Loading server/api_group.go +3 −3 Original line number Diff line number Diff line Loading @@ -423,7 +423,7 @@ func (s *ApiServer) AddGroupUsers(ctx context.Context, in *api.AddGroupUsersRequ userIDs := make([]uuid.UUID, 0, len(in.GetUserIds())) for _, id := range in.GetUserIds() { uid := uuid.FromStringOrNil(id) if uuid.Equal(uuid.Nil, uid) { if uid == uuid.Nil { return nil, status.Error(codes.InvalidArgument, "User ID must be a valid ID.") } userIDs = append(userIDs, uid) Loading Loading @@ -505,7 +505,7 @@ func (s *ApiServer) KickGroupUsers(ctx context.Context, in *api.KickGroupUsersRe userIDs := make([]uuid.UUID, 0, len(in.GetUserIds())) for _, id := range in.GetUserIds() { uid := uuid.FromStringOrNil(id) if uuid.Equal(uuid.Nil, uid) { if uid == uuid.Nil { return nil, status.Error(codes.InvalidArgument, "User ID must be a valid ID.") } userIDs = append(userIDs, uid) Loading Loading @@ -584,7 +584,7 @@ func (s *ApiServer) PromoteGroupUsers(ctx context.Context, in *api.PromoteGroupU userIDs := make([]uuid.UUID, 0, len(in.GetUserIds())) for _, id := range in.GetUserIds() { uid := uuid.FromStringOrNil(id) if uuid.Equal(uuid.Nil, uid) { if uid == uuid.Nil { return nil, status.Error(codes.InvalidArgument, "User ID must be a valid ID.") } userIDs = append(userIDs, uid) Loading server/api_storage.go +1 −1 Original line number Diff line number Diff line Loading @@ -147,7 +147,7 @@ func (s *ApiServer) ReadStorageObjects(ctx context.Context, in *api.ReadStorageO } if object.GetUserId() != "" { if uid, err := uuid.FromString(object.GetUserId()); err != nil || uuid.Equal(uid, uuid.Nil) { if uid, err := uuid.FromString(object.GetUserId()); err != nil || uid == uuid.Nil { return nil, status.Error(codes.InvalidArgument, "Invalid user ID - make sure user ID is a valid UUID.") } } Loading server/core_channel.go +1 −1 Original line number Diff line number Diff line Loading @@ -86,7 +86,7 @@ func ChannelMessagesList(ctx context.Context, logger *zap.Logger, db *sql.DB, ca } // If it's a group, check membership. if !uuid.Equal(uuid.Nil, caller) && stream.Mode == StreamModeGroup { if caller != uuid.Nil && stream.Mode == StreamModeGroup { allowed, err := groupCheckUserPermission(ctx, logger, db, stream.Subject, caller, 2) if err != nil { return nil, err Loading server/core_group.go +9 −9 Original line number Diff line number Diff line Loading @@ -53,7 +53,7 @@ type groupListCursor struct { } func CreateGroup(ctx context.Context, logger *zap.Logger, db *sql.DB, userID uuid.UUID, creatorID uuid.UUID, name, lang, desc, avatarURL, metadata string, open bool, maxCount int) (*api.Group, error) { if uuid.Equal(uuid.Nil, userID) { if userID == uuid.Nil { logger.Panic("This function must be used with non-system user ID.") } Loading Loading @@ -145,7 +145,7 @@ RETURNING id, creator_id, name, description, avatar_url, state, edge_count, lang } func UpdateGroup(ctx context.Context, logger *zap.Logger, db *sql.DB, groupID uuid.UUID, userID uuid.UUID, creatorID uuid.UUID, name, lang, desc, avatar, metadata *wrappers.StringValue, open *wrappers.BoolValue, maxCount int) error { if !uuid.Equal(uuid.Nil, userID) { if userID != uuid.Nil { allowedUser, err := groupCheckUserPermission(ctx, logger, db, groupID, userID, 