]> git.r.bdr.sh - rbdr/mobius/blob - hotline/transaction_handlers.go
git.r.bdr.sh / rbdr / mobius / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix more filepaths
[rbdr/mobius] / hotline / transaction_handlers.go
1 package hotline
2
3 import (
4 "bytes"
5 "encoding/binary"
6 "errors"
7 "fmt"
8 "gopkg.in/yaml.v3"
9 "io/ioutil"
10 "math/big"
11 "os"
12 "path"
13 "path/filepath"
14 "sort"
15 "strings"
16 "time"
17 )
18
19 type TransactionType struct {
20 Handler func(*ClientConn, *Transaction) ([]Transaction, error) // function for handling the transaction type
21 Name string // Name of transaction as it will appear in logging
22 RequiredFields []requiredField
23 }
24
25 var TransactionHandlers = map[uint16]TransactionType{
26 // Server initiated
27 tranChatMsg: {
28 Name: "tranChatMsg",
29 },
30 // Server initiated
31 tranNotifyChangeUser: {
32 Name: "tranNotifyChangeUser",
33 },
34 tranError: {
35 Name: "tranError",
36 },
37 tranShowAgreement: {
38 Name: "tranShowAgreement",
39 },
40 tranUserAccess: {
41 Name: "tranUserAccess",
42 },
43 tranNotifyDeleteUser: {
44 Name: "tranNotifyDeleteUser",
45 },
46 tranAgreed: {
47 Name: "tranAgreed",
48 Handler: HandleTranAgreed,
49 },
50 tranChatSend: {
51 Name: "tranChatSend",
52 Handler: HandleChatSend,
53 RequiredFields: []requiredField{
54 {
55 ID: fieldData,
56 minLen: 0,
57 },
58 },
59 },
60 tranDelNewsArt: {
61 Name: "tranDelNewsArt",
62 Handler: HandleDelNewsArt,
63 },
64 tranDelNewsItem: {
65 Name: "tranDelNewsItem",
66 Handler: HandleDelNewsItem,
67 },
68 tranDeleteFile: {
69 Name: "tranDeleteFile",
70 Handler: HandleDeleteFile,
71 },
72 tranDeleteUser: {
73 Name: "tranDeleteUser",
74 Handler: HandleDeleteUser,
75 },
76 tranDisconnectUser: {
77 Name: "tranDisconnectUser",
78 Handler: HandleDisconnectUser,
79 },
80 tranDownloadFile: {
81 Name: "tranDownloadFile",
82 Handler: HandleDownloadFile,
83 },
84 tranDownloadFldr: {
85 Name: "tranDownloadFldr",
86 Handler: HandleDownloadFolder,
87 },
88 tranGetClientInfoText: {
89 Name: "tranGetClientInfoText",
90 Handler: HandleGetClientConnInfoText,
91 },
92 tranGetFileInfo: {
93 Name: "tranGetFileInfo",
94 Handler: HandleGetFileInfo,
95 },
96 tranGetFileNameList: {
97 Name: "tranGetFileNameList",
98 Handler: HandleGetFileNameList,
99 },
100 tranGetMsgs: {
101 Name: "tranGetMsgs",
102 Handler: HandleGetMsgs,
103 },
104 tranGetNewsArtData: {
105 Name: "tranGetNewsArtData",
106 Handler: HandleGetNewsArtData,
107 },
108 tranGetNewsArtNameList: {
109 Name: "tranGetNewsArtNameList",
110 Handler: HandleGetNewsArtNameList,
111 },
112 tranGetNewsCatNameList: {
113 Name: "tranGetNewsCatNameList",
114 Handler: HandleGetNewsCatNameList,
115 },
116 tranGetUser: {
117 Name: "tranGetUser",
118 Handler: HandleGetUser,
119 },
120 tranGetUserNameList: {
121 Name: "tranHandleGetUserNameList",
122 Handler: HandleGetUserNameList,
123 },
124 tranInviteNewChat: {
125 Name: "tranInviteNewChat",
126 Handler: HandleInviteNewChat,
127 },
128 tranInviteToChat: {
129 Name: "tranInviteToChat",
130 Handler: HandleInviteToChat,
131 },
132 tranJoinChat: {
133 Name: "tranJoinChat",
134 Handler: HandleJoinChat,
135 },
136 tranKeepAlive: {
137 Name: "tranKeepAlive",
138 Handler: HandleKeepAlive,
139 },
140 tranLeaveChat: {
141 Name: "tranJoinChat",
142 Handler: HandleLeaveChat,
143 },
144 tranListUsers: {
145 Name: "tranListUsers",
146 Handler: HandleListUsers,
147 },
148 tranMoveFile: {
149 Name: "tranMoveFile",
150 Handler: HandleMoveFile,
151 },
152 tranNewFolder: {
153 Name: "tranNewFolder",
154 Handler: HandleNewFolder,
155 },
156 tranNewNewsCat: {
157 Name: "tranNewNewsCat",
158 Handler: HandleNewNewsCat,
159 },
160 tranNewNewsFldr: {
161 Name: "tranNewNewsFldr",
162 Handler: HandleNewNewsFldr,
163 },
164 tranNewUser: {
165 Name: "tranNewUser",
166 Handler: HandleNewUser,
167 },
168 tranUpdateUser: {
169 Name: "tranUpdateUser",
170 Handler: HandleUpdateUser,
171 },
172 tranOldPostNews: {
173 Name: "tranOldPostNews",
174 Handler: HandleTranOldPostNews,
175 },
176 tranPostNewsArt: {
177 Name: "tranPostNewsArt",
178 Handler: HandlePostNewsArt,
179 },
180 tranRejectChatInvite: {
181 Name: "tranRejectChatInvite",
182 Handler: HandleRejectChatInvite,
183 },
184 tranSendInstantMsg: {
185 Name: "tranSendInstantMsg",
186 Handler: HandleSendInstantMsg,
187 RequiredFields: []requiredField{
188 {
189 ID: fieldData,
190 minLen: 0,
191 },
192 {
193 ID: fieldUserID,
194 },
195 },
196 },
197 tranSetChatSubject: {
198 Name: "tranSetChatSubject",
199 Handler: HandleSetChatSubject,
200 },
201 tranMakeFileAlias: {
202 Name: "tranMakeFileAlias",
203 Handler: HandleMakeAlias,
204 RequiredFields: []requiredField{
205 {ID: fieldFileName, minLen: 1},
206 {ID: fieldFilePath, minLen: 1},
207 {ID: fieldFileNewPath, minLen: 1},
208 },
209 },
210 tranSetClientUserInfo: {
211 Name: "tranSetClientUserInfo",
212 Handler: HandleSetClientUserInfo,
213 },
214 tranSetFileInfo: {
215 Name: "tranSetFileInfo",
216 Handler: HandleSetFileInfo,
217 },
218 tranSetUser: {
219 Name: "tranSetUser",
220 Handler: HandleSetUser,
221 },
222 tranUploadFile: {
223 Name: "tranUploadFile",
224 Handler: HandleUploadFile,
225 },
226 tranUploadFldr: {
227 Name: "tranUploadFldr",
228 Handler: HandleUploadFolder,
229 },
230 tranUserBroadcast: {
231 Name: "tranUserBroadcast",
232 Handler: HandleUserBroadcast,
233 },
234 }
235
236 func HandleChatSend(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
237 if !authorize(cc.Account.Access, accessSendChat) {
238 res = append(res, cc.NewErrReply(t, "You are not allowed to participate in chat."))
239 return res, err
240 }
241
242 // Truncate long usernames
243 trunc := fmt.Sprintf("%13s", cc.UserName)
244 formattedMsg := fmt.Sprintf("\r%.14s: %s", trunc, t.GetField(fieldData).Data)
245
246 // By holding the option key, Hotline chat allows users to send /me formatted messages like:
247 // *** Halcyon does stuff
248 // This is indicated by the presence of the optional field fieldChatOptions in the transaction payload
249 if t.GetField(fieldChatOptions).Data != nil {
250 formattedMsg = fmt.Sprintf("\r*** %s %s", cc.UserName, t.GetField(fieldData).Data)
251 }
252
253 chatID := t.GetField(fieldChatID).Data
254 // a non-nil chatID indicates the message belongs to a private chat
255 if chatID != nil {
256 chatInt := binary.BigEndian.Uint32(chatID)
257 privChat := cc.Server.PrivateChats[chatInt]
258
259 clients := sortedClients(privChat.ClientConn)
260
261 // send the message to all connected clients of the private chat
262 for _, c := range clients {
263 res = append(res, *NewTransaction(
264 tranChatMsg,
265 c.ID,
266 NewField(fieldChatID, chatID),
267 NewField(fieldData, []byte(formattedMsg)),
268 ))
269 }
270 return res, err
271 }
272
273 for _, c := range sortedClients(cc.Server.Clients) {
274 // Filter out clients that do not have the read chat permission
275 if authorize(c.Account.Access, accessReadChat) {
276 res = append(res, *NewTransaction(tranChatMsg, c.ID, NewField(fieldData, []byte(formattedMsg))))
277 }
278 }
279
280 return res, err
281 }
282
283 // HandleSendInstantMsg sends instant message to the user on the current server.
