public-offering
/
pad.pub0.org
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

dont crash on no auth, ust a bandaid

pull/1753/head
John McLear 2013-04-17 19:50:05 +01:00
parent f478f99995
commit 3b8621c6a0
1 changed files with 23 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
src/node/handler/PadMessageHandler.js
View File

@ -224,22 +224,31 @@ exports.handleMessage = function(client, message)
// FIXME: Call our "sessions" "connections". // FIXME: Call our "sessions" "connections".
// FIXME: Use a hook instead // FIXME: Use a hook instead
// FIXME: Allow to override readwrite access with readonly // FIXME: Allow to override readwrite access with readonly
var auth = sessioninfos[client.id].auth;
securityManager.checkAccess(auth.padID, auth.sessionID, auth.token, auth.password, function(err, statusObject)
{
if(ERR(err, callback)) return;
//access was granted // FIXME: A message might arrive but wont have an auth object, this is obviously bad so we should deny it
if(statusObject.accessStatus == "grant") // Simulate using the load testing tool
if(!sessioninfos[client.id].auth){
console.error("Auth was never applied to a session", sessioninfos[client.id])
client.json.send({accessStatus: "deny"});
callback();
}else{
var auth = sessioninfos[client.id].auth;
securityManager.checkAccess(auth.padID, auth.sessionID, auth.token, auth.password, function(err, statusObject)
{ {
callback(); if(ERR(err, callback)) return;
}
//no access, send the client a message that tell him why //access was granted
else if(statusObject.accessStatus == "grant")
{ {
client.json.send({accessStatus: statusObject.accessStatus}) callback();
} }
}); //no access, send the client a message that tell him why
else
{
client.json.send({accessStatus: statusObject.accessStatus})
}
});
}
}, },
finalHandler finalHandler
]); ]);