Took another whack at permissions.

git-svn-id: https://www.unprompted.com/svn/projects/tildefriends/trunk@3958 ed5197a5-7fde-0310-b194-c3ffbd925b24
This commit is contained in:
Cory McWilliams 2022-08-14 01:46:11 +00:00
parent fc9c3982c2
commit 3464f1d189
7 changed files with 54 additions and 50 deletions

View File

@ -1 +1 @@
{"type":"tildefriends-app","files":{"app.js":"&NhFznWHPiG2TKpaGK+DrqzCr67trV3wYgDS+xwZml+Q=.sha256","index.html":"&PrdNng+/SYCFSEbx+E7tMKxs4/ypPDxbRlak4tGN/SM=.sha256","lit.min.js":"&3FfrVflmGr0n4lvN0GriN1Qz1lEw31SbZxRSJrcXR28=.sha256","script.js":"&hgxmXRvzwz27iH2BATFq20aLX4rtvL/AI/5QJV487XM=.sha256"}} {"type":"tildefriends-app","files":{"app.js":"&ONpfDPCOakAWKWw0vPwQGPqMPbFNxZR/DOhIEQtK7Ac=.sha256","index.html":"&PrdNng+/SYCFSEbx+E7tMKxs4/ypPDxbRlak4tGN/SM=.sha256","lit.min.js":"&3FfrVflmGr0n4lvN0GriN1Qz1lEw31SbZxRSJrcXR28=.sha256","script.js":"&hgxmXRvzwz27iH2BATFq20aLX4rtvL/AI/5QJV487XM=.sha256"}}

View File

@ -5,7 +5,8 @@ tfrpc.register(function delete_user(user) {
}); });
async function main() { async function main() {
let data = {users: {}}; let data = {users: {}, granted: await core.allPermissionsGranted()};
print(JSON.stringify(data));
for (let user of await core.users()) { for (let user of await core.users()) {
data.users[user] = await core.permissionsForUser(user); data.users[user] = await core.permissionsForUser(user);
} }

View File

@ -1 +1 @@
{"type":"tildefriends-app","files":{"app.js":"&W/og3+Bmi2YJJ9PudClLLIhK5ZgplUMpsOowSF5o05s=.sha256","index.html":"&ye2GeqCrDi3Dbl3UVIfE8H5GzCxN8O46FWj5zhLnZAw=.sha256","vue-material.js":"&K5cdLqXYCENPak/TCINHQhyJhpS4G9DlZHGwoh/LF2g=.sha256","tf-user.js":"&cI/JLy83mOngcqYCEP8Vej8urDvAQAV1WxFsL67/K3M=.sha256","tf-message.js":"&JVARtJEQkq3XjjL0Jv/NUDkO2WZnXGIqkWsqYvTPXBI=.sha256","tf.js":"&m6it9k3I6Ou1xhckbtoMlAg9Y1tca5HV9GUmuFqPD7k=.sha256","commonmark.min.js":"&EP0OeR9zyLwZannz+0ga4s9AGES2RLvvIIQYHqqV6+k=.sha256","vue.js":"&g1wvA+yHl1sVC+eufTsg9If7ZeVyMTBU+h0tks7ZNzE=.sha256","vue-material-theme-default-dark.css":"&RP2nr+2CR18BpHHw5ST9a5GJUCOG9n0G2kuGkcQioWE=.sha256","vue-material.min.css":"&kGbUM2QgFSyHZRzqQb0b+0S3EVIlZ0AXpdiAVjIhou8=.sha256","roboto.css":"&jJv43Om673mQO5JK0jj7714s5E+5Yrf82H6LcDx7wUs=.sha256","material-icons.css":"&a28PdcVvgq/DxyIvJAx/e+ZOEtOuHnr3kjLWKyzH11M=.sha256","tf-shared.js":"&LXyUSm6zSakN/ghJlZ1Qg2VJfV5alhN0gl8F7txIIOU=.sha256","style.css":"&qegBNCrVUihxffRUxGFuG/6u+0Y6d18zHtfNHBZtZ04=.sha256"}} {"type":"tildefriends-app","files":{"app.js":"&W/og3+Bmi2YJJ9PudClLLIhK5ZgplUMpsOowSF5o05s=.sha256","index.html":"&ye2GeqCrDi3Dbl3UVIfE8H5GzCxN8O46FWj5zhLnZAw=.sha256","vue-material.js":"&K5cdLqXYCENPak/TCINHQhyJhpS4G9DlZHGwoh/LF2g=.sha256","tf-user.js":"&cI/JLy83mOngcqYCEP8Vej8urDvAQAV1WxFsL67/K3M=.sha256","tf-message.js":"&JVARtJEQkq3XjjL0Jv/NUDkO2WZnXGIqkWsqYvTPXBI=.sha256","tf.js":"&WVJ7+D8VMeU7+yRnD3hDsmm2nIKZtO8WKIdB0v+GU14=.sha256","commonmark.min.js":"&EP0OeR9zyLwZannz+0ga4s9AGES2RLvvIIQYHqqV6+k=.sha256","vue.js":"&g1wvA+yHl1sVC+eufTsg9If7ZeVyMTBU+h0tks7ZNzE=.sha256","vue-material-theme-default-dark.css":"&RP2nr+2CR18BpHHw5ST9a5GJUCOG9n0G2kuGkcQioWE=.sha256","vue-material.min.css":"&kGbUM2QgFSyHZRzqQb0b+0S3EVIlZ0AXpdiAVjIhou8=.sha256","roboto.css":"&jJv43Om673mQO5JK0jj7714s5E+5Yrf82H6LcDx7wUs=.sha256","material-icons.css":"&a28PdcVvgq/DxyIvJAx/e+ZOEtOuHnr3kjLWKyzH11M=.sha256","tf-shared.js":"&LXyUSm6zSakN/ghJlZ1Qg2VJfV5alhN0gl8F7txIIOU=.sha256","style.css":"&qegBNCrVUihxffRUxGFuG/6u+0Y6d18zHtfNHBZtZ04=.sha256"}}