284 // Fields used in the request:
285 // 103 User ID
286 // 113 Options
287 // One of the following values:
288 // - User message (myOpt_UserMessage = 1)
289 // - Refuse message (myOpt_RefuseMessage = 2)
290 // - Refuse chat (myOpt_RefuseChat = 3)
291 // - Automatic response (myOpt_AutomaticResponse = 4)"
292 // 101 Data Optional
293 // 214 Quoting message Optional
294 //
295 // Fields used in the reply:
296 // None
297 func HandleSendInstantMsg(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
298 msg := t.GetField(fieldData)
299 ID := t.GetField(fieldUserID)
300
301 reply := NewTransaction(
302 tranServerMsg,
303 &ID.Data,
304 NewField(fieldData, msg.Data),
305 NewField(fieldUserName, cc.UserName),
306 NewField(fieldUserID, *cc.ID),
307 NewField(fieldOptions, []byte{0, 1}),
308 )
309
310 // Later versions of Hotline include the original message in the fieldQuotingMsg field so
311 // the receiving client can display both the received message and what it is in reply to
312 if t.GetField(fieldQuotingMsg).Data != nil {
313 reply.Fields = append(reply.Fields, NewField(fieldQuotingMsg, t.GetField(fieldQuotingMsg).Data))
314 }
315
316 res = append(res, *reply)
317
318 id, _ := byteToInt(ID.Data)
319 otherClient, ok := cc.Server.Clients[uint16(id)]
320 if !ok {
321 return res, errors.New("invalid client ID")
322 }
323
324 // Respond with auto reply if other client has it enabled
325 if len(otherClient.AutoReply) > 0 {
326 res = append(res,
327 *NewTransaction(
328 tranServerMsg,
329 cc.ID,
330 NewField(fieldData, otherClient.AutoReply),
331 NewField(fieldUserName, otherClient.UserName),
332 NewField(fieldUserID, *otherClient.ID),
333 NewField(fieldOptions, []byte{0, 1}),
334 ),
335 )
336 }
337
338 res = append(res, cc.NewReply(t))
339
340 return res, err
341 }
342
343 func HandleGetFileInfo(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
344 fileName := t.GetField(fieldFileName).Data
345 filePath := t.GetField(fieldFilePath).Data
346
347 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
348 if err != nil {
349 return res, err
350 }
351
352 fw, err := newFileWrapper(cc.Server.FS, fullFilePath, 0)
353 if err != nil {
354 return res, err
355 }
356
357 res = append(res, cc.NewReply(t,
358 NewField(fieldFileName, []byte(fw.name)),
359 NewField(fieldFileTypeString, fw.ffo.FlatFileInformationFork.friendlyType()),
360 NewField(fieldFileCreatorString, fw.ffo.FlatFileInformationFork.friendlyCreator()),
361 NewField(fieldFileComment, fw.ffo.FlatFileInformationFork.Comment),
362 NewField(fieldFileType, fw.ffo.FlatFileInformationFork.TypeSignature),
363 NewField(fieldFileCreateDate, fw.ffo.FlatFileInformationFork.CreateDate),
364 NewField(fieldFileModifyDate, fw.ffo.FlatFileInformationFork.ModifyDate),
365 NewField(fieldFileSize, fw.totalSize()),
366 ))
367 return res, err
368 }
369
370 // HandleSetFileInfo updates a file or folder name and/or comment from the Get Info window
371 // Fields used in the request:
372 // * 201 File name
373 // * 202 File path Optional
374 // * 211 File new name Optional
375 // * 210 File comment Optional
376 // Fields used in the reply: None
377 func HandleSetFileInfo(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
378 fileName := t.GetField(fieldFileName).Data
379 filePath := t.GetField(fieldFilePath).Data
380
381 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
382 if err != nil {
383 return res, err
384 }
385
386 fi, err := cc.Server.FS.Stat(fullFilePath)
387 if err != nil {
388 return res, err
389 }
390
391 hlFile, err := newFileWrapper(cc.Server.FS, fullFilePath, 0)
392 if err != nil {
393 return res, err
394 }
395 if t.GetField(fieldFileComment).Data != nil {
396 switch mode := fi.Mode(); {
397 case mode.IsDir():
398 if !authorize(cc.Account.Access, accessSetFolderComment) {
399 res = append(res, cc.NewErrReply(t, "You are not allowed to set comments for folders."))
400 return res, err
401 }
402 case mode.IsRegular():
403 if !authorize(cc.Account.Access, accessSetFileComment) {
404 res = append(res, cc.NewErrReply(t, "You are not allowed to set comments for files."))
405 return res, err
406 }
407 }
408
409 hlFile.ffo.FlatFileInformationFork.setComment(t.GetField(fieldFileComment).Data)
410 w, err := hlFile.infoForkWriter()
411 if err != nil {
412 return res, err
413 }
414 _, err = w.Write(hlFile.ffo.FlatFileInformationFork.MarshalBinary())
415 if err != nil {
416 return res, err
417 }
418 }
419
420 fullNewFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, t.GetField(fieldFileNewName).Data)
421 if err != nil {
422 return nil, err
423 }
424
425 fileNewName := t.GetField(fieldFileNewName).Data
426
427 if fileNewName != nil {
428 switch mode := fi.Mode(); {
429 case mode.IsDir():
430 if !authorize(cc.Account.Access, accessRenameFolder) {
431 res = append(res, cc.NewErrReply(t, "You are not allowed to rename folders."))
432 return res, err
433 }
434 err = os.Rename(fullFilePath, fullNewFilePath)
435 if os.IsNotExist(err) {
436 res = append(res, cc.NewErrReply(t, "Cannot rename folder "+string(fileName)+" because it does not exist or cannot be found."))
437 return res, err
438 }
439 case mode.IsRegular():
440 if !authorize(cc.Account.Access, accessRenameFile) {
441 res = append(res, cc.NewErrReply(t, "You are not allowed to rename files."))
442 return res, err
443 }
444 fileDir, err := readPath(cc.Server.Config.FileRoot, filePath, []byte{})
445 if err != nil {
446 return nil, err
447 }
448 hlFile.name = string(fileNewName)
449 err = hlFile.move(fileDir)
450 if os.IsNotExist(err) {
451 res = append(res, cc.NewErrReply(t, "Cannot rename file "+string(fileName)+" because it does not exist or cannot be found."))
452 return res, err
453 }
454 if err != nil {
455 panic(err)
456 }
457 }
458 }
459
460 res = append(res, cc.NewReply(t))
461 return res, err
462 }
463
464 // HandleDeleteFile deletes a file or folder
465 // Fields used in the request:
466 // * 201 File name
467 // * 202 File path
468 // Fields used in the reply: none
469 func HandleDeleteFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
470 fileName := t.GetField(fieldFileName).Data
471 filePath := t.GetField(fieldFilePath).Data
472
473 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
474 if err != nil {
475 return res, err
476 }
477
478 hlFile, err := newFileWrapper(cc.Server.FS, fullFilePath, 0)
479 if err != nil {
480 return res, err
481 }
482
483 fi, err := hlFile.dataFile()
484 if err != nil {
485 res = append(res, cc.NewErrReply(t, "Cannot delete file "+string(fileName)+" because it does not exist or cannot be found."))
486 return res, nil
487 }
488
489 switch mode := fi.Mode(); {
490 case mode.IsDir():
491 if !authorize(cc.Account.Access, accessDeleteFolder) {
492 res = append(res, cc.NewErrReply(t, "You are not allowed to delete folders."))
493 return res, err
494 }
495 case mode.IsRegular():
496 if !authorize(cc.Account.Access, accessDeleteFile) {
497 res = append(res, cc.NewErrReply(t, "You are not allowed to delete files."))
