From 6fcc507f182275468098b048f0744e8abc8cabd4 Mon Sep 17 00:00:00 2001 From: Diego Sampaio Date: Thu, 23 Apr 2020 16:06:57 -0300 Subject: [PATCH] Fix allowing blocking an user on channels --- app/authorization/server/functions/canSendMessage.js | 9 ++++++--- app/lib/lib/roomTypes/private.js | 11 ++++++++--- app/lib/lib/roomTypes/public.js | 11 ++++++++--- 3 files changed, 22 insertions(+), 9 deletions(-) diff --git a/app/authorization/server/functions/canSendMessage.js b/app/authorization/server/functions/canSendMessage.js index c303154e16b6..10f1a33c7281 100644 --- a/app/authorization/server/functions/canSendMessage.js +++ b/app/authorization/server/functions/canSendMessage.js @@ -1,6 +1,7 @@ import { canAccessRoomAsync } from './canAccessRoom'; import { hasPermissionAsync } from './hasPermission'; import { Subscriptions, Rooms } from '../../../models/server/raw'; +import { roomTypes, RoomMemberActions } from '../../../utils/server'; const subscriptionOptions = { projection: { @@ -16,9 +17,11 @@ export const canSendMessageAsync = async (rid, { uid, username, type }, extraDat throw new Error('error-not-allowed'); } - const subscription = await Subscriptions.findOneByRoomIdAndUserId(rid, uid, subscriptionOptions); - if (subscription && (subscription.blocked || subscription.blocker)) { - throw new Error('room_is_blocked'); + if (roomTypes.getConfig(room.t).allowMemberAction(room, RoomMemberActions.BLOCK)) { + const subscription = await Subscriptions.findOneByRoomIdAndUserId(rid, uid, subscriptionOptions); + if (subscription && (subscription.blocked || subscription.blocker)) { + throw new Error('room_is_blocked'); + } } if (room.ro === true && !await hasPermissionAsync(uid, 'post-readonly', rid)) { diff --git a/app/lib/lib/roomTypes/private.js b/app/lib/lib/roomTypes/private.js index 219ebbc8e9dd..54f669d3c096 100644 --- a/app/lib/lib/roomTypes/private.js +++ b/app/lib/lib/roomTypes/private.js @@ -4,7 +4,7 @@ import { ChatRoom, ChatSubscription } from '../../../models'; import { openRoom } from '../../../ui-utils'; import { settings } from '../../../settings'; import { hasAtLeastOnePermission, hasPermission } from '../../../authorization'; -import { getUserPreference, RoomSettingsEnum, RoomTypeConfig, RoomTypeRouteConfig, UiTextContext, roomTypes } from '../../../utils'; +import { getUserPreference, RoomSettingsEnum, RoomTypeConfig, RoomTypeRouteConfig, UiTextContext, roomTypes, RoomMemberActions } from '../../../utils'; import { getRoomAvatarURL } from '../../../utils/lib/getRoomAvatarURL'; import { getAvatarURL } from '../../../utils/lib/getAvatarURL'; @@ -98,8 +98,13 @@ export class PrivateRoomType extends RoomTypeConfig { } } - allowMemberAction(/* room, action */) { - return true; + allowMemberAction(room, action) { + switch (action) { + case RoomMemberActions.BLOCK: + return false; + default: + return true; + } } enableMembersListProfile() { diff --git a/app/lib/lib/roomTypes/public.js b/app/lib/lib/roomTypes/public.js index 8732e6d13d9c..70b2dc3fd41a 100644 --- a/app/lib/lib/roomTypes/public.js +++ b/app/lib/lib/roomTypes/public.js @@ -4,7 +4,7 @@ import { openRoom } from '../../../ui-utils'; import { ChatRoom, ChatSubscription } from '../../../models'; import { settings } from '../../../settings'; import { hasAtLeastOnePermission } from '../../../authorization'; -import { getUserPreference, RoomTypeConfig, RoomTypeRouteConfig, RoomSettingsEnum, UiTextContext } from '../../../utils'; +import { getUserPreference, RoomTypeConfig, RoomTypeRouteConfig, RoomSettingsEnum, UiTextContext, RoomMemberActions } from '../../../utils'; import { getAvatarURL } from '../../../utils/lib/getAvatarURL'; export class PublicRoomRoute extends RoomTypeRouteConfig { @@ -113,8 +113,13 @@ export class PublicRoomType extends RoomTypeConfig { } } - allowMemberAction(/* room, action */) { - return true; + allowMemberAction(room, action) { + switch (action) { + case RoomMemberActions.BLOCK: + return false; + default: + return true; + } } getUiText(context) {