From e4d315ebc0a82db460bd59f777981951a4432e38 Mon Sep 17 00:00:00 2001
From: Ylian Saint-Hilaire <ysainthilaire@hotmail.com>
Date: Fri, 17 Apr 2020 15:22:51 -0700
Subject: [PATCH] Access control improvements on mobile app.

---
 meshuser.js                     | 1 +
 views/default-mobile.handlebars | 9 ++++++---
 views/default.handlebars        | 2 +-
 3 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/meshuser.js b/meshuser.js
index f5a23868..6b9b1627 100644
--- a/meshuser.js
+++ b/meshuser.js
@@ -45,6 +45,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
     const MESHRIGHT_LIMITEVENTS = 8192;
     const MESHRIGHT_CHATNOTIFY = 16384;
     const MESHRIGHT_UNINSTALL = 32768;
+    const MESHRIGHT_NODESKTOP = 65536;
 
     // Site rights
     const SITERIGHT_SERVERBACKUP = 1;           // 0x00000001
diff --git a/views/default-mobile.handlebars b/views/default-mobile.handlebars
index bb8b3088..ddc77430 100644
--- a/views/default-mobile.handlebars
+++ b/views/default-mobile.handlebars
@@ -815,10 +815,10 @@
                     }
 
                     // If we are currently looking at a node this is now gone, change the view.
-                    //if ((currentNode != null) && (getNodeFromId(currentNode._id) == null)) { currentNode = null; go(1); }
+                    if ((currentNode != null) && (IsNodeViewable(currentNode) == false)) { currentNode = null; go(2); }
 
                     // Change the reference to the current node
-                    if (currentNode != null) { currentNode = getNodeFromId(currentNode._id); }
+                    if (currentNode != null) { currentNode = getNodeFromId(currentNode._id); if (currentNode != null) { gotoDevice(currentNode._id, xxcurrentView, true); } else { go(2); } }
 
                     //onSortSelectChange();
                     //onSearchInputChanged();
@@ -2103,6 +2103,7 @@
             meshserver.send({ action: 'toast', nodeids: [currentNode._id], title: 'MeshCentral', msg: Q('d2devToast').value });
         }
 
+        // && ((meshrights == 0xFFFFFFFF) || ((meshrights & 65536) == 0))
         function setupDeviceMenu(op, obj) {
             var meshrights = GetNodeRights(currentNode);
             if (op != null) { currentDevicePanel = op; }
@@ -2111,11 +2112,13 @@
             QV('p10files', currentDevicePanel == 2);
             var menus = [];
             if (currentDevicePanel != 0) { menus.push({ n: 'General', f: 'setupDeviceMenu(0)' }); }
+
             if ((currentDevicePanel != 1) &&
                 (currentNode != null) &&
-                ((meshrights & 8) || (meshrights & 256)) &&
+                ((meshrights & 8) || (meshrights & 256)) && ((meshrights == 0xFFFFFFFF) || ((meshrights & 65536) == 0)) &&
                 (((currentNode.agent == null) && ((typeof currentNode.intelamt.sku !== 'number') || ((currentNode.intelamt.sku & 8) != 0))) || (currentNode.agent && (currentNode.agent.caps & 1)))
             ) { menus.push({ n: 'Desktop', f: 'setupDeviceMenu(1)' }); }
+
             if ((currentDevicePanel != 2) && (currentNode != null) && (meshrights & 8) && ((meshrights == 0xFFFFFFFF) || ((meshrights & 1024) == 0)) && ((currentNode.mtype == 2) && (currentNode.agent.caps & 4))) { menus.push({ n: 'Files', f: 'setupDeviceMenu(2)' }); }
             updateFooterMenu(menus);
         }
diff --git a/views/default.handlebars b/views/default.handlebars
index f688cea0..97e4e008 100644
--- a/views/default.handlebars
+++ b/views/default.handlebars
@@ -1847,7 +1847,7 @@
                     if ((currentNode != null) && (IsNodeViewable(currentNode) == false)) { currentNode = null; go(1); }
 
                     // Change the reference to the current node
-                    if (currentNode != null) { currentNode = getNodeFromId(currentNode._id); gotoDevice(currentNode._id, xxcurrentView, true); }
+                    if (currentNode != null) { currentNode = getNodeFromId(currentNode._id); if (currentNode != null) { gotoDevice(currentNode._id, xxcurrentView, true); } else { go(1); } }
 
                     masterUpdate(1 | 2 | 4 | 64);
                     break;