1) if err != nil { return err Loading Loading @@ -249,7 +249,7 @@ func UpdateGroup(ctx context.Context, logger *zap.Logger, db *sql.DB, groupID uu } func DeleteGroup(ctx context.Context, logger *zap.Logger, db *sql.DB, groupID uuid.UUID, userID uuid.UUID) error { if !uuid.Equal(uuid.Nil, userID) { if userID != uuid.Nil { // only super-admins can delete group. allowedUser, err := groupCheckUserPermission(ctx, logger, db, groupID, userID, 0) if err != nil { Loading Loading @@ -432,7 +432,7 @@ func LeaveGroup(ctx context.Context, logger *zap.Logger, db *sql.DB, groupID uui } func AddGroupUsers(ctx context.Context, logger *zap.Logger, db *sql.DB, caller uuid.UUID, groupID uuid.UUID, userIDs []uuid.UUID) error { if !uuid.Equal(uuid.Nil, caller) { if caller != uuid.Nil { var dbState sql.NullInt64 query := "SELECT state FROM group_edge WHERE source_id = $1::UUID AND destination_id = $2::UUID" if err := db.QueryRowContext(ctx, query, groupID, caller).Scan(&dbState); err != nil { Loading Loading @@ -470,7 +470,7 @@ func AddGroupUsers(ctx context.Context, logger *zap.Logger, db *sql.DB, caller u if err := crdb.ExecuteInTx(ctx, tx, func() error { for _, uid := range userIDs { if uuid.Equal(caller, uid) { if uid == caller { continue } Loading Loading @@ -525,7 +525,7 @@ func AddGroupUsers(ctx context.Context, logger *zap.Logger, db *sql.DB, caller u func KickGroupUsers(ctx context.Context, logger *zap.Logger, db *sql.DB, caller uuid.UUID, groupID uuid.UUID, userIDs []uuid.UUID) error { myState := 0 if !uuid.Equal(uuid.Nil, caller) { if caller != uuid.Nil { var dbState sql.NullInt64 query := "SELECT state FROM group_edge WHERE source_id = $1::UUID AND destination_id = $2::UUID" if err := db.QueryRowContext(ctx, query, groupID, caller).Scan(&dbState); err != nil { Loading Loading @@ -553,7 +553,7 @@ func KickGroupUsers(ctx context.Context, logger *zap.Logger, db *sql.DB, caller if err := crdb.ExecuteInTx(ctx, tx, func() error { for _, uid := range userIDs { // shouldn't kick self if uuid.Equal(caller, uid) { if uid == caller { continue } Loading Loading @@ -627,7 +627,7 @@ RETURNING state` func PromoteGroupUsers(ctx context.Context, logger *zap.Logger, db *sql.DB, caller uuid.UUID, groupID uuid.UUID, userIDs []uuid.UUID) error { myState := 0 if !uuid.Equal(uuid.Nil, caller) { if caller != uuid.Nil { var dbState sql.NullInt64 query := "SELECT state FROM group_edge WHERE source_id = $1::UUID AND destination_id = $2::UUID" if err := db.QueryRowContext(ctx, query, groupID, caller).Scan(&dbState); err != nil { Loading Loading @@ -666,7 +666,7 @@ func PromoteGroupUsers(ctx context.Context, logger *zap.Logger, db *sql.DB, call if err := crdb.ExecuteInTx(ctx, tx, func() error { for _, uid := range userIDs { if uuid.Equal(caller, uid) { if uid == caller { continue } Loading server/core_storage.go +7 −6 Original line number Diff line number Diff line Loading @@ -56,14 +56,14 @@ func StorageListObjects(ctx context.Context, logger *zap.Logger, db *sql.DB, cal var result *api.StorageObjectList var resultErr error if uuid.Equal(caller, uuid.Nil) { if caller == uuid.Nil { // disregard permissions result, resultErr = StorageListObjectsUser(ctx, logger, db, true, ownerID, collection, limit, cursor, sc) } else