public-offering
/
pad.pub0.org
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
pad.pub0.org/doc/api
History
pcworld 3c71e8983b Fix read only pad access with authentication 
Before this commit, webaccess.checkAccess saved the authorization in
user.padAuthorizations[padId] with padId being the read-only pad ID,
however later stages, e.g. in PadMessageHandler, use the real pad ID for
access checks. This led to authorization being denied.

This commit fixes it by only storing and comparing the real pad IDs and
not read-only pad IDs.

This fixes test case "authn user readonly pad -> 200, ok" in
src/tests/backend/specs/socketio.js.
 		2021-04-12 22:51:06 -04:00
..
api.md
changeset_library.md
editbar.md
editorInfo.md
embed_parameters.md
hooks_client-side.md chat: Allow `chatNewMessage` hook to modify more values 2021-04-11 06:20:29 +02:00
hooks_overview.md
hooks_server-side.md Fix read only pad access with authentication 2021-04-12 22:51:06 -04:00
http_api.md
pluginfw.md
toolbar.md