498 return res, err
499 }
500 }
501
502 if err := hlFile.delete(); err != nil {
503 return res, err
504 }
505
506 res = append(res, cc.NewReply(t))
507 return res, err
508 }
509
510 // HandleMoveFile moves files or folders. Note: seemingly not documented
511 func HandleMoveFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
512 fileName := string(t.GetField(fieldFileName).Data)
513
514 filePath, err := readPath(cc.Server.Config.FileRoot, t.GetField(fieldFilePath).Data, t.GetField(fieldFileName).Data)
515 if err != nil {
516 return res, err
517 }
518
519 fileNewPath, err := readPath(cc.Server.Config.FileRoot, t.GetField(fieldFileNewPath).Data, nil)
520 if err != nil {
521 return res, err
522 }
523
524 cc.Server.Logger.Debugw("Move file", "src", filePath+"/"+fileName, "dst", fileNewPath+"/"+fileName)
525
526 hlFile, err := newFileWrapper(cc.Server.FS, filePath, 0)
527
528 fi, err := hlFile.dataFile()
529 if err != nil {
530 res = append(res, cc.NewErrReply(t, "Cannot delete file "+fileName+" because it does not exist or cannot be found."))
531 return res, err
532 }
533 if err != nil {
534 return res, err
535 }
536 switch mode := fi.Mode(); {
537 case mode.IsDir():
538 if !authorize(cc.Account.Access, accessMoveFolder) {
539 res = append(res, cc.NewErrReply(t, "You are not allowed to move folders."))
540 return res, err
541 }
542 case mode.IsRegular():
543 if !authorize(cc.Account.Access, accessMoveFile) {
544 res = append(res, cc.NewErrReply(t, "You are not allowed to move files."))
545 return res, err
546 }
547 }
548 if err := hlFile.move(fileNewPath); err != nil {
549 return res, err
550 }
551 // TODO: handle other possible errors; e.g. fileWrapper delete fails due to fileWrapper permission issue
552
553 res = append(res, cc.NewReply(t))
554 return res, err
555 }
556
557 func HandleNewFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
558 if !authorize(cc.Account.Access, accessCreateFolder) {
559 res = append(res, cc.NewErrReply(t, "You are not allowed to create folders."))
560 return res, err
561 }
562 folderName := string(t.GetField(fieldFileName).Data)
563
564 folderName = path.Join("/", folderName)
565
566 var subPath string
567
568 // fieldFilePath is only present for nested paths
569 if t.GetField(fieldFilePath).Data != nil {
570 var newFp FilePath
571 err := newFp.UnmarshalBinary(t.GetField(fieldFilePath).Data)
572 if err != nil {
573 return nil, err
574 }
575
576 for _, pathItem := range newFp.Items {
577 subPath = filepath.Join("/", subPath, string(pathItem.Name))
578 }
579 }
580 newFolderPath := path.Join(cc.Server.Config.FileRoot, subPath, folderName)
581
582 // TODO: check path and folder name lengths
583
584 if _, err := cc.Server.FS.Stat(newFolderPath); !os.IsNotExist(err) {
585 msg := fmt.Sprintf("Cannot create folder \"%s\" because there is already a file or folder with that name.", folderName)
586 return []Transaction{cc.NewErrReply(t, msg)}, nil
587 }
588
589 // TODO: check for disallowed characters to maintain compatibility for original client
590
591 if err := cc.Server.FS.Mkdir(newFolderPath, 0777); err != nil {
592 msg := fmt.Sprintf("Cannot create folder \"%s\" because an error occurred.", folderName)
593 return []Transaction{cc.NewErrReply(t, msg)}, nil
594 }
595
596 res = append(res, cc.NewReply(t))
597 return res, err
598 }
599
600 func HandleSetUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
601 if !authorize(cc.Account.Access, accessModifyUser) {
602 res = append(res, cc.NewErrReply(t, "You are not allowed to modify accounts."))
603 return res, err
604 }
605
606 login := DecodeUserString(t.GetField(fieldUserLogin).Data)
607 userName := string(t.GetField(fieldUserName).Data)
608
609 newAccessLvl := t.GetField(fieldUserAccess).Data
610
611 account := cc.Server.Accounts[login]
612 account.Access = &newAccessLvl
613 account.Name = userName
614
615 // If the password field is cleared in the Hotline edit user UI, the SetUser transaction does
616 // not include fieldUserPassword
617 if t.GetField(fieldUserPassword).Data == nil {
618 account.Password = hashAndSalt([]byte(""))
619 }
620 if len(t.GetField(fieldUserPassword).Data) > 1 {
621 account.Password = hashAndSalt(t.GetField(fieldUserPassword).Data)
622 }
623
624 out, err := yaml.Marshal(&account)
625 if err != nil {
626 return res, err
627 }
628 if err := os.WriteFile(cc.Server.ConfigDir+"Users/"+login+".yaml", out, 0666); err != nil {
629 return res, err
630 }
631
632 // Notify connected clients logged in as the user of the new access level
633 for _, c := range cc.Server.Clients {
634 if c.Account.Login == login {
635 // Note: comment out these two lines to test server-side deny messages
636 newT := NewTransaction(tranUserAccess, c.ID, NewField(fieldUserAccess, newAccessLvl))
637 res = append(res, *newT)
638
639 flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(*c.Flags)))
640 if authorize(c.Account.Access, accessDisconUser) {
641 flagBitmap.SetBit(flagBitmap, userFlagAdmin, 1)
642 } else {
643 flagBitmap.SetBit(flagBitmap, userFlagAdmin, 0)
644 }
645 binary.BigEndian.PutUint16(*c.Flags, uint16(flagBitmap.Int64()))
646
647 c.Account.Access = account.Access
648
649 cc.sendAll(
650 tranNotifyChangeUser,
651 NewField(fieldUserID, *c.ID),
652 NewField(fieldUserFlags, *c.Flags),
653 NewField(fieldUserName, c.UserName),
654 NewField(fieldUserIconID, *c.Icon),
655 )
656 }
657 }
658
659 res = append(res, cc.NewReply(t))
660 return res, err
661 }
662
663 func HandleGetUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
664 if !authorize(cc.Account.Access, accessOpenUser) {
665 res = append(res, cc.NewErrReply(t, "You are not allowed to view accounts."))
666 return res, err
667 }
668
669 account := cc.Server.Accounts[string(t.GetField(fieldUserLogin).Data)]
670 if account == nil {
671 res = append(res, cc.NewErrReply(t, "Account does not exist."))
672 return res, err
673 }
674
675 res = append(res, cc.NewReply(t,
676 NewField(fieldUserName, []byte(account.Name)),
677 NewField(fieldUserLogin, negateString(t.GetField(fieldUserLogin).Data)),
678 NewField(fieldUserPassword, []byte(account.Password)),
679 NewField(fieldUserAccess, *account.Access),
680 ))
681 return res, err
682 }
683
684 func HandleListUsers(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
685 if !authorize(cc.Account.Access, accessOpenUser) {
686 res = append(res, cc.NewErrReply(t, "You are not allowed to view accounts."))
687 return res, err
688 }
689
690 var userFields []Field
691 for _, acc := range cc.Server.Accounts {
692 userField := acc.MarshalBinary()
693 userFields = append(userFields, NewField(fieldData, userField))
694 }
695
696 res = append(res, cc.NewReply(t, userFields...))
697 return res, err
698 }
699
700 // HandleUpdateUser is used by the v1.5+ multi-user editor to perform account editing for multiple users at a time.
701 // An update can be a mix of these actions:
702 // * Create user
703 // * Delete user
704 // * Modify user (including renaming the account login)
705 //
706 // The Transaction sent by the client includes one data field per user that was modified. This data field in turn
707 // contains another data field encoded in its payload with a varying number of sub fields depending on which action is
708 // performed. This seems to be the only place in the Hotline protocol where a data field contains another data field.
709 func HandleUpdateUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
710 for _, field := range t.Fields {
711 subFields, err := ReadFields(field.Data[0:2], field.Data[2:])
712 if err != nil {
713 return res, err
714 }
715
716 if len(subFields) == 1 {
717 login := DecodeUserString(getField(fieldData, &subFields).Data)
718 cc.Server.Logger.Infow("DeleteUser", "login", login)
719
720 if !authorize(cc.Account.Access, accessDeleteUser) {
721 res = append(res, cc.NewErrReply(t, "You are not allowed to delete accounts."))
