Fixed server file permissions for device groups, #3294

This commit is contained in:
Ylian Saint-Hilaire 2021-11-25 09:26:25 -08:00
parent 48f6d1e251
commit b0726e9a13
2 changed files with 17 additions and 26 deletions

View File

@ -6799,11 +6799,10 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
try { files.filetree.f[user._id].f = readFilesRec(parent.path.join(parent.filespath, domainx + '/user-' + usersplit[2])); } catch (e) { } try { files.filetree.f[user._id].f = readFilesRec(parent.path.join(parent.filespath, domainx + '/user-' + usersplit[2])); } catch (e) { }
} }
// Add files for each mesh // TODO: Get all meshes including groups!! // Add files for each mesh
for (var i in user.links) { const meshes = parent.GetAllMeshWithRights(user, MESHRIGHT_SERVERFILES);
if ((user.links[i].rights & 32) != 0) { // Check that we have file permissions for (var i in meshes) {
var mesh = parent.meshes[i]; const mesh = meshes[i];
if (mesh) {
var meshsplit = mesh._id.split('/'); var meshsplit = mesh._id.split('/');
files.filetree.f[mesh._id] = { t: 4, n: mesh.name, f: {} }; files.filetree.f[mesh._id] = { t: 4, n: mesh.name, f: {} };
files.filetree.f[mesh._id].maxbytes = parent.getQuota(mesh._id, domain); files.filetree.f[mesh._id].maxbytes = parent.getQuota(mesh._id, domain);
@ -6815,8 +6814,6 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
files.filetree.f[mesh._id].f = {}; // Got an error, return empty folder. We will create the folder only when needed. files.filetree.f[mesh._id].f = {}; // Got an error, return empty folder. We will create the folder only when needed.
} }
} }
}
}
// Respond // Respond
try { ws.send(JSON.stringify(files)); } catch (ex) { } try { ws.send(JSON.stringify(files)); } catch (ex) { }

View File

@ -7050,20 +7050,14 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
if (i.startsWith('mesh/')) { if (i.startsWith('mesh/')) {
// Grant access to a device group thru a direct link // Grant access to a device group thru a direct link
const m = obj.meshes[i]; const m = obj.meshes[i];
if ((m) && (m.deleted == null) && ((rights == null) || ((user.links[i].rights & rights) != 0))) { if ((m) && (r.indexOf(m) == -1) && (m.deleted == null) && ((rights == null) || ((user.links[i].rights & rights) != 0))) { r.push(m); }
if (r.indexOf(m) == -1) { r.push(m); }
}
} else if (i.startsWith('ugrp/')) { } else if (i.startsWith('ugrp/')) {
// Grant access to a device group thru a user group // Grant access to a device group thru a user group
const g = obj.userGroups[i]; const g = obj.userGroups[i];
if (g && (g.links != null) && ((rights == null) || ((user.links[i].rights & rights) != 0))) {
for (var j in g.links) { for (var j in g.links) {
if (j.startsWith('mesh/')) { if (j.startsWith('mesh/') && ((rights == null) || ((g.links[j].rights != null) && (g.links[j].rights & rights) != 0))) {
const m = obj.meshes[j]; const m = obj.meshes[j];
if ((m) && (m.deleted == null)) { if ((m) && (m.deleted == null) && (r.indexOf(m) == -1)) { r.push(m); }
if (r.indexOf(m) == -1) { r.push(m); }
}
}
} }
} }
} }