From 0a74e5016753237ed02f1ca69c98046f877ebe9e Mon Sep 17 00:00:00 2001 From: Travis Eden Date: Thu, 20 Sep 2018 13:34:53 -0400 Subject: [PATCH] refactor channel checks with isApprovedChannel --- client/src/containers/NavigationLinks/view.jsx | 3 ++- client/src/utils/isApprovedChannel.js | 9 +++++++++ server/controllers/api/channel/data/index.js | 12 ++++++++---- server/controllers/api/claim/publish/index.js | 5 +++-- .../assets/utils/getClaimIdAndServeAsset.js | 5 +++-- server/models/claim.js | 5 +++-- server/utils/isApprovedChannel.js | 11 +++++++++++ 7 files changed, 39 insertions(+), 11 deletions(-) create mode 100644 client/src/utils/isApprovedChannel.js create mode 100644 server/utils/isApprovedChannel.js diff --git a/client/src/containers/NavigationLinks/view.jsx b/client/src/containers/NavigationLinks/view.jsx index 3876702e..2f8ce8ca 100644 --- a/client/src/containers/NavigationLinks/view.jsx +++ b/client/src/containers/NavigationLinks/view.jsx @@ -1,6 +1,7 @@ import React from 'react'; import { NavLink, withRouter } from 'react-router-dom'; import NavBarChannelOptionsDropdown from '@components/NavBarChannelOptionsDropdown'; +import isApprovedChannel from '../../utils/isApprovedChannel'; const VIEW = 'VIEW'; const LOGOUT = 'LOGOUT'; @@ -31,7 +32,7 @@ class NavigationLinks extends React.Component { const { site, channelLongId, channelName } = this.props; return (
- {(!site.publishOnlyApproved || site.approvedChannels.includes(channelLongId)) && chan.longId === long)) || + (name && short && channels.find(chan => chan.name === name && chan.shortId === short)) + ); +} + +module.exports = isApprovedChannel; diff --git a/server/controllers/api/channel/data/index.js b/server/controllers/api/channel/data/index.js index c9ceebf4..440326b5 100644 --- a/server/controllers/api/channel/data/index.js +++ b/server/controllers/api/channel/data/index.js @@ -1,8 +1,7 @@ const { handleErrorResponse } = require('../../../utils/errorHandlers.js'); - const getChannelData = require('./getChannelData.js'); -const { publishing: { serveOnlyApproved, approvedChannels } } = require('@config/siteConfig'); - +const isApprovedChannel = require('../../../../utils/isApprovedChannel'); +const { publishing: { serveOnlyApproved } } = require('@config/siteConfig'); const NO_CHANNEL = 'NO_CHANNEL'; /* @@ -15,12 +14,17 @@ const channelData = ({ ip, originalUrl, body, params }, res) => { const channelName = params.channelName; let channelClaimId = params.channelClaimId; if (channelClaimId === 'none') channelClaimId = null; - if (serveOnlyApproved && approvedChannels && !approvedChannels.includes(channelClaimId)) { + + const chanObj = {}; + if (channelName) chanObj.name = channelName; + if (channelClaimId) chanObj[(channelClaimId.length === 40 ? 'longId' : 'shortId')] = channelClaimId; + if (serveOnlyApproved && !isApprovedChannel(chanObj)) { return res.status(404).json({ success: false, message: 'This spee.ch instance serves limited content which does not include this asset', }); } + getChannelData(channelName, channelClaimId) .then(data => { res.status(200).json({ diff --git a/server/controllers/api/claim/publish/index.js b/server/controllers/api/claim/publish/index.js index 4f551053..c5a2bdbb 100644 --- a/server/controllers/api/claim/publish/index.js +++ b/server/controllers/api/claim/publish/index.js @@ -3,7 +3,8 @@ const logger = require('winston'); const { details: { host }, publishing: { disabled, disabledMessage } } = require('@config/siteConfig'); const { sendGATimingEvent } = require('../../../../utils/googleAnalytics.js'); -const { publishing: { publishOnlyApproved, approvedChannels } } = require('@config/siteConfig'); +const isApprovedChannel = require('../../../../utils/isApprovedChannel'); +const { publishing: { publishOnlyApproved } } = require('@config/siteConfig'); const { handleErrorResponse } = require('../../../utils/errorHandlers.js'); @@ -56,7 +57,7 @@ const claimPublish = ({ body, files, headers, ip, originalUrl, user, tor }, res) // check channel authorization authenticateUser(channelName, channelId, channelPassword, user) .then(({ channelName, channelClaimId }) => { - if (publishOnlyApproved && approvedChannels && !approvedChannels.includes(channelClaimId)) { + if (publishOnlyApproved && !isApprovedChannel({ longId: channelClaimId })) { const error = { name : UNAPPROVED_CHANNEL, message: 'This spee.ch instance only allows publishing to approved channels', diff --git a/server/controllers/assets/utils/getClaimIdAndServeAsset.js b/server/controllers/assets/utils/getClaimIdAndServeAsset.js index 66486ba8..af81162c 100644 --- a/server/controllers/assets/utils/getClaimIdAndServeAsset.js +++ b/server/controllers/assets/utils/getClaimIdAndServeAsset.js @@ -1,6 +1,7 @@ const logger = require('winston'); const db = require('../../../models'); +const isApprovedChannel = require('../../../utils/isApprovedChannel'); const getClaimId = require('../../utils/getClaimId.js'); const { handleErrorResponse } = require('../../utils/errorHandlers.js'); @@ -13,7 +14,7 @@ const BLOCKED_CLAIM = 'BLOCKED_CLAIM'; const NO_FILE = 'NO_FILE'; const UNAPPROVED_CHANNEL = 'UNAPPROVED_CHANNEL'; -const { publishing: { serveOnlyApproved, approvedChannels } } = require('@config/siteConfig'); +const { publishing: { serveOnlyApproved } } = require('@config/siteConfig'); const getClaimIdAndServeAsset = (channelName, channelClaimId, claimName, claimId, originalUrl, ip, res) => { getClaimId(channelName, channelClaimId, claimName, claimId) @@ -28,7 +29,7 @@ const getClaimIdAndServeAsset = (channelName, channelClaimId, claimName, claimId }); }) .then(claim => { - if (serveOnlyApproved && !approvedChannels.includes(claim.dataValues.certificateId)) { + if (serveOnlyApproved && !isApprovedChannel({ longId: claim.dataValues.certificateId })) { throw new Error(UNAPPROVED_CHANNEL); } logger.debug('Outpoint:', claim.dataValues.outpoint); diff --git a/server/models/claim.js b/server/models/claim.js index 55010987..6917d189 100644 --- a/server/models/claim.js +++ b/server/models/claim.js @@ -1,7 +1,8 @@ const logger = require('winston'); const returnShortId = require('./utils/returnShortId.js'); const { assetDefaults: { thumbnail: defaultThumbnail }, details: { host } } = require('@config/siteConfig'); -const { publishing: { serveOnlyApproved, approvedChannels } } = require('@config/siteConfig'); +const { publishing: { serveOnlyApproved } } = require('@config/siteConfig'); +const isApprovedChannel = require('../utils/isApprovedChannel'); const NO_CLAIM = 'NO_CLAIM'; const NOT_ALLOWED = 'NOT_ALLOWED'; @@ -364,7 +365,7 @@ module.exports = (sequelize, { STRING, BOOLEAN, INTEGER, TEXT, DECIMAL }) => { where: { name, claimId }, }) .then(claimArray => { - if (serveOnlyApproved && !approvedChannels.includes(claimArray[0].dataValues.certificateId)) { + if (serveOnlyApproved && !isApprovedChannel({ longId: claimArray[0].dataValues.certificateId })) { reject(NOT_ALLOWED); } switch (claimArray.length) { diff --git a/server/utils/isApprovedChannel.js b/server/utils/isApprovedChannel.js new file mode 100644 index 00000000..e1b451e2 --- /dev/null +++ b/server/utils/isApprovedChannel.js @@ -0,0 +1,11 @@ +const { publishing: { approvedChannels } } = require('@config/siteConfig'); + +function isApprovedChannel (channel, channels = approvedChannels) { + const { name, shortId: short, longId: long } = channel; + return Boolean( + (long && channels.find(chan => chan.longId === long)) || + (name && short && channels.find(chan => chan.name === name && chan.shortId === short)) + ); +} + +module.exports = isApprovedChannel;