722 return res, err
723 }
724
725 if err := cc.Server.DeleteUser(login); err != nil {
726 return res, err
727 }
728 continue
729 }
730
731 login := DecodeUserString(getField(fieldUserLogin, &subFields).Data)
732
733 // check if the login dataFile; if so, we know we are updating an existing user
734 if acc, ok := cc.Server.Accounts[login]; ok {
735 cc.Server.Logger.Infow("UpdateUser", "login", login)
736
737 // account dataFile, so this is an update action
738 if !authorize(cc.Account.Access, accessModifyUser) {
739 res = append(res, cc.NewErrReply(t, "You are not allowed to modify accounts."))
740 return res, err
741 }
742
743 if getField(fieldUserPassword, &subFields) != nil {
744 newPass := getField(fieldUserPassword, &subFields).Data
745 acc.Password = hashAndSalt(newPass)
746 } else {
747 acc.Password = hashAndSalt([]byte(""))
748 }
749
750 if getField(fieldUserAccess, &subFields) != nil {
751 acc.Access = &getField(fieldUserAccess, &subFields).Data
752 }
753
754 err = cc.Server.UpdateUser(
755 DecodeUserString(getField(fieldData, &subFields).Data),
756 DecodeUserString(getField(fieldUserLogin, &subFields).Data),
757 string(getField(fieldUserName, &subFields).Data),
758 acc.Password,
759 *acc.Access,
760 )
761 if err != nil {
762 return res, err
763 }
764 } else {
765 cc.Server.Logger.Infow("CreateUser", "login", login)
766
767 if !authorize(cc.Account.Access, accessCreateUser) {
768 res = append(res, cc.NewErrReply(t, "You are not allowed to create new accounts."))
769 return res, err
770 }
771
772 err := cc.Server.NewUser(
773 login,
774 string(getField(fieldUserName, &subFields).Data),
775 string(getField(fieldUserPassword, &subFields).Data),
776 getField(fieldUserAccess, &subFields).Data,
777 )
778 if err != nil {
779 return []Transaction{}, err
780 }
781 }
782 }
783
784 res = append(res, cc.NewReply(t))
785 return res, err
786 }
787
788 // HandleNewUser creates a new user account
789 func HandleNewUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
790 if !authorize(cc.Account.Access, accessCreateUser) {
791 res = append(res, cc.NewErrReply(t, "You are not allowed to create new accounts."))
792 return res, err
793 }
794
795 login := DecodeUserString(t.GetField(fieldUserLogin).Data)
796
797 // If the account already dataFile, reply with an error
798 if _, ok := cc.Server.Accounts[login]; ok {
799 res = append(res, cc.NewErrReply(t, "Cannot create account "+login+" because there is already an account with that login."))
800 return res, err
801 }
802
803 if err := cc.Server.NewUser(
804 login,
805 string(t.GetField(fieldUserName).Data),
806 string(t.GetField(fieldUserPassword).Data),
807 t.GetField(fieldUserAccess).Data,
808 ); err != nil {
809 return []Transaction{}, err
810 }
811
812 res = append(res, cc.NewReply(t))
813 return res, err
814 }
815
816 func HandleDeleteUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
817 if !authorize(cc.Account.Access, accessDeleteUser) {
818 res = append(res, cc.NewErrReply(t, "You are not allowed to delete accounts."))
819 return res, err
820 }
821
822 // TODO: Handle case where account doesn't exist; e.g. delete race condition
823 login := DecodeUserString(t.GetField(fieldUserLogin).Data)
824
825 if err := cc.Server.DeleteUser(login); err != nil {
826 return res, err
827 }
828
829 res = append(res, cc.NewReply(t))
830 return res, err
831 }
832
833 // HandleUserBroadcast sends an Administrator Message to all connected clients of the server
834 func HandleUserBroadcast(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
835 if !authorize(cc.Account.Access, accessBroadcast) {
836 res = append(res, cc.NewErrReply(t, "You are not allowed to send broadcast messages."))
837 return res, err
838 }
839
840 cc.sendAll(
841 tranServerMsg,
842 NewField(fieldData, t.GetField(tranGetMsgs).Data),
843 NewField(fieldChatOptions, []byte{0}),
844 )
845
846 res = append(res, cc.NewReply(t))
847 return res, err
848 }
849
850 func byteToInt(bytes []byte) (int, error) {
851 switch len(bytes) {
852 case 2:
853 return int(binary.BigEndian.Uint16(bytes)), nil
854 case 4:
855 return int(binary.BigEndian.Uint32(bytes)), nil
856 }
857
858 return 0, errors.New("unknown byte length")
859 }
860
861 func HandleGetClientConnInfoText(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
862 if !authorize(cc.Account.Access, accessGetClientInfo) {
863 res = append(res, cc.NewErrReply(t, "You are not allowed to get client info"))
864 return res, err
865 }
866
867 clientID, _ := byteToInt(t.GetField(fieldUserID).Data)
868
869 clientConn := cc.Server.Clients[uint16(clientID)]
870 if clientConn == nil {
871 return res, errors.New("invalid client")
872 }
873
874 // TODO: Implement non-hardcoded values
875 template := `Nickname: %s
876 Name: %s
877 Account: %s
878 Address: %s
879
880 -------- File Downloads ---------
881
882 %s
883
884 ------- Folder Downloads --------
885
886 None.
887
888 --------- File Uploads ----------
889
890 None.
891
892 -------- Folder Uploads ---------
893
894 None.
895
896 ------- Waiting Downloads -------
897
898 None.
899
900 `
901
902 activeDownloads := clientConn.Transfers[FileDownload]
903 activeDownloadList := "None."
904 for _, dl := range activeDownloads {
905 activeDownloadList += dl.String() + "\n"
906 }
907
908 template = fmt.Sprintf(
909 template,
910 clientConn.UserName,
911 clientConn.Account.Name,
912 clientConn.Account.Login,
913 clientConn.RemoteAddr,
914 activeDownloadList,
915 )
916 template = strings.Replace(template, "\n", "\r", -1)
917
918 res = append(res, cc.NewReply(t,
919 NewField(fieldData, []byte(template)),
920 NewField(fieldUserName, clientConn.UserName),
921 ))
922 return res, err
923 }
924
925 func HandleGetUserNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
926 res = append(res, cc.NewReply(t, cc.Server.connectedUsers()...))
927
928 return res, err
929 }
930
931 func HandleTranAgreed(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
932 cc.Agreed = true
933 cc.UserName = t.GetField(fieldUserName).Data
934 *cc.Icon = t.GetField(fieldUserIconID).Data
935
936 options := t.GetField(fieldOptions).Data
937 optBitmap := big.NewInt(int64(binary.BigEndian.Uint16(options)))
938
939 flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(*cc.Flags)))
940
941 // Check refuse private PM option
942 if optBitmap.Bit(refusePM) == 1 {
943 flagBitmap.SetBit(flagBitmap, userFlagRefusePM, 1)
944 binary.BigEndian.PutUint16(*cc.Flags, uint16(flagBitmap.Int64()))
945 }
946
947 // Check refuse private chat option
948 if optBitmap.Bit(refuseChat) == 1 {
949 flagBitmap.SetBit(flagBitmap, userFLagRefusePChat, 1)
950 binary.BigEndian.PutUint16(*cc.Flags, uint16(flagBitmap.Int64()))
951 }
952
953 // Check auto response
954 if optBitmap.Bit(autoResponse) == 1 {
955 cc.AutoReply = t.GetField(fieldAutomaticResponse).Data
956 } else {
957 cc.AutoReply = []byte{}
958 }
959
960 cc.notifyOthers(
961 *NewTransaction(
962 tranNotifyChangeUser, nil,
963 NewField(fieldUserName, cc.UserName),
964 NewField(fieldUserID, *cc.ID),
965 NewField(fieldUserIconID, *cc.Icon),
966 NewField(fieldUserFlags, *cc.Flags),
967 ),
968 )
969
970 res = append(res, cc.NewReply(t))
971
972 return res, err
973 }
974
975 const defaultNewsDateFormat = "Jan02 15:04" // Jun23 20:49
976 // "Mon, 02 Jan 2006 15:04:05 MST"
977
978 const defaultNewsTemplate = `From %s (%s):
979
980 %s
981
982 __________________________________________________________`
983
984 // HandleTranOldPostNews updates the flat news
985 // Fields used in this request:
986 // 101 Data
987 func HandleTranOldPostNews(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
988 if !authorize(cc.Account.Access, accessNewsPostArt) {
989 res = append(res, cc.NewErrReply(t, "You are not allowed to post news."))
990 return res, err
991 }
992
993 cc.Server.flatNewsMux.Lock()
994 defer cc.Server.flatNewsMux.Unlock()
995
996 newsDateTemplate := defaultNewsDateFormat
997 if cc.Server.Config.NewsDateFormat != "" {
998 newsDateTemplate = cc.Server.Config.NewsDateFormat
999 }
1000
1001 newsTemplate := defaultNewsTemplate
1002 if cc.Server.Config.NewsDelimiter != "" {
1003 newsTemplate = cc.Server.Config.NewsDelimiter
1004 }
1005
1006 newsPost := fmt.Sprintf(newsTemplate+"\r", cc.UserName, time.Now().Format(newsDateTemplate), t.GetField(fieldData).Data)
1007 newsPost = strings.Replace(newsPost, "\n", "\r", -1)
1008
1009 // update news in memory
1010 cc.Server.FlatNews = append([]byte(newsPost), cc.Server.FlatNews...)
1011
1012 // update news on disk
1013 if err := ioutil.WriteFile(cc.Server.ConfigDir+"MessageBoard.txt", cc.Server.FlatNews, 0644); err != nil {
1014 return res, err
1015 }
1016
1017 // Notify all clients of updated news
1018 cc.sendAll(
1019 tranNewMsg,
1020 NewField(fieldData, []byte(newsPost)),
1021 )
1022
1023 res = append(res, cc.NewReply(t))
1024 return res, err
1025 }
1026
1027 func HandleDisconnectUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1028 if !authorize(cc.Account.Access, accessDisconUser) {
1029 res = append(res, cc.NewErrReply(t, "You are not allowed to disconnect users."))
1030 return res, err
1031 }
1032
1033 clientConn := cc.Server.Clients[binary.BigEndian.Uint16(t.GetField(fieldUserID).Data)]
1034
1035 if authorize(clientConn.Account.Access, accessCannotBeDiscon) {
1036 res = append(res, cc.NewErrReply(t, clientConn.Account.Login+" is not allowed to be disconnected."))
1037 return res, err
1038 }
1039
1040 if err := clientConn.Connection.Close(); err != nil {
1041 return res, err
1042 }
1043
1044 res = append(res, cc.NewReply(t))
1045 return res, err
1046 }
1047
1048 // HandleGetNewsCatNameList returns a list of news categories for a path
1049 // Fields used in the request:
1050 // 325 News path (Optional)
1051 func HandleGetNewsCatNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1052 if !authorize(cc.Account.Access, accessNewsReadArt) {
1053 res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
1054 return res, err
1055 }
1056
1057 newsPath := t.GetField(fieldNewsPath).Data
1058 cc.Server.Logger.Infow("NewsPath: ", "np", string(newsPath))
1059
1060 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1061 cats := cc.Server.GetNewsCatByPath(pathStrs)
1062
1063 // To store the keys in slice in sorted order
1064 keys := make([]string, len(cats))
1065 i := 0
1066 for k := range cats {
1067 keys[i] = k
1068 i++
1069 }
1070 sort.Strings(keys)
1071
1072 var fieldData []Field
1073 for _, k := range keys {
1074 cat := cats[k]
1075 b, _ := cat.MarshalBinary()
1076 fieldData = append(fieldData, NewField(
1077 fieldNewsCatListData15,
1078 b,
1079 ))
1080 }
1081
1082 res = append(res, cc.NewReply(t, fieldData...))
1083 return res, err
1084 }
1085
1086 func HandleNewNewsCat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1087 if !authorize(cc.Account.Access, accessNewsCreateCat) {
1088 res = append(res, cc.NewErrReply(t, "You are not allowed to create news categories."))
1089 return res, err
1090 }
1091
1092 name := string(t.GetField(fieldNewsCatName).Data)
1093 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1094
1095 cats := cc.Server.GetNewsCatByPath(pathStrs)
1096 cats[name] = NewsCategoryListData15{
1097 Name: name,
1098 Type: []byte{0, 3},
1099 Articles: map[uint32]*NewsArtData{},
1100 SubCats: make(map[string]NewsCategoryListData15),
1101 }
1102
1103 if err := cc.Server.writeThreadedNews(); err != nil {
1104 return res, err
1105 }
1106 res = append(res, cc.NewReply(t))
1107 return res, err
1108 }
1109
1110 // Fields used in the request:
1111 // 322 News category name
1112 // 325 News path
1113 func HandleNewNewsFldr(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1114 if !authorize(cc.Account.Access, accessNewsCreateFldr) {
1115 res = append(res, cc.NewErrReply(t, "You are not allowed to create news folders."))
1116 return res, err
1117 }
1118
1119 name := string(t.GetField(fieldFileName).Data)
1120 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1121
1122 cc.Server.Logger.Infof("Creating new news folder %s", name)
1123
1124 cats := cc.Server.GetNewsCatByPath(pathStrs)
1125 cats[name] = NewsCategoryListData15{
1126 Name: name,
1127 Type: []byte{0, 2},
1128 Articles: map[uint32]*NewsArtData{},
1129 SubCats: make(map[string]NewsCategoryListData15),
1130 }
1131 if err := cc.Server.writeThreadedNews(); err != nil {
1132 return res, err
1133 }
1134 res = append(res, cc.NewReply(t))
1135 return res, err
1136 }
1137
1138 // Fields used in the request:
1139 // 325 News path Optional
1140 //
1141 // Reply fields:
1142 // 321 News article list data Optional
1143 func HandleGetNewsArtNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1144 if !authorize(cc.Account.Access, accessNewsReadArt) {
1145 res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
1146 return res, err
1147 }
1148 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1149
1150 var cat NewsCategoryListData15
1151 cats := cc.Server.ThreadedNews.Categories
1152
1153 for _, fp := range pathStrs {
1154 cat = cats[fp]
1155 cats = cats[fp].SubCats
1156 }
1157
1158 nald := cat.GetNewsArtListData()
1159
1160 res = append(res, cc.NewReply(t, NewField(fieldNewsArtListData, nald.Payload())))
1161 return res, err
1162 }
1163
1164 func HandleGetNewsArtData(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1165 if !authorize(cc.Account.Access, accessNewsReadArt) {
1166 res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
1167 return res, err
1168 }
1169
1170 // Request fields
1171 // 325 News fp
1172 // 326 News article ID
1173 // 327 News article data flavor
1174
1175 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1176
1177 var cat NewsCategoryListData15
1178 cats := cc.Server.ThreadedNews.Categories
1179
1180 for _, fp := range pathStrs {
1181 cat = cats[fp]
1182 cats = cats[fp].SubCats
1183 }
1184 newsArtID := t.GetField(fieldNewsArtID).Data
1185
1186 convertedArtID := binary.BigEndian.Uint16(newsArtID)
1187
1188 art := cat.Articles[uint32(convertedArtID)]
1189 if art == nil {
1190 res = append(res, cc.NewReply(t))
1191 return res, err
1192 }
1193
1194 // Reply fields
1195 // 328 News article title
1196 // 329 News article poster
1197 // 330 News article date
1198 // 331 Previous article ID
1199 // 332 Next article ID
1200 // 335 Parent article ID
1201 // 336 First child article ID
1202 // 327 News article data flavor "Should be “text/plain”
1203 // 333 News article data Optional (if data flavor is “text/plain”)
1204
1205 res = append(res, cc.NewReply(t,
1206 NewField(fieldNewsArtTitle, []byte(art.Title)),
1207 NewField(fieldNewsArtPoster, []byte(art.Poster)),
1208 NewField(fieldNewsArtDate, art.Date),
1209 NewField(fieldNewsArtPrevArt, art.PrevArt),
1210 NewField(fieldNewsArtNextArt, art.NextArt),
1211 NewField(fieldNewsArtParentArt, art.ParentArt),
1212 NewField(fieldNewsArt1stChildArt, art.FirstChildArt),
1213 NewField(fieldNewsArtDataFlav, []byte("text/plain")),
1214 NewField(fieldNewsArtData, []byte(art.Data)),
1215 ))
1216 return res, err
1217 }
1218
1219 func HandleDelNewsItem(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1220 // Has multiple access flags: News Delete Folder (37) or News Delete Category (35)
1221 // TODO: Implement
1222
1223 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1224
1225 // TODO: determine if path is a Folder (Bundle) or Category and check for permission
1226
1227 cc.Server.Logger.Infof("DelNewsItem %v", pathStrs)
1228
1229 cats := cc.Server.ThreadedNews.Categories
1230
1231 delName := pathStrs[len(pathStrs)-1]
1232 if len(pathStrs) > 1 {
1233 for _, fp := range pathStrs[0 : len(pathStrs)-1] {
1234 cats = cats[fp].SubCats
1235 }
1236 }
1237
1238 delete(cats, delName)
1239
1240 err = cc.Server.writeThreadedNews()
1241 if err != nil {
1242 return res, err
1243 }
1244
1245 // Reply params: none
1246 res = append(res, cc.NewReply(t))
1247
1248 return res, err
1249 }
1250
1251 func HandleDelNewsArt(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1252 if !authorize(cc.Account.Access, accessNewsDeleteArt) {
1253 res = append(res, cc.NewErrReply(t, "You are not allowed to delete news articles."))
