From 9fac5158853e23fea48abb2bb4e7784354d32f5f Mon Sep 17 00:00:00 2001 From: Marcel Klehr Date: Mon, 7 Oct 2013 18:54:57 +0200 Subject: [PATCH 1/2] Revert "do not pass historical author data to read only users" This reverts commit b32aaaeb1b89d1b9dac095689fe9af44994fe95b. --- src/node/handler/PadMessageHandler.js | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/node/handler/PadMessageHandler.js b/src/node/handler/PadMessageHandler.js index ed05c0d3..a79d2410 100644 --- a/src/node/handler/PadMessageHandler.js +++ b/src/node/handler/PadMessageHandler.js @@ -1016,10 +1016,6 @@ function handleClientReady(client, message) // Warning: never ever send padIds.padId to the client. If the // client is read only you would open a security hole 1 swedish // mile wide... - // Heh, turns out we already did when we sent historicalAuthorData so - // if it's a readonly pad request don't send the pad IDs of the author - if(sessioninfos[client.id].readonly) historicalAuthorData = {}; - var clientVars = { "accountPrivs": { "maxRevisions": 100 From de73de38b177ca8e8052e688b88377e11fdda683 Mon Sep 17 00:00:00 2001 From: Marcel Klehr Date: Mon, 7 Oct 2013 18:58:20 +0200 Subject: [PATCH 2/2] Filter author attribs in client_vars.historicalAuthorData --- src/node/handler/PadMessageHandler.js | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/node/handler/PadMessageHandler.js b/src/node/handler/PadMessageHandler.js index a79d2410..4adf6002 100644 --- a/src/node/handler/PadMessageHandler.js +++ b/src/node/handler/PadMessageHandler.js @@ -953,8 +953,7 @@ function handleClientReady(client, message) authorManager.getAuthor(authorId, function(err, author) { if(ERR(err, callback)) return; - delete author.timestamp; - historicalAuthorData[authorId] = author; + historicalAuthorData[authorId] = {name: author.name, colorId: author.colorId}; // Filter author attribs (e.g. don't send author's pads to all clients) callback(); }); }, callback);