LBRYCommunity/spee.ch
1
0
Fork 0
Code Issues 95 Pull requests 2 Projects Releases 4 Packages Wiki Activity

reject requests for content from unapproved channels when serveApprovedOnly

Browse source
This commit is contained in:
Travis Eden 2018-09-17 09:01:46 -04:00
parent 02b82240dd
commit 1358215e6f
3 changed files with 34 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
server/controllers/api/channel/data/index.js
View file

@ -1,6 +1,7 @@
const { handleErrorResponse } = require('../../../utils/errorHandlers.js');
const getChannelData = require('./getChannelData.js');
const { publishing: { serveOnlyApproved, approvedChannels } } = require('@config/siteConfig');
const NO_CHANNEL = 'NO_CHANNEL';
@ -14,6 +15,12 @@ const channelData = ({ ip, originalUrl, body, params }, res) => {
const channelName = params.channelName;
let channelClaimId = params.channelClaimId;
if (channelClaimId === 'none') channelClaimId = null;
if (serveOnlyApproved && approvedChannels && !approvedChannels.includes(channelClaimId)) {
return res.status(404).json({
success: false,
message: 'This spee.ch instance serves limited content which does not include this asset',
});
}
getChannelData(channelName, channelClaimId)
.then(data => {
res.status(200).json({

26
server/controllers/assets/utils/getClaimIdAndServeAsset.js
View file

@ -11,17 +11,28 @@ const NO_CHANNEL = 'NO_CHANNEL';
const NO_CLAIM = 'NO_CLAIM';
const BLOCKED_CLAIM = 'BLOCKED_CLAIM';
const NO_FILE = 'NO_FILE';
const UNAPPROVED_CHANNEL = 'UNAPPROVED_CHANNEL';
const { publishing: { serveOnlyApproved, approvedChannels } } = require('@config/siteConfig');
const getClaimIdAndServeAsset = (channelName, channelClaimId, claimName, claimId, originalUrl, ip, res) => {
getClaimId(channelName, channelClaimId, claimName, claimId)
.then(fullClaimId => {
claimId = fullClaimId;
logger.debug('Full claim id:', fullClaimId);
return db.Claim.getOutpoint(claimName, fullClaimId);
return db.Claim.findOne({
where: {
name : claimName,
claimId: fullClaimId,
},
});
})
.then(outpoint => {
logger.debug('Outpoint:', outpoint);
return db.Blocked.isNotBlocked(outpoint);
.then(claim => {
if (serveOnlyApproved && !approvedChannels.includes(claim.dataValues.certificateId)) {
throw new Error(UNAPPROVED_CHANNEL);
}
logger.debug('Outpoint:', claim.dataValues.outpoint);
return db.Blocked.isNotBlocked(claim.dataValues.outpoint);
})
.then(() => {
return db.File.findOne({
@ -52,6 +63,13 @@ const getClaimIdAndServeAsset = (channelName, channelClaimId, claimName, claimId
message: 'No matching channel id could be found for that url',
});
}
if (error === UNAPPROVED_CHANNEL) {
logger.debug('unapproved channel');
return res.status(400).json({
success: false,
message: 'This spee.ch instance serves limited content which does not include this asset',
});
}
if (error === BLOCKED_CLAIM) {
logger.debug('claim was blocked');
return res.status(451).json({

5
server/models/claim.js
View file

@ -1,8 +1,10 @@
const logger = require('winston');
const returnShortId = require('./utils/returnShortId.js');
const { assetDefaults: { thumbnail: defaultThumbnail }, details: { host } } = require('@config/siteConfig');
const { publishing: { serveOnlyApproved, approvedChannels } } = require('@config/siteConfig');
const NO_CLAIM = 'NO_CLAIM';
const NOT_ALLOWED = 'NOT_ALLOWED';
function determineFileExtensionFromContentType (contentType) {
switch (contentType) {
@ -362,6 +364,9 @@ module.exports = (sequelize, { STRING, BOOLEAN, INTEGER, TEXT, DECIMAL }) => {
where: { name, claimId },
})
.then(claimArray => {
if (serveOnlyApproved && !approvedChannels.includes(claimArray[0].dataValues.certificateId)) {
reject(NOT_ALLOWED);
}
switch (claimArray.length) {
case 0:
return resolve(null);