1254 return res, err
1255 }
1256
1257 // Request Fields
1258 // 325 News path
1259 // 326 News article ID
1260 // 337 News article – recursive delete Delete child articles (1) or not (0)
1261 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1262 ID := binary.BigEndian.Uint16(t.GetField(fieldNewsArtID).Data)
1263
1264 // TODO: Delete recursive
1265 cats := cc.Server.GetNewsCatByPath(pathStrs[:len(pathStrs)-1])
1266
1267 catName := pathStrs[len(pathStrs)-1]
1268 cat := cats[catName]
1269
1270 delete(cat.Articles, uint32(ID))
1271
1272 cats[catName] = cat
1273 if err := cc.Server.writeThreadedNews(); err != nil {
1274 return res, err
1275 }
1276
1277 res = append(res, cc.NewReply(t))
1278 return res, err
1279 }
1280
1281 // Request fields
1282 // 325 News path
1283 // 326 News article ID ID of the parent article?
1284 // 328 News article title
1285 // 334 News article flags
1286 // 327 News article data flavor Currently “text/plain”
1287 // 333 News article data
1288 func HandlePostNewsArt(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1289 if !authorize(cc.Account.Access, accessNewsPostArt) {
1290 res = append(res, cc.NewErrReply(t, "You are not allowed to post news articles."))
1291 return res, err
1292 }
1293
1294 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1295 cats := cc.Server.GetNewsCatByPath(pathStrs[:len(pathStrs)-1])
1296
1297 catName := pathStrs[len(pathStrs)-1]
1298 cat := cats[catName]
1299
1300 newArt := NewsArtData{
1301 Title: string(t.GetField(fieldNewsArtTitle).Data),
1302 Poster: string(cc.UserName),
1303 Date: toHotlineTime(time.Now()),
1304 PrevArt: []byte{0, 0, 0, 0},
1305 NextArt: []byte{0, 0, 0, 0},
1306 ParentArt: append([]byte{0, 0}, t.GetField(fieldNewsArtID).Data...),
1307 FirstChildArt: []byte{0, 0, 0, 0},
1308 DataFlav: []byte("text/plain"),
1309 Data: string(t.GetField(fieldNewsArtData).Data),
1310 }
1311
1312 var keys []int
1313 for k := range cat.Articles {
1314 keys = append(keys, int(k))
1315 }
1316
1317 nextID := uint32(1)
1318 if len(keys) > 0 {
1319 sort.Ints(keys)
1320 prevID := uint32(keys[len(keys)-1])
1321 nextID = prevID + 1
1322
1323 binary.BigEndian.PutUint32(newArt.PrevArt, prevID)
1324
1325 // Set next article ID
1326 binary.BigEndian.PutUint32(cat.Articles[prevID].NextArt, nextID)
1327 }
1328
1329 // Update parent article with first child reply
1330 parentID := binary.BigEndian.Uint16(t.GetField(fieldNewsArtID).Data)
1331 if parentID != 0 {
1332 parentArt := cat.Articles[uint32(parentID)]
1333
1334 if bytes.Equal(parentArt.FirstChildArt, []byte{0, 0, 0, 0}) {
1335 binary.BigEndian.PutUint32(parentArt.FirstChildArt, nextID)
1336 }
1337 }
1338
1339 cat.Articles[nextID] = &newArt
1340
1341 cats[catName] = cat
1342 if err := cc.Server.writeThreadedNews(); err != nil {
1343 return res, err
1344 }
1345
1346 res = append(res, cc.NewReply(t))
1347 return res, err
1348 }
1349
1350 // HandleGetMsgs returns the flat news data
1351 func HandleGetMsgs(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1352 if !authorize(cc.Account.Access, accessNewsReadArt) {
1353 res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
1354 return res, err
1355 }
1356
1357 res = append(res, cc.NewReply(t, NewField(fieldData, cc.Server.FlatNews)))
1358
1359 return res, err
1360 }
1361
1362 func HandleDownloadFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1363 if !authorize(cc.Account.Access, accessDownloadFile) {
1364 res = append(res, cc.NewErrReply(t, "You are not allowed to download files."))
1365 return res, err
1366 }
1367
1368 fileName := t.GetField(fieldFileName).Data
1369 filePath := t.GetField(fieldFilePath).Data
1370 resumeData := t.GetField(fieldFileResumeData).Data
1371
1372 var dataOffset int64
1373 var frd FileResumeData
1374 if resumeData != nil {
1375 if err := frd.UnmarshalBinary(t.GetField(fieldFileResumeData).Data); err != nil {
1376 return res, err
1377 }
1378 // TODO: handle rsrc fork offset
1379 dataOffset = int64(binary.BigEndian.Uint32(frd.ForkInfoList[0].DataSize[:]))
1380 }
1381
1382 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
1383 if err != nil {
1384 return res, err
1385 }
1386
1387 hlFile, err := newFileWrapper(cc.Server.FS, fullFilePath, dataOffset)
1388 if err != nil {
1389 return res, err
1390 }
1391
1392 transactionRef := cc.Server.NewTransactionRef()
1393 data := binary.BigEndian.Uint32(transactionRef)
1394
1395 ft := &FileTransfer{
1396 FileName: fileName,
1397 FilePath: filePath,
1398 ReferenceNumber: transactionRef,
1399 Type: FileDownload,
1400 }
1401
1402 // TODO: refactor to remove this
1403 if resumeData != nil {
1404 var frd FileResumeData
1405 if err := frd.UnmarshalBinary(t.GetField(fieldFileResumeData).Data); err != nil {
1406 return res, err
1407 }
1408 ft.fileResumeData = &frd
1409 }
1410
1411 xferSize := hlFile.ffo.TransferSize(0)
1412
1413 // Optional field for when a HL v1.5+ client requests file preview
1414 // Used only for TEXT, JPEG, GIFF, BMP or PICT files
1415 // The value will always be 2
1416 if t.GetField(fieldFileTransferOptions).Data != nil {
1417 ft.options = t.GetField(fieldFileTransferOptions).Data
1418 xferSize = hlFile.ffo.FlatFileDataForkHeader.DataSize[:]
1419 }
1420
1421 cc.Server.mux.Lock()
1422 defer cc.Server.mux.Unlock()
1423 cc.Server.FileTransfers[data] = ft
1424
1425 cc.Transfers[FileDownload] = append(cc.Transfers[FileDownload], ft)
1426
1427 res = append(res, cc.NewReply(t,
1428 NewField(fieldRefNum, transactionRef),
1429 NewField(fieldWaitingCount, []byte{0x00, 0x00}), // TODO: Implement waiting count
1430 NewField(fieldTransferSize, xferSize),
1431 NewField(fieldFileSize, hlFile.ffo.FlatFileDataForkHeader.DataSize[:]),
1432 ))
1433
1434 return res, err
1435 }
1436
1437 // Download all files from the specified folder and sub-folders
1438 func HandleDownloadFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1439 if !authorize(cc.Account.Access, accessDownloadFile) {
1440 res = append(res, cc.NewErrReply(t, "You are not allowed to download folders."))
1441 return res, err
1442 }
1443
1444 transactionRef := cc.Server.NewTransactionRef()
1445 data := binary.BigEndian.Uint32(transactionRef)
1446
1447 fileTransfer := &FileTransfer{
1448 FileName: t.GetField(fieldFileName).Data,
1449 FilePath: t.GetField(fieldFilePath).Data,
1450 ReferenceNumber: transactionRef,
1451 Type: FolderDownload,
1452 }
1453 cc.Server.mux.Lock()
1454 cc.Server.FileTransfers[data] = fileTransfer
1455 cc.Server.mux.Unlock()
1456 cc.Transfers[FolderDownload] = append(cc.Transfers[FolderDownload], fileTransfer)
1457
1458 var fp FilePath
1459 err = fp.UnmarshalBinary(t.GetField(fieldFilePath).Data)
1460 if err != nil {
1461 return res, err
1462 }
1463
1464 fullFilePath, err := readPath(cc.Server.Config.FileRoot, t.GetField(fieldFilePath).Data, t.GetField(fieldFileName).Data)
1465 if err != nil {
1466 return res, err
1467 }
1468
1469 transferSize, err := CalcTotalSize(fullFilePath)
1470 if err != nil {
1471 return res, err
1472 }
1473 itemCount, err := CalcItemCount(fullFilePath)
1474 if err != nil {
1475 return res, err
1476 }
1477 res = append(res, cc.NewReply(t,
1478 NewField(fieldRefNum, transactionRef),
1479 NewField(fieldTransferSize, transferSize),
1480 NewField(fieldFolderItemCount, itemCount),
1481 NewField(fieldWaitingCount, []byte{0x00, 0x00}), // TODO: Implement waiting count
1482 ))
1483 return res, err
1484 }
1485
1486 // Upload all files from the local folder and its subfolders to the specified path on the server
1487 // Fields used in the request
1488 // 201 File name
1489 // 202 File path
1490 // 108 transfer size Total size of all items in the folder
1491 // 220 Folder item count
1492 // 204 File transfer options "Optional Currently set to 1" (TODO: ??)