View File

@ -178,8 +178,7 @@ window.addEventListener('load', function() {
data: g_data, data: g_data,
watch: { watch: {
whoami: function(newValue, oldValue) { whoami: function(newValue, oldValue) {
let self = this; tfrpc.rpc.refresh(newValue, this.selected, true);
setTimeout(function() { self.set_hash(); }, 100);
}, },
selected: function(newValue, oldValue) { selected: function(newValue, oldValue) {
let self = this; let self = this;

View File

@ -158,8 +158,6 @@ function socket(request, response, client) {
if (process) { if (process) {
core.enableStats(process, message.enabled); core.enableStats(process, message.enabled);
} }
} else if (message.action == 'permission') {
core.setPermission(process, message.id, message.granted);
} else if (message.message == 'tfrpc') { } else if (message.message == 'tfrpc') {
if (message.id && g_calls[message.id]) { if (message.id && g_calls[message.id]) {
if (message.error !== undefined) { if (message.error !== undefined) {

View File

@ -479,12 +479,13 @@ function api_requestPermission(permission, id) {
}, },
]; ];
return new Promise(function(resolve, reject) {
div = document.createElement('div'); div = document.createElement('div');
for (let option of k_options) { for (let option of k_options) {
let button = document.createElement('button'); let button = document.createElement('button');
button.innerText = option.text; button.innerText = option.text;
button.onclick = function() { button.onclick = function() {
send({action: 'permission', id: id, granted: option.grant[check.checked ? 1 : 0]}); resolve(option.grant[check.checked ? 1 : 0]);
while (permissions.firstChild) { while (permissions.firstChild) {
permissions.removeChild(permissions.firstChild); permissions.removeChild(permissions.firstChild);
} }
@ -496,6 +497,7 @@ function api_requestPermission(permission, id) {
permissions.appendChild(container); permissions.appendChild(container);
permissions.style.visibility = 'visible'; permissions.style.visibility = 'visible';
});
} }
function receive(message) { function receive(message) {

