]> git.r.bdr.sh - rbdr/mobius/blob - hotline/transaction_handlers.go
git.r.bdr.sh / rbdr / mobius / blob
? search:


c3b8c592bf2f5d8ea55a533ce5c6251544d9175e
[rbdr/mobius] / hotline / transaction_handlers.go
1 package hotline
2
3 import (
4 "bytes"
5 "encoding/binary"
6 "errors"
7 "fmt"
8 "gopkg.in/yaml.v3"
9 "io/ioutil"
10 "math/big"
11 "os"
12 "path"
13 "sort"
14 "strings"
15 "time"
16 )
17
18 type TransactionType struct {
19 Handler func(*ClientConn, *Transaction) ([]Transaction, error) // function for handling the transaction type
20 Name string // Name of transaction as it will appear in logging
21 RequiredFields []requiredField
22 }
23
24 var TransactionHandlers = map[uint16]TransactionType{
25 // Server initiated
26 tranChatMsg: {
27 Name: "tranChatMsg",
28 },
29 // Server initiated
30 tranNotifyChangeUser: {
31 Name: "tranNotifyChangeUser",
32 },
33 tranError: {
34 Name: "tranError",
35 },
36 tranShowAgreement: {
37 Name: "tranShowAgreement",
38 },
39 tranUserAccess: {
40 Name: "tranUserAccess",
41 },
42 tranNotifyDeleteUser: {
43 Name: "tranNotifyDeleteUser",
44 },
45 tranAgreed: {
46 Name: "tranAgreed",
47 Handler: HandleTranAgreed,
48 },
49 tranChatSend: {
50 Name: "tranChatSend",
51 Handler: HandleChatSend,
52 RequiredFields: []requiredField{
53 {
54 ID: fieldData,
55 minLen: 0,
56 },
57 },
58 },
59 tranDelNewsArt: {
60 Name: "tranDelNewsArt",
61 Handler: HandleDelNewsArt,
62 },
63 tranDelNewsItem: {
64 Name: "tranDelNewsItem",
65 Handler: HandleDelNewsItem,
66 },
67 tranDeleteFile: {
68 Name: "tranDeleteFile",
69 Handler: HandleDeleteFile,
70 },
71 tranDeleteUser: {
72 Name: "tranDeleteUser",
73 Handler: HandleDeleteUser,
74 },
75 tranDisconnectUser: {
76 Name: "tranDisconnectUser",
77 Handler: HandleDisconnectUser,
78 },
79 tranDownloadFile: {
80 Name: "tranDownloadFile",
81 Handler: HandleDownloadFile,
82 },
83 tranDownloadFldr: {
84 Name: "tranDownloadFldr",
85 Handler: HandleDownloadFolder,
86 },
87 tranGetClientInfoText: {
88 Name: "tranGetClientInfoText",
89 Handler: HandleGetClientConnInfoText,
90 },
91 tranGetFileInfo: {
92 Name: "tranGetFileInfo",
93 Handler: HandleGetFileInfo,
94 },
95 tranGetFileNameList: {
96 Name: "tranGetFileNameList",
97 Handler: HandleGetFileNameList,
98 },
99 tranGetMsgs: {
100 Name: "tranGetMsgs",
101 Handler: HandleGetMsgs,
102 },
103 tranGetNewsArtData: {
104 Name: "tranGetNewsArtData",
105 Handler: HandleGetNewsArtData,
106 },
107 tranGetNewsArtNameList: {
108 Name: "tranGetNewsArtNameList",
109 Handler: HandleGetNewsArtNameList,
110 },
111 tranGetNewsCatNameList: {
112 Name: "tranGetNewsCatNameList",
113 Handler: HandleGetNewsCatNameList,
114 },
115 tranGetUser: {
116 Name: "tranGetUser",
117 Handler: HandleGetUser,
118 },
119 tranGetUserNameList: {