1493 func HandleUploadFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1494 transactionRef := cc.Server.NewTransactionRef()
1495 data := binary.BigEndian.Uint32(transactionRef)
1496
1497 var fp FilePath
1498 if t.GetField(fieldFilePath).Data != nil {
1499 if err = fp.UnmarshalBinary(t.GetField(fieldFilePath).Data); err != nil {
1500 return res, err
1501 }
1502 }
1503
1504 // Handle special cases for Upload and Drop Box folders
1505 if !authorize(cc.Account.Access, accessUploadAnywhere) {
1506 if !fp.IsUploadDir() && !fp.IsDropbox() {
1507 res = append(res, cc.NewErrReply(t, fmt.Sprintf("Cannot accept upload of the folder \"%v\" because you are only allowed to upload to the \"Uploads\" folder.", string(t.GetField(fieldFileName).Data))))
1508 return res, err
1509 }
1510 }
1511
1512 fileTransfer := &FileTransfer{
1513 FileName: t.GetField(fieldFileName).Data,
1514 FilePath: t.GetField(fieldFilePath).Data,
1515 ReferenceNumber: transactionRef,
1516 Type: FolderUpload,
1517 FolderItemCount: t.GetField(fieldFolderItemCount).Data,
1518 TransferSize: t.GetField(fieldTransferSize).Data,
1519 }
1520 cc.Server.FileTransfers[data] = fileTransfer
1521
1522 res = append(res, cc.NewReply(t, NewField(fieldRefNum, transactionRef)))
1523 return res, err
1524 }
1525
1526 // HandleUploadFile
1527 // Fields used in the request:
1528 // 201 File name
1529 // 202 File path
1530 // 204 File transfer options "Optional
1531 // Used only to resume download, currently has value 2"
1532 // 108 File transfer size "Optional used if download is not resumed"
1533 func HandleUploadFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1534 if !authorize(cc.Account.Access, accessUploadFile) {
1535 res = append(res, cc.NewErrReply(t, "You are not allowed to upload files."))
1536 return res, err
1537 }
1538
1539 fileName := t.GetField(fieldFileName).Data
1540 filePath := t.GetField(fieldFilePath).Data
1541
1542 transferOptions := t.GetField(fieldFileTransferOptions).Data
1543
1544 // TODO: is this field useful for anything?
1545 // transferSize := t.GetField(fieldTransferSize).Data
1546
1547 var fp FilePath
1548 if filePath != nil {
1549 if err = fp.UnmarshalBinary(filePath); err != nil {
1550 return res, err
1551 }
1552 }
1553
1554 // Handle special cases for Upload and Drop Box folders
1555 if !authorize(cc.Account.Access, accessUploadAnywhere) {
1556 if !fp.IsUploadDir() && !fp.IsDropbox() {
1557 res = append(res, cc.NewErrReply(t, fmt.Sprintf("Cannot accept upload of the file \"%v\" because you are only allowed to upload to the \"Uploads\" folder.", string(fileName))))
1558 return res, err
1559 }
1560 }
1561
1562 transactionRef := cc.Server.NewTransactionRef()
1563 data := binary.BigEndian.Uint32(transactionRef)
1564
1565 cc.Server.mux.Lock()
1566 cc.Server.FileTransfers[data] = &FileTransfer{
1567 FileName: fileName,
1568 FilePath: filePath,
1569 ReferenceNumber: transactionRef,
1570 Type: FileUpload,
1571 }
1572 cc.Server.mux.Unlock()
1573
1574 replyT := cc.NewReply(t, NewField(fieldRefNum, transactionRef))
1575
1576 // client has requested to resume a partially transferred file
1577 if transferOptions != nil {
1578 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
1579 if err != nil {
1580 return res, err
1581 }
1582
1583 fileInfo, err := cc.Server.FS.Stat(fullFilePath + incompleteFileSuffix)
1584 if err != nil {
1585 return res, err
1586 }
1587
1588 offset := make([]byte, 4)
1589 binary.BigEndian.PutUint32(offset, uint32(fileInfo.Size()))
1590
1591 fileResumeData := NewFileResumeData([]ForkInfoList{
1592 *NewForkInfoList(offset),
1593 })
1594
1595 b, _ := fileResumeData.BinaryMarshal()
1596
1597 replyT.Fields = append(replyT.Fields, NewField(fieldFileResumeData, b))
1598 }
1599
1600 res = append(res, replyT)
1601 return res, err
1602 }
1603
1604 func HandleSetClientUserInfo(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1605 var icon []byte
1606 if len(t.GetField(fieldUserIconID).Data) == 4 {
1607 icon = t.GetField(fieldUserIconID).Data[2:]
1608 } else {
1609 icon = t.GetField(fieldUserIconID).Data
1610 }
1611 *cc.Icon = icon
1612 cc.UserName = t.GetField(fieldUserName).Data
1613
1614 // the options field is only passed by the client versions > 1.2.3.
1615 options := t.GetField(fieldOptions).Data
1616
1617 if options != nil {
1618 optBitmap := big.NewInt(int64(binary.BigEndian.Uint16(options)))
1619 flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(*cc.Flags)))
1620
1621 flagBitmap.SetBit(flagBitmap, userFlagRefusePM, optBitmap.Bit(refusePM))
1622 binary.BigEndian.PutUint16(*cc.Flags, uint16(flagBitmap.Int64()))
1623
1624 flagBitmap.SetBit(flagBitmap, userFLagRefusePChat, optBitmap.Bit(refuseChat))
1625 binary.BigEndian.PutUint16(*cc.Flags, uint16(flagBitmap.Int64()))
1626
1627 // Check auto response
1628 if optBitmap.Bit(autoResponse) == 1 {
1629 cc.AutoReply = t.GetField(fieldAutomaticResponse).Data
1630 } else {
1631 cc.AutoReply = []byte{}
1632 }
1633 }
1634
1635 // Notify all clients of updated user info
1636 cc.sendAll(
1637 tranNotifyChangeUser,
1638 NewField(fieldUserID, *cc.ID),
1639 NewField(fieldUserIconID, *cc.Icon),
1640 NewField(fieldUserFlags, *cc.Flags),
1641 NewField(fieldUserName, cc.UserName),
1642 )
1643
1644 return res, err
1645 }
1646
1647 // HandleKeepAlive responds to keepalive transactions with an empty reply
1648 // * HL 1.9.2 Client sends keepalive msg every 3 minutes
1649 // * HL 1.2.3 Client doesn't send keepalives
1650 func HandleKeepAlive(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1651 res = append(res, cc.NewReply(t))
1652
1653 return res, err
1654 }
1655
1656 func HandleGetFileNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1657 fullPath, err := readPath(
1658 cc.Server.Config.FileRoot,
1659 t.GetField(fieldFilePath).Data,
1660 nil,
1661 )
1662 if err != nil {
1663 return res, err
1664 }
1665
1666 var fp FilePath
1667 if t.GetField(fieldFilePath).Data != nil {
1668 if err = fp.UnmarshalBinary(t.GetField(fieldFilePath).Data); err != nil {
1669 return res, err
1670 }
1671 }
1672
1673 // Handle special case for drop box folders
1674 if fp.IsDropbox() && !authorize(cc.Account.Access, accessViewDropBoxes) {
1675 res = append(res, cc.NewErrReply(t, "You are not allowed to view drop boxes."))
1676 return res, err
1677 }
1678
1679 fileNames, err := getFileNameList(fullPath)
1680 if err != nil {
1681 return res, err
1682 }
1683
1684 res = append(res, cc.NewReply(t, fileNames...))
1685
1686 return res, err
1687 }
1688
1689 // =================================
1690 // Hotline private chat flow
1691 // =================================
1692 // 1. ClientA sends tranInviteNewChat to server with user ID to invite
1693 // 2. Server creates new ChatID
1694 // 3. Server sends tranInviteToChat to invitee
1695 // 4. Server replies to ClientA with new Chat ID
1696 //
1697 // A dialog box pops up in the invitee client with options to accept or decline the invitation.
1698 // If Accepted is clicked:
1699 // 1. ClientB sends tranJoinChat with fieldChatID
1700
1701 // HandleInviteNewChat invites users to new private chat
1702 func HandleInviteNewChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1703 if !authorize(cc.Account.Access, accessOpenChat) {
1704 res = append(res, cc.NewErrReply(t, "You are not allowed to request private chat."))
1705 return res, err
1706 }
1707
1708 // Client to Invite
1709 targetID := t.GetField(fieldUserID).Data
1710 newChatID := cc.Server.NewPrivateChat(cc)
1711
1712 res = append(res,
1713 *NewTransaction(
1714 tranInviteToChat,
1715 &targetID,
1716 NewField(fieldChatID, newChatID),
1717 NewField(fieldUserName, cc.UserName),
1718 NewField(fieldUserID, *cc.ID),
1719 ),
1720 )
1721
1722 res = append(res,
1723 cc.NewReply(t,
1724 NewField(fieldChatID, newChatID),
1725 NewField(fieldUserName, cc.UserName),
1726 NewField(fieldUserID, *cc.ID),
1727 NewField(fieldUserIconID, *cc.Icon),
1728 NewField(fieldUserFlags, *cc.Flags),
1729 ),
1730 )
1731
1732 return res, err
1733 }
1734
1735 func HandleInviteToChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1736 if !authorize(cc.Account.Access, accessOpenChat) {
1737 res = append(res, cc.NewErrReply(t, "You are not allowed to request private chat."))
1738 return res, err
1739 }
1740
1741 // Client to Invite
1742 targetID := t.GetField(fieldUserID).Data
1743 chatID := t.GetField(fieldChatID).Data
1744
1745 res = append(res,
1746 *NewTransaction(
1747 tranInviteToChat,
1748 &targetID,
1749 NewField(fieldChatID, chatID),
1750 NewField(fieldUserName, cc.UserName),
1751 NewField(fieldUserID, *cc.ID),
1752 ),
1753 )
1754 res = append(res,
1755 cc.NewReply(
1756 t,
1757 NewField(fieldChatID, chatID),
1758 NewField(fieldUserName, cc.UserName),
1759 NewField(fieldUserID, *cc.ID),
1760 NewField(fieldUserIconID, *cc.Icon),
1761 NewField(fieldUserFlags, *cc.Flags),
1762 ),
1763 )
1764
1765 return res, err
1766 }
1767
1768 func HandleRejectChatInvite(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1769 chatID := t.GetField(fieldChatID).Data
1770 chatInt := binary.BigEndian.Uint32(chatID)
1771
1772 privChat := cc.Server.PrivateChats[chatInt]
1773
1774 resMsg := append(cc.UserName, []byte(" declined invitation to chat")...)
1775
1776 for _, c := range sortedClients(privChat.ClientConn) {
1777 res = append(res,
1778 *NewTransaction(
1779 tranChatMsg,
1780 c.ID,
1781 NewField(fieldChatID, chatID),
1782 NewField(fieldData, resMsg),
1783 ),
1784 )
1785 }
1786
1787 return res, err
1788 }
1789
1790 // HandleJoinChat is sent from a v1.8+ Hotline client when the joins a private chat
1791 // Fields used in the reply:
1792 // * 115 Chat subject
1793 // * 300 User name with info (Optional)
1794 // * 300 (more user names with info)
1795 func HandleJoinChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1796 chatID := t.GetField(fieldChatID).Data
1797 chatInt := binary.BigEndian.Uint32(chatID)
1798
1799 privChat := cc.Server.PrivateChats[chatInt]
1800
1801 // Send tranNotifyChatChangeUser to current members of the chat to inform of new user
1802 for _, c := range sortedClients(privChat.ClientConn) {
1803 res = append(res,
1804 *NewTransaction(
1805 tranNotifyChatChangeUser,
1806 c.ID,
1807 NewField(fieldChatID, chatID),
1808 NewField(fieldUserName, cc.UserName),
1809 NewField(fieldUserID, *cc.ID),
1810 NewField(fieldUserIconID, *cc.Icon),
1811 NewField(fieldUserFlags, *cc.Flags),
1812 ),
1813 )
1814 }
1815
1816 privChat.ClientConn[cc.uint16ID()] = cc
1817
1818 replyFields := []Field{NewField(fieldChatSubject, []byte(privChat.Subject))}
1819 for _, c := range sortedClients(privChat.ClientConn) {
1820 user := User{
1821 ID: *c.ID,
1822 Icon: *c.Icon,
1823 Flags: *c.Flags,
1824 Name: string(c.UserName),
1825 }
1826
1827 replyFields = append(replyFields, NewField(fieldUsernameWithInfo, user.Payload()))
1828 }
1829
1830 res = append(res, cc.NewReply(t, replyFields...))
1831 return res, err
1832 }
1833
1834 // HandleLeaveChat is sent from a v1.8+ Hotline client when the user exits a private chat
1835 // Fields used in the request:
1836 // * 114 fieldChatID
1837 // Reply is not expected.
1838 func HandleLeaveChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1839 chatID := t.GetField(fieldChatID).Data
1840 chatInt := binary.BigEndian.Uint32(chatID)
1841
1842 privChat := cc.Server.PrivateChats[chatInt]
1843
1844 delete(privChat.ClientConn, cc.uint16ID())
1845
1846 // Notify members of the private chat that the user has left
1847 for _, c := range sortedClients(privChat.ClientConn) {
1848 res = append(res,
1849 *NewTransaction(
1850 tranNotifyChatDeleteUser,
1851 c.ID,
1852 NewField(fieldChatID, chatID),
1853 NewField(fieldUserID, *cc.ID),
1854 ),
1855 )
1856 }
1857
1858 return res, err
1859 }
1860
1861 // HandleSetChatSubject is sent from a v1.8+ Hotline client when the user sets a private chat subject
1862 // Fields used in the request:
1863 // * 114 Chat ID
1864 // * 115 Chat subject Chat subject string
1865 // Reply is not expected.
1866 func HandleSetChatSubject(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1867 chatID := t.GetField(fieldChatID).Data
1868 chatInt := binary.BigEndian.Uint32(chatID)
1869
1870 privChat := cc.Server.PrivateChats[chatInt]
1871 privChat.Subject = string(t.GetField(fieldChatSubject).Data)
1872
1873 for _, c := range sortedClients(privChat.ClientConn) {
1874 res = append(res,
1875 *NewTransaction(
1876 tranNotifyChatSubject,
1877 c.ID,
1878 NewField(fieldChatID, chatID),
1879 NewField(fieldChatSubject, t.GetField(fieldChatSubject).Data),
1880 ),
1881 )
1882 }
1883
1884 return res, err
1885 }
1886
1887 // HandleMakeAlias makes a filer alias using the specified path.
1888 // Fields used in the request:
1889 // 201 File name
1890 // 202 File path
1891 // 212 File new path Destination path
1892 //
1893 // Fields used in the reply:
1894 // None
1895 func HandleMakeAlias(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1896 if !authorize(cc.Account.Access, accessMakeAlias) {
1897 res = append(res, cc.NewErrReply(t, "You are not allowed to make aliases."))
1898 return res, err
1899 }
1900 fileName := t.GetField(fieldFileName).Data
1901 filePath := t.GetField(fieldFilePath).Data
1902 fileNewPath := t.GetField(fieldFileNewPath).Data
1903
1904 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
1905 if err != nil {
1906 return res, err
1907 }
1908
1909 fullNewFilePath, err := readPath(cc.Server.Config.FileRoot, fileNewPath, fileName)
1910 if err != nil {
1911 return res, err
1912 }
1913
1914 cc.Server.Logger.Debugw("Make alias", "src", fullFilePath, "dst", fullNewFilePath)
1915
1916 if err := cc.Server.FS.Symlink(fullFilePath, fullNewFilePath); err != nil {
1917 res = append(res, cc.NewErrReply(t, "Error creating alias"))
1918 return res, nil
1919 }
1920
1921 res = append(res, cc.NewReply(t))
1922 return res, err
1923 }
Friendship Quest remix of mobius, a hotline server in go #cli