fuwafuwa
/
etherpad-lite
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #1753 from ether/dont-crash-noauth 

dont crash on no auth, just a bandaid
This commit is contained in:
John McLear 2013-06-18 07:52:34 -07:00
parent 315e229c83 bf4c86ed94
commit ee8af3454c
1 changed files with 26 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
src/node/handler/PadMessageHandler.js
View File

@ -230,22 +230,30 @@ exports.handleMessage = function(client, message)
// FIXME: Call our "sessions" "connections". // FIXME: Call our "sessions" "connections".
// FIXME: Use a hook instead // FIXME: Use a hook instead
// FIXME: Allow to override readwrite access with readonly // FIXME: Allow to override readwrite access with readonly
var auth = sessioninfos[client.id].auth;
securityManager.checkAccess(auth.padID, auth.sessionID, auth.token, auth.password, function(err, statusObject)
{
if(ERR(err, callback)) return;
//access was granted // FIXME: A message might arrive but wont have an auth object, this is obviously bad so we should deny it
if(statusObject.accessStatus == "grant") // Simulate using the load testing tool
if(!sessioninfos[client.id].auth){
console.error("Auth was never applied to a session. If you are using the stress-test tool then restart Etherpad and the Stress test tool.")
callback();
}else{
var auth = sessioninfos[client.id].auth;
securityManager.checkAccess(auth.padID, auth.sessionID, auth.token, auth.password, function(err, statusObject)
{ {
callback(); if(ERR(err, callback)) return;
}
//no access, send the client a message that tell him why //access was granted
else if(statusObject.accessStatus == "grant")
{ {
client.json.send({accessStatus: statusObject.accessStatus}) callback();
} }
}); //no access, send the client a message that tell him why
else
{
client.json.send({accessStatus: statusObject.accessStatus})
}
});
}
}, },
finalHandler finalHandler
]); ]);
@ -684,7 +692,10 @@ function handleUserChanges(data, cb)
pad.appendRevision(nlChangeset); pad.appendRevision(nlChangeset);
} }
exports.updatePadClients(pad, callback); exports.updatePadClients(pad, function(er) {
ERR(er)
});
callback();
} }
], function(err) ], function(err)
{ {