Merge pull request #1753 from ether/dont-crash-noauth
dont crash on no auth, just a bandaid
This commit is contained in:
John McLear
commit
ee8af3454c
1 changed files with 26 additions and 15 deletions
|
|
@ -230,22 +230,30 @@ exports.handleMessage = function(client, message)
|
||||||
// FIXME: Call our "sessions" "connections".
|
// FIXME: Call our "sessions" "connections".
|
||||||
// FIXME: Use a hook instead
|
// FIXME: Use a hook instead
|
||||||
// FIXME: Allow to override readwrite access with readonly
|
// FIXME: Allow to override readwrite access with readonly
|
||||||
var auth = sessioninfos[client.id].auth;
|
|
||||||
securityManager.checkAccess(auth.padID, auth.sessionID, auth.token, auth.password, function(err, statusObject)
|
|
||||||
{
|
|
||||||
if(ERR(err, callback)) return;
|
|
||||||
|
|
||||||
//access was granted
|
// FIXME: A message might arrive but wont have an auth object, this is obviously bad so we should deny it
|
||||||
if(statusObject.accessStatus == "grant")
|
// Simulate using the load testing tool
|
||||||
|
if(!sessioninfos[client.id].auth){
|
||||||
|
console.error("Auth was never applied to a session. If you are using the stress-test tool then restart Etherpad and the Stress test tool.")
|
||||||
|
callback();
|
||||||
|
}else{
|
||||||
|
var auth = sessioninfos[client.id].auth;
|
||||||
|
securityManager.checkAccess(auth.padID, auth.sessionID, auth.token, auth.password, function(err, statusObject)
|
||||||
{
|
{
|
||||||
callback();
|
if(ERR(err, callback)) return;
|
||||||
}
|
|
||||||
//no access, send the client a message that tell him why
|
//access was granted
|
||||||
else
|
if(statusObject.accessStatus == "grant")
|
||||||
{
|
{
|
||||||
client.json.send({accessStatus: statusObject.accessStatus})
|
callback();
|
||||||
}
|
}
|
||||||
});
|
//no access, send the client a message that tell him why
|
||||||
|
else
|
||||||
|
{
|
||||||
|
client.json.send({accessStatus: statusObject.accessStatus})
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
},
|
},
|
||||||
finalHandler
|
finalHandler
|
||||||
]);
|
]);
|
||||||
|
|
@ -684,7 +692,10 @@ function handleUserChanges(data, cb)
|
||||||
pad.appendRevision(nlChangeset);
|
pad.appendRevision(nlChangeset);
|
||||||
}
|
}
|
||||||
|
|
||||||
exports.updatePadClients(pad, callback);
|
exports.updatePadClients(pad, function(er) {
|
||||||
|
ERR(er)
|
||||||
|
});
|
||||||
|
callback();
|
||||||
}
|
}
|
||||||
], function(err)
|
], function(err)
|
||||||
{
|
{
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue