021 22:21:52 +0100 Subject: [PATCH 1/2] Update private access --- pusher/src/Controller/IoSocketController.ts | 26 ++++++++++++++++++--- pusher/src/Services/AdminApi.ts | 14 +---------- 2 files changed, 24 insertions(+), 16 deletions(-) diff --git a/pusher/src/Controller/IoSocketController.ts b/pusher/src/Controller/IoSocketController.ts index a43f43ba..2b068e47 100644 --- a/pusher/src/Controller/IoSocketController.ts +++ b/pusher/src/Controller/IoSocketController.ts @@ -25,6 +25,7 @@ import {clientEventsEmitter} from "../Services/ClientEventsEmitter"; import {ADMIN_API_TOKEN, ADMIN_API_URL, SOCKET_IDLE_TIMER} from "../Enum/EnvironmentVariable"; import {Zone} from "_Model/Zone"; import {ExAdminSocketInterface} from "_Model/Websocket/ExAdminSocketInterface"; +import {v4} from "uuid"; export class IoSocketController { private nextUserId: number = 1; @@ -181,13 +182,32 @@ export class IoSocketController { }*/ if (ADMIN_API_URL) { try { - const userData = await adminApi.fetchMemberDataByUuid(userUuid); - //console.log('USERDATA', userData) + let userData = { + uuid: v4(), + anonymous: true, + tags: [], + textures: [], + messages: [], + }; + try { + (userData as FetchMemberDataByUuidResponse) = await adminApi.fetchMemberDataByUuid(userUuid); + }catch (err){ + if (err?.response?.status == 404) { + // If we get an HTTP 404, the token is invalid. Let's perform an anonymous login! + console.warn('Cannot find user with uuid "'+userUuid+'". Performing an anonymous login instead.'); + }else{ + throw err; + } + } memberTags = userData.tags; memberTextures = userData.textures; - if (!room.anonymous && room.policyType === GameRoomPolicyTypes.USE_TAGS_POLICY && !room.canAccess(memberTags)) { + if (!room.anonymous && room.policyType === GameRoomPolicyTypes.USE_TAGS_POLICY && (userData.anonymous === true || !room.canAccess(memberTags))) { throw new Error('No correct tags') } + if (!room.anonymous && room.policyType === GameRoomPolicyTypes.MEMBERS_ONLY_POLICY && userData.anonymous === true) { + throw new Error('No correct member') + } + //console.log('access granted for user '+userUuid+' and room '+roomId); } catch (e) { console.log('access not granted for user '+userUuid+' and room '+roomId); diff --git a/pusher/src/Services/AdminApi.ts b/pusher/src/Services/AdminApi.ts index e9bccef8..ba9a8778 100644 --- a/pusher/src/Services/AdminApi.ts +++ b/pusher/src/Services/AdminApi.ts @@ -1,6 +1,5 @@ import {ADMIN_API_TOKEN, ADMIN_API_URL} from "../Enum/EnvironmentVariable"; import Axios from "axios"; -import {v4} from "uuid"; export interface AdminApiData { organizationSlug: string @@ -68,18 +67,7 @@ class AdminApi { ) return res.data; } catch (e) { - if (e?.response?.status == 404) { - // If we get an HTTP 404, the token is invalid. Let's perform an anonymous login! - console.warn('Cannot find user with uuid "'+uuid+'". Performing an anonymous login instead.'); - return { - uuid: v4(), - tags: [], - textures: [], - messages: [], - } - } else { - throw e; - } + throw e; } } From 915d945dd57a4b8800d4dc5c949276e56336dce7 Mon Sep 17 00:00:00 2001 From: Gregoire Parant Date: Mon, 1 Mar 2021 22:32:50 +0100 Subject: [PATCH 2/2] Fix ci --- pusher/src/Controller/IoSocketController.ts | 6 +++--- pusher/src/Services/AdminApi.ts | 13 +++++-------- 2 files changed, 8 insertions(+), 11 deletions(-) diff --git a/pusher/src/Controller/IoSocketController.ts b/pusher/src/Controller/IoSocketController.ts index 2b068e47..6bdbd36d 100644 --- a/pusher/src/Controller/IoSocketController.ts +++ b/pusher/src/Controller/IoSocketController.ts @@ -182,15 +182,15 @@ export class IoSocketController { }*/ if (ADMIN_API_URL) { try { - let userData = { + let userData : FetchMemberDataByUuidResponse = { uuid: v4(), - anonymous: true, tags: [], textures: [], messages: [], + anonymous: true }; try { - (userData as FetchMemberDataByUuidResponse) = await adminApi.fetchMemberDataByUuid(userUuid); + userData = await adminApi.fetchMemberDataByUuid(userUuid); }catch (err){ if (err?.response?.status == 404) { // If we get an HTTP 404, the token is invalid. Let's perform an anonymous login! diff --git a/pusher/src/Services/AdminApi.ts b/pusher/src/Services/AdminApi.ts index ba9a8778..06d9239c 100644 --- a/pusher/src/Services/AdminApi.ts +++ b/pusher/src/Services/AdminApi.ts @@ -30,6 +30,7 @@ export interface FetchMemberDataByUuidResponse { tags: string[]; textures: CharacterTexture[]; messages: unknown[]; + anonymous?: boolean; } class AdminApi { @@ -61,14 +62,10 @@ class AdminApi { if (!ADMIN_API_URL) { return Promise.reject('No admin backoffice set!'); } - try { - const res = await Axios.get(ADMIN_API_URL+'/api/membership/'+uuid, - { headers: {"Authorization" : `${ADMIN_API_TOKEN}`} } - ) - return res.data; - } catch (e) { - throw e; - } + const res = await Axios.get(ADMIN_API_URL+'/api/membership/'+uuid, + { headers: {"Authorization" : `${ADMIN_API_TOKEN}`} } + ) + return res.data; } async fetchMemberDataByToken(organizationMemberToken: string): Promise {