120 Name: "tranHandleGetUserNameList",
121 Handler: HandleGetUserNameList,
122 },
123 tranInviteNewChat: {
124 Name: "tranInviteNewChat",
125 Handler: HandleInviteNewChat,
126 },
127 tranInviteToChat: {
128 Name: "tranInviteToChat",
129 Handler: HandleInviteToChat,
130 },
131 tranJoinChat: {
132 Name: "tranJoinChat",
133 Handler: HandleJoinChat,
134 },
135 tranKeepAlive: {
136 Name: "tranKeepAlive",
137 Handler: HandleKeepAlive,
138 },
139 tranLeaveChat: {
140 Name: "tranJoinChat",
141 Handler: HandleLeaveChat,
142 },
143 tranListUsers: {
144 Name: "tranListUsers",
145 Handler: HandleListUsers,
146 },
147 tranMoveFile: {
148 Name: "tranMoveFile",
149 Handler: HandleMoveFile,
150 },
151 tranNewFolder: {
152 Name: "tranNewFolder",
153 Handler: HandleNewFolder,
154 },
155 tranNewNewsCat: {
156 Name: "tranNewNewsCat",
157 Handler: HandleNewNewsCat,
158 },
159 tranNewNewsFldr: {
160 Name: "tranNewNewsFldr",
161 Handler: HandleNewNewsFldr,
162 },
163 tranNewUser: {
164 Name: "tranNewUser",
165 Handler: HandleNewUser,
166 },
167 tranUpdateUser: {
168 Name: "tranUpdateUser",
169 Handler: HandleUpdateUser,
170 },
171 tranOldPostNews: {
172 Name: "tranOldPostNews",
173 Handler: HandleTranOldPostNews,
174 },
175 tranPostNewsArt: {
176 Name: "tranPostNewsArt",
177 Handler: HandlePostNewsArt,
178 },
179 tranRejectChatInvite: {
180 Name: "tranRejectChatInvite",
181 Handler: HandleRejectChatInvite,
182 },
183 tranSendInstantMsg: {
184 Name: "tranSendInstantMsg",
185 Handler: HandleSendInstantMsg,
186 RequiredFields: []requiredField{
187 {
188 ID: fieldData,
189 minLen: 0,
190 },
191 {
192 ID: fieldUserID,
193 },
194 },
195 },
196 tranSetChatSubject: {
197 Name: "tranSetChatSubject",
198 Handler: HandleSetChatSubject,
199 },
200 tranMakeFileAlias: {
201 Name: "tranMakeFileAlias",
202 Handler: HandleMakeAlias,
203 RequiredFields: []requiredField{
204 {ID: fieldFileName, minLen: 1},
205 {ID: fieldFilePath, minLen: 1},
206 {ID: fieldFileNewPath, minLen: 1},
207 },
208 },
209 tranSetClientUserInfo: {
210 Name: "tranSetClientUserInfo",
211 Handler: HandleSetClientUserInfo,
212 },
213 tranSetFileInfo: {
214 Name: "tranSetFileInfo",
215 Handler: HandleSetFileInfo,
216 },
217 tranSetUser: {
218 Name: "tranSetUser",
219 Handler: HandleSetUser,
220 },
221 tranUploadFile: {
222 Name: "tranUploadFile",
223 Handler: HandleUploadFile,
224 },
225 tranUploadFldr: {
226 Name: "tranUploadFldr",
227 Handler: HandleUploadFolder,
228 },
229 tranUserBroadcast: {
230 Name: "tranUserBroadcast",
231 Handler: HandleUserBroadcast,
232 },
233 }
234
235 func HandleChatSend(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
236 if !authorize(cc.Account.Access, accessSendChat) {
237 res = append(res, cc.NewErrReply(t, "You are not allowed to participate in chat."))