if uuid.Equal(ownerID, uuid.Nil) { } else if ownerID == uuid.Nil { // not authoritative but trying to list global data from context of a user. result, resultErr = StorageListObjectsPublicRead(ctx, logger, db, collection, limit, cursor, sc) } else { if uuid.Equal(caller, ownerID) { if caller == ownerID { // trying to list own user data result, resultErr = StorageListObjectsUser(ctx, logger, db, false, ownerID, collection, limit, cursor, sc) } else { Loading Loading @@ -310,7 +310,8 @@ func StorageReadObjects(ctx context.Context, logger *zap.Logger, db *sql.DB, cal whereClause += " OR " } if uuid.Equal(caller, uuid.Nil) { // Disregard permissions if called authoritatively. if caller == uuid.Nil { // Disregard permissions if called authoritatively. whereClause += fmt.Sprintf(" (collection = $%v AND key = $%v AND user_id = $%v) ", l+1, l+2, l+3) if id.UserId == "" { params = append(params, id.Collection, id.Key, uuid.Nil) Loading Loading @@ -360,7 +361,7 @@ WHERE o.CreateTime.Seconds = createTime.Time.Unix() o.UpdateTime.Seconds = updateTime.Time.Unix() if !uuid.Equal(uuid.FromStringOrNil(userID.String), uuid.Nil) { if uuid.FromStringOrNil(userID.String) != uuid.Nil { o.UserId = userID.String } funcObjects.Objects = append(funcObjects.Objects, o) Loading Loading @@ -428,7 +429,7 @@ func storageWriteObject(ctx context.Context, logger *zap.Logger, tx *sql.Tx, aut query, params := getStorageWriteQuery(authoritativeWrite, object.GetVersion(), params) ack := &api.StorageObjectAck{} if !uuid.Equal(ownerID, uuid.Nil) { if ownerID != uuid.Nil { ack.UserId = ownerID.String() } Loading Loading
server/api_group.go +3 −3 Original line number Diff line number Diff line Loading @@ -423,7 +423,7 @@ func (s *ApiServer) AddGroupUsers(ctx context.Context, in *api.AddGroupUsersRequ userIDs := make([]uuid.UUID, 0, len(in.GetUserIds())) for _, id := range in.GetUserIds() { uid := uuid.FromStringOrNil(id) if uuid.Equal(uuid.Nil, uid) { if uid == uuid.Nil { return nil, status.Error(codes.InvalidArgument, "User ID must be a valid ID.") } userIDs = append(userIDs, uid) Loading Loading @@ -505,7 +505,7 @@ func (s *ApiServer) KickGroupUsers(ctx context.Context, in *api.KickGroupUsersRe userIDs := make([]uuid.UUID, 0, len(in.GetUserIds())) for _, id := range in.GetUserIds() { uid := uuid.FromStringOrNil(id) if uuid.Equal(uuid.Nil, uid) { if uid == uuid.Nil { return nil, status.Error(codes.InvalidArgument, "User ID must be a valid ID.") } userIDs = append(userIDs, uid) Loading Loading @@ -584,7 +584,7 @@ func (s *ApiServer) PromoteGroupUsers(ctx context.Context, in *api.PromoteGroupU userIDs := make([]uuid.UUID, 0, len(in.GetUserIds())) for _, id := range in.GetUserIds() { uid := uuid.FromStringOrNil(id) if uuid.Equal(uuid.Nil, uid) { if uid == uuid.Nil { return nil, status.Error(codes.InvalidArgument, "User ID must be a valid ID.") } userIDs = append(userIDs, uid) Loading
server/api_storage.go +1 −1 Original line number Diff line number Diff line Loading @@ -147,7 +147,7 @@ func (s *ApiServer) ReadStorageObjects(ctx context.Context, in *api.ReadStorageO } if object.GetUserId() != "" { if uid, err := uuid.FromString(object.GetUserId()); err != nil || uuid.Equal(uid, uuid.Nil) { if uid, err := uuid.FromString(object.GetUserId()); err != nil || uid == uuid.Nil { return nil, status.Error(codes.InvalidArgument, "Invalid user ID - make sure user ID is a valid UUID.") } } Loading
