commit 82b13c6720a3f46beabd63bcb887e31d5c76c08e
parent 58af801c2cb291c7af1cc9b7027a5534b1892aea
Author: Peter Kosyh <p.kosyh@gmail.com>
Date: Thu, 11 Mar 2021 10:31:59 +0300
access to web private msgs/2
Diffstat:
2 files changed, 41 insertions(+), 13 deletions(-)
diff --git a/ii-node/main.go b/ii-node/main.go
@@ -138,16 +138,34 @@ func main() {
case "GET":
udb.LoadUsers()
args := strings.Split(r.URL.Path[9:], "/")
- if len(args) >= 3 && args[1] == "u" && args[2] == "e" {
+
+ if len(args) >= 3 && args[1] == "u" {
pauth = args[0]
if !udb.Access(pauth) {
ii.Info.Printf("Access denied for pauth: %s", pauth)
return
}
- echoes := args[3:]
- if user := udb.UserInfo(pauth); user != nil {
+ user := udb.UserInfo(pauth)
+ if user == nil {
+ return
+ }
+ if args[2] == "e" {
+ echoes := args[3:]
get_ue(echoes, db, *user, w, r)
+ return
}
+ if args[2] == "m" {
+ ids := args[3:]
+ for _, i := range ids {
+ m, info := db.GetBundleInfo(i)
+ if m == "" || !db.Access(info, user) {
+ continue
+ }
+ fmt.Fprintf(w, "%s\n", m)
+ }
+ return
+ }
+ ii.Error.Printf("Wrong /u/point/ get request: %s", r.URL.Path[9:])
return
}
if len(args) != 2 {
@@ -189,8 +207,8 @@ func main() {
http.HandleFunc("/u/m/", func(w http.ResponseWriter, r *http.Request) {
ids := strings.Split(r.URL.Path[5:], "/")
for _, i := range ids {
- m := db.GetBundle(i)
- if m != "" {
+ m, info := db.GetBundleInfo(i)
+ if m != "" && !ii.IsPrivate(info.Echo) {
fmt.Fprintf(w, "%s\n", m)
}
}
@@ -206,7 +224,7 @@ func main() {
}
m := db.Get(id)
ii.Info.Printf("/m/%s %s", id, m)
- if m != nil {
+ if m != nil && !ii.IsPrivate(m.Echo) {
fmt.Fprintf(w, "%s", m.String())
}
})
diff --git a/ii/db.go b/ii/db.go
@@ -387,22 +387,22 @@ func (db *DB) LookupIDS(Ids []string) []*MsgInfo {
// If idx is true: load/create index.
// Returns: msgid:base64 bundle.
// Does not lock!
-func (db *DB) _GetBundle(Id string, idx bool) string {
+func (db *DB) _GetBundle(Id string, idx bool) (string, *MsgInfo) {
info := db._Lookup(Id, false, idx)
if info == nil {
Info.Printf("Can not find bundle: %s\n", Id)
- return ""
+ return "", nil
}
f, err := os.Open(db.BundlePath())
if err != nil {
Error.Printf("Can not open DB: %s\n", err)
- return ""
+ return "", nil
}
defer f.Close()
_, err = f.Seek(info.Off, 0)
if err != nil {
Error.Printf("Can not seek DB: %s\n", err)
- return ""
+ return "", nil
}
var bundle string
err = f_lines(f, func(line string) bool {
@@ -411,9 +411,9 @@ func (db *DB) _GetBundle(Id string, idx bool) string {
})
if err != nil {
Error.Printf("Can not get %s from DB: %s\n", Id, err)
- return ""
+ return "", nil
}
- return bundle
+ return bundle, info
}
// Get bundle line by message id from db.
@@ -425,6 +425,16 @@ func (db *DB) GetBundle(Id string) string {
db.Lock()
defer db.Unlock()
+ b, _ := db._GetBundle(Id, true)
+ return b
+}
+
+func (db *DB) GetBundleInfo(Id string) (string, *MsgInfo) {
+ db.Sync.RLock()
+ defer db.Sync.RUnlock()
+ db.Lock()
+ defer db.Unlock()
+
return db._GetBundle(Id, true)
}
@@ -446,7 +456,7 @@ func (db *DB) Get(Id string) *Msg {
// Get decoded message from db by message id.
// Does NOT lock! Loads/create index if needed.
func (db *DB) GetFast(Id string) *Msg {
- bundle := db._GetBundle(Id, false)
+ bundle, _ := db._GetBundle(Id, false)
if bundle == "" {
return nil
}