238 return res, err
239 }
240
241 // Truncate long usernames
242 trunc := fmt.Sprintf("%13s", cc.UserName)
243 formattedMsg := fmt.Sprintf("\r%.14s: %s", trunc, t.GetField(fieldData).Data)
244
245 // By holding the option key, Hotline chat allows users to send /me formatted messages like:
246 // *** Halcyon does stuff
247 // This is indicated by the presence of the optional field fieldChatOptions in the transaction payload
248 if t.GetField(fieldChatOptions).Data != nil {
249 formattedMsg = fmt.Sprintf("\r*** %s %s", cc.UserName, t.GetField(fieldData).Data)
250 }
251
252 chatID := t.GetField(fieldChatID).Data
253 // a non-nil chatID indicates the message belongs to a private chat
254 if chatID != nil {
255 chatInt := binary.BigEndian.Uint32(chatID)
256 privChat := cc.Server.PrivateChats[chatInt]
257
258 clients := sortedClients(privChat.ClientConn)
259
260 // send the message to all connected clients of the private chat
261 for _, c := range clients {
262 res = append(res, *NewTransaction(
263 tranChatMsg,
264 c.ID,
265 NewField(fieldChatID, chatID),
266 NewField(fieldData, []byte(formattedMsg)),
267 ))
268 }
269 return res, err
270 }
271
272 for _, c := range sortedClients(cc.Server.Clients) {
273 // Filter out clients that do not have the read chat permission
274 if authorize(c.Account.Access, accessReadChat) {
275 res = append(res, *NewTransaction(tranChatMsg, c.ID, NewField(fieldData, []byte(formattedMsg))))
276 }
277 }
278
279 return res, err
280 }
281
282 // HandleSendInstantMsg sends instant message to the user on the current server.
283 // Fields used in the request:
284 // 103 User ID
285 // 113 Options
286 // One of the following values:
287 // - User message (myOpt_UserMessage = 1)
288 // - Refuse message (myOpt_RefuseMessage = 2)
289 // - Refuse chat (myOpt_RefuseChat = 3)
290 // - Automatic response (myOpt_AutomaticResponse = 4)"
291 // 101 Data Optional
292 // 214 Quoting message Optional
293 //
294 // Fields used in the reply:
295 // None
296 func HandleSendInstantMsg(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
297 msg := t.GetField(fieldData)
298 ID := t.GetField(fieldUserID)
299
300 reply := NewTransaction(
301 tranServerMsg,
302 &ID.Data,
303 NewField(fieldData, msg.Data),
304 NewField(fieldUserName, cc.UserName),
305 NewField(fieldUserID, *cc.ID),
306 NewField(fieldOptions, []byte{0, 1}),
307 )
308
309 // Later versions of Hotline include the original message in the fieldQuotingMsg field so
310 // the receiving client can display both the received message and what it is in reply to
311 if t.GetField(fieldQuotingMsg).Data != nil {
312 reply.Fields = append(reply.Fields, NewField(fieldQuotingMsg, t.GetField(fieldQuotingMsg).Data))
313 }
314
315 res = append(res, *reply)
316
317 id, _ := byteToInt(ID.Data)
318 otherClient, ok := cc.Server.Clients[uint16(id)]
319 if !ok {
320 return res, errors.New("invalid client ID")
321 }
322
323 // Respond with auto reply if other client has it enabled
324 if len(otherClient.AutoReply) > 0 {
325 res = append(res,
326 *NewTransaction(
327 tranServerMsg,
328 cc.ID,
329 NewField(fieldData, otherClient.AutoReply),
330 NewField(fieldUserName, otherClient.UserName),
331 NewField(fieldUserID, *otherClient.ID),
332 NewField(fieldOptions, []byte{0, 1}),
333 ),
334 )
335 }
336
337 res = append(res, cc.NewReply(t))
338
339 return res, err
340 }
341
342 func HandleGetFileInfo(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
343 fileName := t.GetField(fieldFileName).Data
344 filePath := t.GetField(fieldFilePath).Data
345
346 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
347 if err != nil {
348 return res, err
349 }
350
351 fw, err := newFileWrapper(cc.Server.FS, fullFilePath, 0)
352 if err != nil {
353 return res, err
354 }
355
356 res = append(res, cc.NewReply(t,
357 NewField(fieldFileName, []byte(fw.name)),
358 NewField(fieldFileTypeString, fw.ffo.FlatFileInformationFork.friendlyType()),
359 NewField(fieldFileCreatorString, fw.ffo.FlatFileInformationFork.friendlyCreator()),
360 NewField(fieldFileComment, fw.ffo.FlatFileInformationFork.Comment),
