reject requests for content from unapproved channels when serveApprovedOnly

This commit is contained in:
Travis Eden 2018-09-17 09:01:46 -04:00
parent 02b82240dd
commit 1358215e6f
3 changed files with 34 additions and 4 deletions

View file

@ -1,6 +1,7 @@
const { handleErrorResponse } = require('../../../utils/errorHandlers.js'); const { handleErrorResponse } = require('../../../utils/errorHandlers.js');
const getChannelData = require('./getChannelData.js'); const getChannelData = require('./getChannelData.js');
const { publishing: { serveOnlyApproved, approvedChannels } } = require('@config/siteConfig');
const NO_CHANNEL = 'NO_CHANNEL'; const NO_CHANNEL = 'NO_CHANNEL';
@ -14,6 +15,12 @@ const channelData = ({ ip, originalUrl, body, params }, res) => {
const channelName = params.channelName; const channelName = params.channelName;
let channelClaimId = params.channelClaimId; let channelClaimId = params.channelClaimId;
if (channelClaimId === 'none') channelClaimId = null; if (channelClaimId === 'none') channelClaimId = null;
if (serveOnlyApproved && approvedChannels && !approvedChannels.includes(channelClaimId)) {
return res.status(404).json({
success: false,
message: 'This spee.ch instance serves limited content which does not include this asset',
});
}
getChannelData(channelName, channelClaimId) getChannelData(channelName, channelClaimId)
.then(data => { .then(data => {
res.status(200).json({ res.status(200).json({

View file

@ -11,17 +11,28 @@ const NO_CHANNEL = 'NO_CHANNEL';
const NO_CLAIM = 'NO_CLAIM'; const NO_CLAIM = 'NO_CLAIM';
const BLOCKED_CLAIM = 'BLOCKED_CLAIM'; const BLOCKED_CLAIM = 'BLOCKED_CLAIM';
const NO_FILE = 'NO_FILE'; const NO_FILE = 'NO_FILE';
const UNAPPROVED_CHANNEL = 'UNAPPROVED_CHANNEL';
const { publishing: { serveOnlyApproved, approvedChannels } } = require('@config/siteConfig');
const getClaimIdAndServeAsset = (channelName, channelClaimId, claimName, claimId, originalUrl, ip, res) => { const getClaimIdAndServeAsset = (channelName, channelClaimId, claimName, claimId, originalUrl, ip, res) => {
getClaimId(channelName, channelClaimId, claimName, claimId) getClaimId(channelName, channelClaimId, claimName, claimId)
.then(fullClaimId => { .then(fullClaimId => {
claimId = fullClaimId; claimId = fullClaimId;
logger.debug('Full claim id:', fullClaimId); logger.debug('Full claim id:', fullClaimId);
return db.Claim.getOutpoint(claimName, fullClaimId); return db.Claim.findOne({
where: {
name : claimName,
claimId: fullClaimId,
},
});
}) })
.then(outpoint => { .then(claim => {
logger.debug('Outpoint:', outpoint); if (serveOnlyApproved && !approvedChannels.includes(claim.dataValues.certificateId)) {
return db.Blocked.isNotBlocked(outpoint); throw new Error(UNAPPROVED_CHANNEL);
}
logger.debug('Outpoint:', claim.dataValues.outpoint);
return db.Blocked.isNotBlocked(claim.dataValues.outpoint);
}) })
.then(() => { .then(() => {
return db.File.findOne({ return db.File.findOne({
@ -52,6 +63,13 @@ const getClaimIdAndServeAsset = (channelName, channelClaimId, claimName, claimId
message: 'No matching channel id could be found for that url', message: 'No matching channel id could be found for that url',
}); });
} }
if (error === UNAPPROVED_CHANNEL) {
logger.debug('unapproved channel');
return res.status(400).json({
success: false,
message: 'This spee.ch instance serves limited content which does not include this asset',
});
}
if (error === BLOCKED_CLAIM) { if (error === BLOCKED_CLAIM) {
logger.debug('claim was blocked'); logger.debug('claim was blocked');
return res.status(451).json({ return res.status(451).json({

View file

@ -1,8 +1,10 @@
const logger = require('winston'); const logger = require('winston');
const returnShortId = require('./utils/returnShortId.js'); const returnShortId = require('./utils/returnShortId.js');
const { assetDefaults: { thumbnail: defaultThumbnail }, details: { host } } = require('@config/siteConfig'); const { assetDefaults: { thumbnail: defaultThumbnail }, details: { host } } = require('@config/siteConfig');
const { publishing: { serveOnlyApproved, approvedChannels } } = require('@config/siteConfig');
const NO_CLAIM = 'NO_CLAIM'; const NO_CLAIM = 'NO_CLAIM';
const NOT_ALLOWED = 'NOT_ALLOWED';
function determineFileExtensionFromContentType (contentType) { function determineFileExtensionFromContentType (contentType) {
switch (contentType) { switch (contentType) {
@ -362,6 +364,9 @@ module.exports = (sequelize, { STRING, BOOLEAN, INTEGER, TEXT, DECIMAL }) => {
where: { name, claimId }, where: { name, claimId },
}) })
.then(claimArray => { .then(claimArray => {
if (serveOnlyApproved && !approvedChannels.includes(claimArray[0].dataValues.certificateId)) {
reject(NOT_ALLOWED);
}
switch (claimArray.length) { switch (claimArray.length) {
case 0: case 0:
return resolve(null); return resolve(null);