View File

@ -149,8 +149,6 @@ async function getProcessBlob(blobId, key, options) {
process.task = null; process.task = null;
delete gProcesses[key]; delete gProcesses[key];
}; };
process.promises = {};
process.nextPromise = 1;
var imports = { var imports = {
'core': { 'core': {
'broadcast': broadcast.bind(process), 'broadcast': broadcast.bind(process),
@ -179,51 +177,65 @@ async function getProcessBlob(blobId, key, options) {
return []; return [];
} }
}, },
'permissionsGranted': function() {
let user = process?.credentials?.session?.name;
if (user &&
options?.packageOwner &&
options?.packageName &&
gGlobalSettings.userPermissions &&
gGlobalSettings.userPermissions[user] &&
gGlobalSettings.userPermissions[user][options.packageOwner]) {
return gGlobalSettings.userPermissions[user][options.packageOwner][options.packageName];
}
},
'allPermissionsGranted': function() {
let user = process?.credentials?.session?.name;
if (user &&
options?.packageOwner &&
options?.packageName &&
gGlobalSettings.userPermissions &&
gGlobalSettings.userPermissions[user]) {
return gGlobalSettings.userPermissions[user];
}
},
'permissionsForUser': function(user) { 'permissionsForUser': function(user) {
return (gGlobalSettings?.permissions ? gGlobalSettings.permissions[user] : []) ?? []; return (gGlobalSettings?.permissions ? gGlobalSettings.permissions[user] : []) ?? [];
}, },
'apps': user => getApps(user, process), 'apps': user => getApps(user, process),
'getSockets': getSockets, 'getSockets': getSockets,
'permissionTest': function(permission) { 'permissionTest': function(permission) {
let id = process.nextPromise++;
let promise = new Promise(function(resolve, reject) {
process.promises[id] = {resolve: resolve, reject: reject};
});
let user = process?.credentials?.session?.name; let user = process?.credentials?.session?.name;
if (!user || !options?.packageOwner || !options?.packageName) { if (!user || !options?.packageOwner || !options?.packageName) {
process.promises[id].reject(false); return;
} else if (gGlobalSettings.userPermissions && } else if (gGlobalSettings.userPermissions &&
gGlobalSettings.userPermissions[user] && gGlobalSettings.userPermissions[user] &&
gGlobalSettings.userPermissions[user][options.packageOwner] && gGlobalSettings.userPermissions[user][options.packageOwner] &&
gGlobalSettings.userPermissions[user][options.packageOwner][options.packageName] && gGlobalSettings.userPermissions[user][options.packageOwner][options.packageName] &&
gGlobalSettings.userPermissions[user][options.packageOwner][options.packageName][permission] !== undefined) { gGlobalSettings.userPermissions[user][options.packageOwner][options.packageName][permission] !== undefined) {
if (gGlobalSettings.userPermissions[user][options.packageOwner][options.packageName][permission]) { if (gGlobalSettings.userPermissions[user][options.packageOwner][options.packageName][permission]) {
process.promises[id].resolve(true); return true;
} else { } else {
process.promises[id].reject(false); return false;
} }
} else { } else {
process.app.send({action: 'requestPermission', permission: permission, id: id}); return process.app.makeFunction(['requestPermission'])(permission).then(function(value) {
promise.then(function(value) {
if (value == 'allow') { if (value == 'allow') {
storePermission(user, options.packageOwner, options.packageName, permission, true); storePermission(user, options.packageOwner, options.packageName, permission, true);
return true; return true;
} else if (value == 'allow once') { } else if (value == 'allow once') {
return true; return true;
} } else if (value == 'deny') {
return false;
}).catch(function(value) {
if (value == 'deny') {
storePermission(user, options.packageOwner, options.packageName, permission, false); storePermission(user, options.packageOwner, options.packageName, permission, false);
return false; return false;
} else if (value == 'deny once') { } else if (value == 'deny once') {
return false; return false;
} }
return false; return false;
}).catch(function() {
return false;
}); });
} }
return promise;
}, },
} }
}; };
@ -284,8 +296,12 @@ async function getProcessBlob(blobId, key, options) {
if (process.credentials && if (process.credentials &&
process.credentials.session && process.credentials.session &&
process.credentials.session.name) { process.credentials.session.name) {
return imports.core.permissionTest('ssb_append').then(function(value) {
if (value) {
return ssb.appendMessageWithIdentity(process.credentials.session.name, id, message); return ssb.appendMessageWithIdentity(process.credentials.session.name, id, message);
} }
});
}
}; };
delete imports.ssb.addRpc; delete imports.ssb.addRpc;
@ -733,17 +749,6 @@ loadSettings().then(function() {
exit(1); exit(1);
}); });
function setPermission(process, id, allow) {
if (process.promises[id]) {
if (allow == 'allow' || allow == 'allow once') {
process.promises[id].resolve(allow);
} else {
process.promises[id].reject(allow);
}
delete process.promises[id];
}
}
function storePermission(user, packageOwner, packageName, permission, allow) { function storePermission(user, packageOwner, packageName, permission, allow) {
if (!gGlobalSettings.userPermissions) { if (!gGlobalSettings.userPermissions) {
gGlobalSettings.userPermissions = {}; gGlobalSettings.userPermissions = {};
@ -769,5 +774,4 @@ export {
enableStats, enableStats,
invoke, invoke,
getSessionProcessBlob, getSessionProcessBlob,
setPermission,
}; };