361 NewField(fieldFileType, fw.ffo.FlatFileInformationFork.TypeSignature),
362 NewField(fieldFileCreateDate, fw.ffo.FlatFileInformationFork.CreateDate),
363 NewField(fieldFileModifyDate, fw.ffo.FlatFileInformationFork.ModifyDate),
364 NewField(fieldFileSize, fw.totalSize()),
365 ))
366 return res, err
367 }
368
369 // HandleSetFileInfo updates a file or folder name and/or comment from the Get Info window
370 // Fields used in the request:
371 // * 201 File name
372 // * 202 File path Optional
373 // * 211 File new name Optional
374 // * 210 File comment Optional
375 // Fields used in the reply: None
376 func HandleSetFileInfo(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
377 fileName := t.GetField(fieldFileName).Data
378 filePath := t.GetField(fieldFilePath).Data
379
380 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
381 if err != nil {
382 return res, err
383 }
384
385 fi, err := cc.Server.FS.Stat(fullFilePath)
386 if err != nil {
387 return res, err
388 }
389
390 hlFile, err := newFileWrapper(cc.Server.FS, fullFilePath, 0)
391 if err != nil {
392 return res, err
393 }
394 if t.GetField(fieldFileComment).Data != nil {
395 switch mode := fi.Mode(); {
396 case mode.IsDir():
397 if !authorize(cc.Account.Access, accessSetFolderComment) {
398 res = append(res, cc.NewErrReply(t, "You are not allowed to set comments for folders."))
399 return res, err
400 }
401 case mode.IsRegular():
402 if !authorize(cc.Account.Access, accessSetFileComment) {
403 res = append(res, cc.NewErrReply(t, "You are not allowed to set comments for files."))
404 return res, err
405 }
406 }
407
408 hlFile.ffo.FlatFileInformationFork.setComment(t.GetField(fieldFileComment).Data)
409 w, err := hlFile.infoForkWriter()
410 if err != nil {
411 return res, err
412 }
413 _, err = w.Write(hlFile.ffo.FlatFileInformationFork.MarshalBinary())
414 if err != nil {
415 return res, err
416 }
417 }
418
419 fullNewFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, t.GetField(fieldFileNewName).Data)
420 if err != nil {
421 return nil, err
422 }
423
424 fileNewName := t.GetField(fieldFileNewName).Data
425
426 if fileNewName != nil {
427 switch mode := fi.Mode(); {
428 case mode.IsDir():
429 if !authorize(cc.Account.Access, accessRenameFolder) {
430 res = append(res, cc.NewErrReply(t, "You are not allowed to rename folders."))
431 return res, err
432 }
433 err = os.Rename(fullFilePath, fullNewFilePath)
434 if os.IsNotExist(err) {
435 res = append(res, cc.NewErrReply(t, "Cannot rename folder "+string(fileName)+" because it does not exist or cannot be found."))
436 return res, err
437 }
438 case mode.IsRegular():
439 if !authorize(cc.Account.Access, accessRenameFile) {
440 res = append(res, cc.NewErrReply(t, "You are not allowed to rename files."))
441 return res, err
442 }
443 fileDir, err := readPath(cc.Server.Config.FileRoot, filePath, []byte{})
444 if err != nil {
445 return nil, err
446 }
447 hlFile.name = string(fileNewName)
448 err = hlFile.move(fileDir)
449 if os.IsNotExist(err) {
450 res = append(res, cc.NewErrReply(t, "Cannot rename file "+string(fileName)+" because it does not exist or cannot be found."))
451 return res, err
452 }
453 if err != nil {
454 panic(err)
455 }
456 }
457 }
458
459 res = append(res, cc.NewReply(t))
460 return res, err
461 }
462
463 // HandleDeleteFile deletes a file or folder
464 // Fields used in the request:
465 // * 201 File name
466 // * 202 File path
467 // Fields used in the reply: none
468 func HandleDeleteFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
469 fileName := t.GetField(fieldFileName).Data
470 filePath := t.GetField(fieldFilePath).Data
471
472 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
473 if err != nil {
474 return res, err
475 }
476
477 hlFile, err := newFileWrapper(cc.Server.FS, fullFilePath, 0)
478 if err != nil {
479 return res, err
480 }
481
482 fi, err := hlFile.dataFile()
483 if err != nil {
484 res = append(res, cc.NewErrReply(t, "Cannot delete file "+string(fileName)+" because it does not exist or cannot be found."))
