fuwafuwa
/
etherpad-lite
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

docs for handle message security

This commit is contained in:
John McLear 2015-05-20 01:09:35 +01:00
parent 3944a0e79b
commit 48da5c1ab1
1 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
doc/api/hooks_server-side.md
View File

@ -214,6 +214,32 @@ function handleMessage ( hook, context, callback ) {
}; };
``` ```
## handleMessageSecurity
Called from: src/node/handler/PadMessageHandler.js
Things in context:
1. message - the message being handled
2. client - the client object from socket.io
This hook will be called once a message arrives. If a plugin calls `callback(true)` the message will be allowed to be processed. This is especially useful if you want read only pad visitors to update pad contents for whatever reason.
**WARNING**: handleMessageSecurity will be called, even if the client is not authorized to send this message. It's up to the plugin to check permissions.
Example:
```
function handleMessageSecurity ( hook, context, callback ) {
if ( context.message.boomerang == 'hipster' ) {
// If the message boomer is hipster, allow the request
callback(true);
}else{
callback();
}
};
```
## clientVars ## clientVars
Called from: src/node/handler/PadMessageHandler.js Called from: src/node/handler/PadMessageHandler.js