From 3464f1d1891b8259388d015a381a8391731c22f2 Mon Sep 17 00:00:00 2001 From: Cory McWilliams Date: Sun, 14 Aug 2022 01:46:11 +0000 Subject: [PATCH] Took another whack at permissions. git-svn-id: https://www.unprompted.com/svn/projects/tildefriends/trunk@3958 ed5197a5-7fde-0310-b194-c3ffbd925b24 --- apps/cory/admin.json | 2 +- apps/cory/admin/app.js | 3 +- apps/cory/ssb.json | 2 +- apps/cory/ssb/tf.js | 3 +- core/app.js | 2 -- core/client.js | 30 ++++++++++---------- core/core.js | 62 ++++++++++++++++++++++-------------------- 7 files changed, 54 insertions(+), 50 deletions(-) diff --git a/apps/cory/admin.json b/apps/cory/admin.json index 89cfd1a2..486efa7d 100644 --- a/apps/cory/admin.json +++ b/apps/cory/admin.json @@ -1 +1 @@ -{"type":"tildefriends-app","files":{"app.js":"&NhFznWHPiG2TKpaGK+DrqzCr67trV3wYgDS+xwZml+Q=.sha256","index.html":"&PrdNng+/SYCFSEbx+E7tMKxs4/ypPDxbRlak4tGN/SM=.sha256","lit.min.js":"&3FfrVflmGr0n4lvN0GriN1Qz1lEw31SbZxRSJrcXR28=.sha256","script.js":"&hgxmXRvzwz27iH2BATFq20aLX4rtvL/AI/5QJV487XM=.sha256"}} \ No newline at end of file +{"type":"tildefriends-app","files":{"app.js":"&ONpfDPCOakAWKWw0vPwQGPqMPbFNxZR/DOhIEQtK7Ac=.sha256","index.html":"&PrdNng+/SYCFSEbx+E7tMKxs4/ypPDxbRlak4tGN/SM=.sha256","lit.min.js":"&3FfrVflmGr0n4lvN0GriN1Qz1lEw31SbZxRSJrcXR28=.sha256","script.js":"&hgxmXRvzwz27iH2BATFq20aLX4rtvL/AI/5QJV487XM=.sha256"}} \ No newline at end of file diff --git a/apps/cory/admin/app.js b/apps/cory/admin/app.js index 9e532249..3a709b5a 100644 --- a/apps/cory/admin/app.js +++ b/apps/cory/admin/app.js @@ -5,7 +5,8 @@ tfrpc.register(function delete_user(user) { }); async function main() { - let data = {users: {}}; + let data = {users: {}, granted: await core.allPermissionsGranted()}; + print(JSON.stringify(data)); for (let user of await core.users()) { data.users[user] = await core.permissionsForUser(user); } diff --git a/apps/cory/ssb.json b/apps/cory/ssb.json index 17e296e0..adab12b1 100644 --- a/apps/cory/ssb.json +++ b/apps/cory/ssb.json @@ -1 +1 @@ -{"type":"tildefriends-app","files":{"app.js":"&W/og3+Bmi2YJJ9PudClLLIhK5ZgplUMpsOowSF5o05s=.sha256","index.html":"&ye2GeqCrDi3Dbl3UVIfE8H5GzCxN8O46FWj5zhLnZAw=.sha256","vue-material.js":"&K5cdLqXYCENPak/TCINHQhyJhpS4G9DlZHGwoh/LF2g=.sha256","tf-user.js":"&cI/JLy83mOngcqYCEP8Vej8urDvAQAV1WxFsL67/K3M=.sha256","tf-message.js":"&JVARtJEQkq3XjjL0Jv/NUDkO2WZnXGIqkWsqYvTPXBI=.sha256","tf.js":"&m6it9k3I6Ou1xhckbtoMlAg9Y1tca5HV9GUmuFqPD7k=.sha256","commonmark.min.js":"&EP0OeR9zyLwZannz+0ga4s9AGES2RLvvIIQYHqqV6+k=.sha256","vue.js":"&g1wvA+yHl1sVC+eufTsg9If7ZeVyMTBU+h0tks7ZNzE=.sha256","vue-material-theme-default-dark.css":"&RP2nr+2CR18BpHHw5ST9a5GJUCOG9n0G2kuGkcQioWE=.sha256","vue-material.min.css":"&kGbUM2QgFSyHZRzqQb0b+0S3EVIlZ0AXpdiAVjIhou8=.sha256","roboto.css":"&jJv43Om673mQO5JK0jj7714s5E+5Yrf82H6LcDx7wUs=.sha256","material-icons.css":"&a28PdcVvgq/DxyIvJAx/e+ZOEtOuHnr3kjLWKyzH11M=.sha256","tf-shared.js":"&LXyUSm6zSakN/ghJlZ1Qg2VJfV5alhN0gl8F7txIIOU=.sha256","style.css":"&qegBNCrVUihxffRUxGFuG/6u+0Y6d18zHtfNHBZtZ04=.sha256"}} \ No newline at end of file +{"type":"tildefriends-app","files":{"app.js":"&W/og3+Bmi2YJJ9PudClLLIhK5ZgplUMpsOowSF5o05s=.sha256","index.html":"&ye2GeqCrDi3Dbl3UVIfE8H5GzCxN8O46FWj5zhLnZAw=.sha256","vue-material.js":"&K5cdLqXYCENPak/TCINHQhyJhpS4G9DlZHGwoh/LF2g=.sha256","tf-user.js":"&cI/JLy83mOngcqYCEP8Vej8urDvAQAV1WxFsL67/K3M=.sha256","tf-message.js":"&JVARtJEQkq3XjjL0Jv/NUDkO2WZnXGIqkWsqYvTPXBI=.sha256","tf.js":"&WVJ7+D8VMeU7+yRnD3hDsmm2nIKZtO8WKIdB0v+GU14=.sha256","commonmark.min.js":"&EP0OeR9zyLwZannz+0ga4s9AGES2RLvvIIQYHqqV6+k=.sha256","vue.js":"&g1wvA+yHl1sVC+eufTsg9If7ZeVyMTBU+h0tks7ZNzE=.sha256","vue-material-theme-default-dark.css":"&RP2nr+2CR18BpHHw5ST9a5GJUCOG9n0G2kuGkcQioWE=.sha256","vue-material.min.css":"&kGbUM2QgFSyHZRzqQb0b+0S3EVIlZ0AXpdiAVjIhou8=.sha256","roboto.css":"&jJv43Om673mQO5JK0jj7714s5E+5Yrf82H6LcDx7wUs=.sha256","material-icons.css":"&a28PdcVvgq/DxyIvJAx/e+ZOEtOuHnr3kjLWKyzH11M=.sha256","tf-shared.js":"&LXyUSm6zSakN/ghJlZ1Qg2VJfV5alhN0gl8F7txIIOU=.sha256","style.css":"&qegBNCrVUihxffRUxGFuG/6u+0Y6d18zHtfNHBZtZ04=.sha256"}} \ No newline at end of file diff --git a/apps/cory/ssb/tf.js b/apps/cory/ssb/tf.js index e6d32bfc..825c0454 100644 --- a/apps/cory/ssb/tf.js +++ b/apps/cory/ssb/tf.js @@ -178,8 +178,7 @@ window.addEventListener('load', function() { data: g_data, watch: { whoami: function(newValue, oldValue) { - let self = this; - setTimeout(function() { self.set_hash(); }, 100); + tfrpc.rpc.refresh(newValue, this.selected, true); }, selected: function(newValue, oldValue) { let self = this; diff --git a/core/app.js b/core/app.js index 36eb3991..558ea7ae 100644 --- a/core/app.js +++ b/core/app.js @@ -158,8 +158,6 @@ function socket(request, response, client) { if (process) { core.enableStats(process, message.enabled); } - } else if (message.action == 'permission') { - core.setPermission(process, message.id, message.granted); } else if (message.message == 'tfrpc') { if (message.id && g_calls[message.id]) { if (message.error !== undefined) { diff --git a/core/client.js b/core/client.js index 153a78f0..d2e34c1b 100644 --- a/core/client.js +++ b/core/client.js @@ -479,23 +479,25 @@ function api_requestPermission(permission, id) { }, ]; - div = document.createElement('div'); - for (let option of k_options) { - let button = document.createElement('button'); - button.innerText = option.text; - button.onclick = function() { - send({action: 'permission', id: id, granted: option.grant[check.checked ? 1 : 0]}); - while (permissions.firstChild) { - permissions.removeChild(permissions.firstChild); + return new Promise(function(resolve, reject) { + div = document.createElement('div'); + for (let option of k_options) { + let button = document.createElement('button'); + button.innerText = option.text; + button.onclick = function() { + resolve(option.grant[check.checked ? 1 : 0]); + while (permissions.firstChild) { + permissions.removeChild(permissions.firstChild); + } + permissions.style.visibility = 'hidden'; } - permissions.style.visibility = 'hidden'; + div.appendChild(button); } - div.appendChild(button); - } - container.appendChild(div); + container.appendChild(div); - permissions.appendChild(container); - permissions.style.visibility = 'visible'; + permissions.appendChild(container); + permissions.style.visibility = 'visible'; + }); } function receive(message) { diff --git a/core/core.js b/core/core.js index a7e5b2e3..eb5bd6bc 100644 --- a/core/core.js +++ b/core/core.js @@ -149,8 +149,6 @@ async function getProcessBlob(blobId, key, options) { process.task = null; delete gProcesses[key]; }; - process.promises = {}; - process.nextPromise = 1; var imports = { 'core': { 'broadcast': broadcast.bind(process), @@ -179,51 +177,65 @@ async function getProcessBlob(blobId, key, options) { return []; } }, + 'permissionsGranted': function() { + let user = process?.credentials?.session?.name; + if (user && + options?.packageOwner && + options?.packageName && + gGlobalSettings.userPermissions && + gGlobalSettings.userPermissions[user] && + gGlobalSettings.userPermissions[user][options.packageOwner]) { + return gGlobalSettings.userPermissions[user][options.packageOwner][options.packageName]; + } + }, + 'allPermissionsGranted': function() { + let user = process?.credentials?.session?.name; + if (user && + options?.packageOwner && + options?.packageName && + gGlobalSettings.userPermissions && + gGlobalSettings.userPermissions[user]) { + return gGlobalSettings.userPermissions[user]; + } + }, 'permissionsForUser': function(user) { return (gGlobalSettings?.permissions ? gGlobalSettings.permissions[user] : []) ?? []; }, 'apps': user => getApps(user, process), 'getSockets': getSockets, 'permissionTest': function(permission) { - let id = process.nextPromise++; - let promise = new Promise(function(resolve, reject) { - process.promises[id] = {resolve: resolve, reject: reject}; - }); let user = process?.credentials?.session?.name; if (!user || !options?.packageOwner || !options?.packageName) { - process.promises[id].reject(false); + return; } else if (gGlobalSettings.userPermissions && gGlobalSettings.userPermissions[user] && gGlobalSettings.userPermissions[user][options.packageOwner] && gGlobalSettings.userPermissions[user][options.packageOwner][options.packageName] && gGlobalSettings.userPermissions[user][options.packageOwner][options.packageName][permission] !== undefined) { if (gGlobalSettings.userPermissions[user][options.packageOwner][options.packageName][permission]) { - process.promises[id].resolve(true); + return true; } else { - process.promises[id].reject(false); + return false; } } else { - process.app.send({action: 'requestPermission', permission: permission, id: id}); - promise.then(function(value) { + return process.app.makeFunction(['requestPermission'])(permission).then(function(value) { if (value == 'allow') { storePermission(user, options.packageOwner, options.packageName, permission, true); return true; } else if (value == 'allow once') { return true; - } - return false; - }).catch(function(value) { - if (value == 'deny') { + } else if (value == 'deny') { storePermission(user, options.packageOwner, options.packageName, permission, false); return false; } else if (value == 'deny once') { return false; } return false; + }).catch(function() { + return false; }); } - return promise; }, } }; @@ -284,7 +296,11 @@ async function getProcessBlob(blobId, key, options) { if (process.credentials && process.credentials.session && process.credentials.session.name) { - return ssb.appendMessageWithIdentity(process.credentials.session.name, id, message); + return imports.core.permissionTest('ssb_append').then(function(value) { + if (value) { + return ssb.appendMessageWithIdentity(process.credentials.session.name, id, message); + } + }); } }; delete imports.ssb.addRpc; @@ -733,17 +749,6 @@ loadSettings().then(function() { exit(1); }); -function setPermission(process, id, allow) { - if (process.promises[id]) { - if (allow == 'allow' || allow == 'allow once') { - process.promises[id].resolve(allow); - } else { - process.promises[id].reject(allow); - } - delete process.promises[id]; - } -} - function storePermission(user, packageOwner, packageName, permission, allow) { if (!gGlobalSettings.userPermissions) { gGlobalSettings.userPermissions = {}; @@ -769,5 +774,4 @@ export { enableStats, invoke, getSessionProcessBlob, - setPermission, };