485 return res, nil
486 }
487
488 switch mode := fi.Mode(); {
489 case mode.IsDir():
490 if !authorize(cc.Account.Access, accessDeleteFolder) {
491 res = append(res, cc.NewErrReply(t, "You are not allowed to delete folders."))
492 return res, err
493 }
494 case mode.IsRegular():
495 if !authorize(cc.Account.Access, accessDeleteFile) {
496 res = append(res, cc.NewErrReply(t, "You are not allowed to delete files."))
497 return res, err
498 }
499 }
500
501 if err := hlFile.delete(); err != nil {
502 return res, err
503 }
504
505 res = append(res, cc.NewReply(t))
506 return res, err
507 }
508
509 // HandleMoveFile moves files or folders. Note: seemingly not documented
510 func HandleMoveFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
511 fileName := string(t.GetField(fieldFileName).Data)
512
513 filePath, err := readPath(cc.Server.Config.FileRoot, t.GetField(fieldFilePath).Data, t.GetField(fieldFileName).Data)
514 if err != nil {
515 return res, err
516 }
517
518 fileNewPath, err := readPath(cc.Server.Config.FileRoot, t.GetField(fieldFileNewPath).Data, nil)
519 if err != nil {
520 return res, err
521 }
522
523 cc.Server.Logger.Debugw("Move file", "src", filePath+"/"+fileName, "dst", fileNewPath+"/"+fileName)
524
525 hlFile, err := newFileWrapper(cc.Server.FS, filePath, 0)
526
527 fi, err := hlFile.dataFile()
528 if err != nil {
529 res = append(res, cc.NewErrReply(t, "Cannot delete file "+fileName+" because it does not exist or cannot be found."))
530 return res, err
531 }
532 if err != nil {
533 return res, err
534 }
535 switch mode := fi.Mode(); {
536 case mode.IsDir():
537 if !authorize(cc.Account.Access, accessMoveFolder) {
538 res = append(res, cc.NewErrReply(t, "You are not allowed to move folders."))
539 return res, err
540 }
541 case mode.IsRegular():
542 if !authorize(cc.Account.Access, accessMoveFile) {
543 res = append(res, cc.NewErrReply(t, "You are not allowed to move files."))
544 return res, err
545 }
546 }
547 if err := hlFile.move(fileNewPath); err != nil {
548 return res, err
549 }
550 // TODO: handle other possible errors; e.g. fileWrapper delete fails due to fileWrapper permission issue
551
552 res = append(res, cc.NewReply(t))
553 return res, err
554 }
555
556 func HandleNewFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
557 if !authorize(cc.Account.Access, accessCreateFolder) {
558 res = append(res, cc.NewErrReply(t, "You are not allowed to create folders."))
559 return res, err
560 }
561 newFolderPath := cc.Server.Config.FileRoot
562 folderName := string(t.GetField(fieldFileName).Data)
563
564 folderName = path.Join("/", folderName)
565
566 // fieldFilePath is only present for nested paths
567 if t.GetField(fieldFilePath).Data != nil {
568 var newFp FilePath
569 err := newFp.UnmarshalBinary(t.GetField(fieldFilePath).Data)
570 if err != nil {
571 return nil, err
572 }
573 newFolderPath += newFp.String()
574 }
575 newFolderPath = path.Join(newFolderPath, folderName)
576
577 // TODO: check path and folder name lengths
578
579 if _, err := cc.Server.FS.Stat(newFolderPath); !os.IsNotExist(err) {
580 msg := fmt.Sprintf("Cannot create folder \"%s\" because there is already a file or folder with that name.", folderName)
581 return []Transaction{cc.NewErrReply(t, msg)}, nil
582 }
583
584 // TODO: check for disallowed characters to maintain compatibility for original client
585
586 if err := cc.Server.FS.Mkdir(newFolderPath, 0777); err != nil {
587 msg := fmt.Sprintf("Cannot create folder \"%s\" because an error occurred.", folderName)
588 return []Transaction{cc.NewErrReply(t, msg)}, nil
589 }
590
591 res = append(res, cc.NewReply(t))
592 return res, err
593 }
594
595 func HandleSetUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
596 if !authorize(cc.Account.Access, accessModifyUser) {
597 res = append(res, cc.NewErrReply(t, "You are not allowed to modify accounts."))