server/core_channel.go +1 −1 Original line number Diff line number Diff line Loading @@ -86,7 +86,7 @@ func ChannelMessagesList(ctx context.Context, logger *zap.Logger, db *sql.DB, ca } // If it's a group, check membership. if !uuid.Equal(uuid.Nil, caller) && stream.Mode == StreamModeGroup { if caller != uuid.Nil && stream.Mode == StreamModeGroup { allowed, err := groupCheckUserPermission(ctx, logger, db, stream.Subject, caller, 2) if err != nil { return nil, err Loading
server/core_group.go +9 −9 Original line number Diff line number Diff line Loading @@ -53,7 +53,7 @@ type groupListCursor struct { } func CreateGroup(ctx context.Context, logger *zap.Logger, db *sql.DB, userID uuid.UUID, creatorID uuid.UUID, name, lang, desc, avatarURL, metadata string, open bool, maxCount int) (*api.Group, error) { if uuid.Equal(uuid.Nil, userID) { if userID == uuid.Nil { logger.Panic("This function must be used with non-system user ID.") } Loading Loading @@ -145,7 +145,7 @@ RETURNING id, creator_id, name, description, avatar_url, state, edge_count, lang } func UpdateGroup(ctx context.Context, logger *zap.Logger, db *sql.DB, groupID uuid.UUID, userID uuid.UUID, creatorID uuid.UUID, name, lang, desc, avatar, metadata *wrappers.StringValue, open *wrappers.BoolValue, maxCount int) error { if !uuid.Equal(uuid.Nil, userID) { if userID != uuid.Nil { allowedUser, err := groupCheckUserPermission(ctx, logger, db, groupID, userID, 1) if err != nil { return err Loading Loading @@ -249,7 +249,7 @@ func UpdateGroup(ctx context.Context, logger *zap.Logger, db *sql.DB, groupID uu } func DeleteGroup(ctx context.Context, logger *zap.Logger, db *sql.DB, groupID uuid.UUID, userID uuid.UUID) error { if !uuid.Equal(uuid.Nil, userID) { if userID != uuid.Nil { // only super-admins can delete group. allowedUser, err := groupCheckUserPermission(ctx, logger, db, groupID, userID, 0) if err != nil { Loading Loading @@ -432,7 +432,7 @@ func LeaveGroup(ctx context.Context, logger *zap.Logger, db *sql.DB, groupID uui } func AddGroupUsers(ctx context.Context, logger *zap.Logger, db *sql.DB, caller uuid.UUID, groupID uuid.UUID, userIDs []uuid.UUID) error { if !uuid.Equal(uuid.Nil, caller) { if caller != uuid.Nil { var dbState sql.NullInt64 query := "SELECT state FROM group_edge WHERE source_id = $1::UUID AND destination_id = $2::UUID" if err := db.QueryRowContext(ctx, query, groupID, caller).Scan(&dbState); err != nil { Loading Loading @@ -470,7 +470,7 @@ func AddGroupUsers(ctx context.Context, logger *zap.Logger, db *sql.DB, caller u if err := crdb.ExecuteInTx(ctx, tx, func() error { for _, uid := range userIDs { if uuid.Equal(caller, uid) { if uid == caller { continue } Loading Loading @@ -525,7 +525,7 @@ func AddGroupUsers(ctx context.Context, logger *zap.Logger, db *sql.DB, caller u func KickGroupUsers(ctx context.Context, logger *zap.Logger, db *sql.DB, caller uuid.UUID, groupID uuid.UUID, userIDs []uuid.UUID) error { myState := 0 if !uuid.Equal(uuid.Nil, caller) { if caller != uuid.Nil { var dbState sql.NullInt64 query := "SELECT state FROM group_edge WHERE source_id = $1::UUID AND destination_id = $2::UUID" if err := db.QueryRowContext(ctx, query, groupID, caller).Scan(&dbState); err != nil { Loading Loading @@ -553,7 +553,7 @@ func KickGroupUsers(ctx context.Context, logger *zap.Logger, db *sql.DB, caller if err := crdb.ExecuteInTx(ctx, tx, func() error { for _, uid := range userIDs { // shouldn't kick self if uuid.Equal(caller, uid) { if uid == caller { continue } Loading Loading @@ -627,7 +627,7 @@ RETURNING state` func PromoteGroupUsers(ctx context.Context, logger *zap.Logger, db *sql.DB, caller uuid.UUID, groupID uuid.UUID, userIDs []uuid.UUID) error { myState := 0 if !uuid.Equal(uuid.Nil, caller) { if caller != uuid.Nil { var dbState sql.NullInt64 query := "SELECT state FROM group_edge WHERE source_id = $1::UUID AND destination_id = $2::UUID" if err := db.QueryRowContext(ctx, query, groupID, caller).Scan(&dbState); err != nil { Loading Loading @@ -666,7 +666,7 @@ func PromoteGroupUsers(ctx context.Context, logger *zap.Logger, db *sql.DB, call if err := crdb.ExecuteInTx(ctx, tx, func() error { for _, uid := range userIDs { if uuid.Equal(caller, uid) { if uid == caller { continue } Loading
server/core_storage.go +7 −6 Original line number Diff line number Diff line Loading @@ -56,14 +56,14 @@ func StorageListObjects(ctx context.Context, logger *zap.Logger, db *sql.DB, cal var result *api.StorageObjectList var resultErr error if uuid.Equal(caller, uuid.Nil) { if caller == uuid.Nil { // disregard permissions result, resultErr = StorageListObjectsUser(ctx, logger, db, true, ownerID, collection, limit, cursor, sc) } else if uuid.Equal(ownerID, uuid.Nil) { } else if ownerID == uuid.Nil { // not authoritative but trying to list global data from context of a user. result, resultErr = StorageListObjectsPublicRead(ctx, logger, db, collection, limit, cursor, sc) } else { if uuid.Equal(caller, ownerID) { if caller == ownerID { // trying to list own user data result, resultErr = StorageListObjectsUser(ctx, logger, db, false, ownerID, collection, limit, cursor, sc) } else { Loading Loading @@ -310,7 +310,8 @@ func StorageReadObjects(ctx context.Context, logger *zap.Logger, db *sql.DB, cal whereClause += " OR " } if uuid.Equal(caller, uuid.Nil) { // Disregard permissions if called authoritatively. if caller == uuid.Nil { // Disregard permissions if called authoritatively. whereClause += fmt.Sprintf(" (collection = $%v AND key = $%v AND user_id = $%v) ", l+1, l+2, l+3) if id.UserId == "" { params = append(params, id.Collection, id.Key, uuid.Nil) Loading Loading @@ -360,7 +361,7 @@ WHERE o.CreateTime.Seconds = createTime.Time.Unix() o.UpdateTime.Seconds = updateTime.Time.Unix() if !uuid.Equal(uuid.FromStringOrNil(userID.String), uuid.Nil) { if uuid.FromStringOrNil(userID.String) != uuid.Nil { o.UserId = userID.String } funcObjects.Objects = append(funcObjects.Objects, o) Loading Loading @@ -428,7 +429,7 @@ func storageWriteObject(ctx context.Context, logger *zap.Logger, tx *sql.Tx, aut query, params := getStorageWriteQuery(authoritativeWrite, object.GetVersion(), params) ack := &api.StorageObjectAck{} if !uuid.Equal(ownerID, uuid.Nil) { if ownerID != uuid.Nil { ack.UserId = ownerID.String() } Loading