598 return res, err
599 }
600
601 login := DecodeUserString(t.GetField(fieldUserLogin).Data)
602 userName := string(t.GetField(fieldUserName).Data)
603
604 newAccessLvl := t.GetField(fieldUserAccess).Data
605
606 account := cc.Server.Accounts[login]
607 account.Access = &newAccessLvl
608 account.Name = userName
609
610 // If the password field is cleared in the Hotline edit user UI, the SetUser transaction does
611 // not include fieldUserPassword
612 if t.GetField(fieldUserPassword).Data == nil {
613 account.Password = hashAndSalt([]byte(""))
614 }
615 if len(t.GetField(fieldUserPassword).Data) > 1 {
616 account.Password = hashAndSalt(t.GetField(fieldUserPassword).Data)
617 }
618
619 out, err := yaml.Marshal(&account)
620 if err != nil {
621 return res, err
622 }
623 if err := os.WriteFile(cc.Server.ConfigDir+"Users/"+login+".yaml", out, 0666); err != nil {
624 return res, err
625 }
626
627 // Notify connected clients logged in as the user of the new access level
628 for _, c := range cc.Server.Clients {
629 if c.Account.Login == login {
630 // Note: comment out these two lines to test server-side deny messages
631 newT := NewTransaction(tranUserAccess, c.ID, NewField(fieldUserAccess, newAccessLvl))
632 res = append(res, *newT)
633
634 flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(*c.Flags)))
635 if authorize(c.Account.Access, accessDisconUser) {
636 flagBitmap.SetBit(flagBitmap, userFlagAdmin, 1)
637 } else {
638 flagBitmap.SetBit(flagBitmap, userFlagAdmin, 0)
639 }
640 binary.BigEndian.PutUint16(*c.Flags, uint16(flagBitmap.Int64()))
641
642 c.Account.Access = account.Access
643
644 cc.sendAll(
645 tranNotifyChangeUser,
646 NewField(fieldUserID, *c.ID),
647 NewField(fieldUserFlags, *c.Flags),
648 NewField(fieldUserName, c.UserName),
649 NewField(fieldUserIconID, *c.Icon),
650 )
651 }
652 }
653
654 res = append(res, cc.NewReply(t))
655 return res, err
656 }
657
658 func HandleGetUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
659 if !authorize(cc.Account.Access, accessOpenUser) {
660 res = append(res, cc.NewErrReply(t, "You are not allowed to view accounts."))
661 return res, err
662 }
663
664 account := cc.Server.Accounts[string(t.GetField(fieldUserLogin).Data)]
665 if account == nil {
666 res = append(res, cc.NewErrReply(t, "Account does not exist."))
667 return res, err
668 }
669
670 res = append(res, cc.NewReply(t,
671 NewField(fieldUserName, []byte(account.Name)),
672 NewField(fieldUserLogin, negateString(t.GetField(fieldUserLogin).Data)),
673 NewField(fieldUserPassword, []byte(account.Password)),
674 NewField(fieldUserAccess, *account.Access),
675 ))
676 return res, err
677 }
678
679 func HandleListUsers(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
680 if !authorize(cc.Account.Access, accessOpenUser) {
681 res = append(res, cc.NewErrReply(t, "You are not allowed to view accounts."))
682 return res, err
683 }
684
685 var userFields []Field
686 for _, acc := range cc.Server.Accounts {
687 userField := acc.MarshalBinary()
688 userFields = append(userFields, NewField(fieldData, userField))
689 }
690
691 res = append(res, cc.NewReply(t, userFields...))
692 return res, err
693 }
694
695 // HandleUpdateUser is used by the v1.5+ multi-user editor to perform account editing for multiple users at a time.
696 // An update can be a mix of these actions:
697 // * Create user
698 // * Delete user
699 // * Modify user (including renaming the account login)
700 //
701 // The Transaction sent by the client includes one data field per user that was modified. This data field in turn
702 // contains another data field encoded in its payload with a varying number of sub fields depending on which action is
703 // performed. This seems to be the only place in the Hotline protocol where a data field contains another data field.
704 func HandleUpdateUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
705 for _, field := range t.Fields {
706 subFields, err := ReadFields(field.Data[0:2], field.Data[2:])
707 if err != nil {
708 return res, err
709 }
710
711 if len(subFields) == 1 {
712 login := DecodeUserString(getField(fieldData, &subFields).Data)
713 cc.Server.Logger.Infow("DeleteUser", "login", login)
714
715 if !authorize(cc.Account.Access, accessDeleteUser) {
716 res = append(res, cc.NewErrReply(t, "You are not allowed to delete accounts."))
717 return res, err
718 }
719
720 if err := cc.Server.DeleteUser(login); err != nil {
721 return res, err
722 }
723 continue
724 }
725
726 login := DecodeUserString(getField(fieldUserLogin, &subFields).Data)
727
728 // check if the login dataFile; if so, we know we are updating an existing user
729 if acc, ok := cc.Server.Accounts[login]; ok {
730 cc.Server.Logger.Infow("UpdateUser", "login", login)
731
732 // account dataFile, so this is an update action
733 if !authorize(cc.Account.Access, accessModifyUser) {
734 res = append(res, cc.NewErrReply(t, "You are not allowed to modify accounts."))
735 return res, err
736 }
737
738 if getField(fieldUserPassword, &subFields) != nil {
739 newPass := getField(fieldUserPassword, &subFields).Data
740 acc.Password = hashAndSalt(newPass)
741 } else {
742 acc.Password = hashAndSalt([]byte(""))
743 }
744
745 if getField(fieldUserAccess, &subFields) != nil {
746 acc.Access = &getField(fieldUserAccess, &subFields).Data
747 }
748
749 err = cc.Server.UpdateUser(
750 DecodeUserString(getField(fieldData, &subFields).Data),
751 DecodeUserString(getField(fieldUserLogin, &subFields).Data),
752 string(getField(fieldUserName, &subFields).Data),
753 acc.Password,
754 *acc.Access,
755 )
756 if err != nil {
757 return res, err
758 }
759 } else {
760 cc.Server.Logger.Infow("CreateUser", "login", login)
761
762 if !authorize(cc.Account.Access, accessCreateUser) {
763 res = append(res, cc.NewErrReply(t, "You are not allowed to create new accounts."))
764 return res, err
765 }
766
767 err := cc.Server.NewUser(
768 login,
769 string(getField(fieldUserName, &subFields).Data),
770 string(getField(fieldUserPassword, &subFields).Data),
771 getField(fieldUserAccess, &subFields).Data,
772 )
773 if err != nil {
774 return []Transaction{}, err
775 }
776 }
777 }
778
779 res = append(res, cc.NewReply(t))
780 return res, err
781 }
782
783 // HandleNewUser creates a new user account
784 func HandleNewUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
785 if !authorize(cc.Account.Access, accessCreateUser) {
786 res = append(res, cc.NewErrReply(t, "You are not allowed to create new accounts."))
787 return res, err
788 }
789
790 login := DecodeUserString(t.GetField(fieldUserLogin).Data)
791
792 // If the account already dataFile, reply with an error
793 if _, ok := cc.Server.Accounts[login]; ok {
794 res = append(res, cc.NewErrReply(t, "Cannot create account "+login+" because there is already an account with that login."))
795 return res, err
796 }
797
798 if err := cc.Server.NewUser(
799 login,
800 string(t.GetField(fieldUserName).Data),
801 string(t.GetField(fieldUserPassword).Data),
802 t.GetField(fieldUserAccess).Data,
803 ); err != nil {
804 return []Transaction{}, err
805 }
806
807 res = append(res, cc.NewReply(t))
808 return res, err
809 }
810
811 func HandleDeleteUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
812 if !authorize(cc.Account.Access, accessDeleteUser) {
813 res = append(res, cc.NewErrReply(t, "You are not allowed to delete accounts."))
814 return res, err
815 }
816
817 // TODO: Handle case where account doesn't exist; e.g. delete race condition
818 login := DecodeUserString(t.GetField(fieldUserLogin).Data)
819
820 if err := cc.Server.DeleteUser(login); err != nil {
821 return res, err
822 }
823
824 res = append(res, cc.NewReply(t))
825 return res, err
826 }
827
828 // HandleUserBroadcast sends an Administrator Message to all connected clients of the server
829 func HandleUserBroadcast(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
830 if !authorize(cc.Account.Access, accessBroadcast) {
831 res = append(res, cc.NewErrReply(t, "You are not allowed to send broadcast messages."))
832 return res, err
833 }
834
835 cc.sendAll(
836 tranServerMsg,
837 NewField(fieldData, t.GetField(tranGetMsgs).Data),
838 NewField(fieldChatOptions, []byte{0}),
839 )
840
841 res = append(res, cc.NewReply(t))
842 return res, err
843 }
844
845 func byteToInt(bytes []byte) (int, error) {
846 switch len(bytes) {
847 case 2:
848 return int(binary.BigEndian.Uint16(bytes)), nil
849 case 4:
850 return int(binary.BigEndian.Uint32(bytes)), nil
851 }
852
853 return 0, errors.New("unknown byte length")
854 }
855
856 func HandleGetClientConnInfoText(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
857 if !authorize(cc.Account.Access, accessGetClientInfo) {
858 res = append(res, cc.NewErrReply(t, "You are not allowed to get client info"))
859 return res, err
860 }
861
862 clientID, _ := byteToInt(t.GetField(fieldUserID).Data)
863
864 clientConn := cc.Server.Clients[uint16(clientID)]
865 if clientConn == nil {
866 return res, errors.New("invalid client")
867 }
868
869 // TODO: Implement non-hardcoded values
870 template := `Nickname: %s
871 Name: %s
872 Account: %s
873 Address: %s
874
875 -------- File Downloads ---------
876
877 %s
878
879 ------- Folder Downloads --------
880
881 None.
882
883 --------- File Uploads ----------
884
885 None.
886
887 -------- Folder Uploads ---------
888
889 None.
890
891 ------- Waiting Downloads -------
892
893 None.
894
895 `
896
897 activeDownloads := clientConn.Transfers[FileDownload]
898 activeDownloadList := "None."
899 for _, dl := range activeDownloads {
900 activeDownloadList += dl.String() + "\n"
901 }
902
903 template = fmt.Sprintf(
904 template,
905 clientConn.UserName,
906 clientConn.Account.Name,
907 clientConn.Account.Login,
908 clientConn.RemoteAddr,
909 activeDownloadList,
910 )
911 template = strings.Replace(template, "\n", "\r", -1)
912
913 res = append(res, cc.NewReply(t,
914 NewField(fieldData, []byte(template)),
915 NewField(fieldUserName, clientConn.UserName),
916 ))
917 return res, err
918 }
919
920 func HandleGetUserNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
921 res = append(res, cc.NewReply(t, cc.Server.connectedUsers()...))
922
923 return res, err
924 }
925
926 func HandleTranAgreed(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
927 cc.Agreed = true
928 cc.UserName = t.GetField(fieldUserName).Data
929 *cc.Icon = t.GetField(fieldUserIconID).Data
930
931 options := t.GetField(fieldOptions).Data
932 optBitmap := big.NewInt(int64(binary.BigEndian.Uint16(options)))
933
934 flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(*cc.Flags)))
935
936 // Check refuse private PM option
937 if optBitmap.Bit(refusePM) == 1 {
938 flagBitmap.SetBit(flagBitmap, userFlagRefusePM, 1)
939 binary.BigEndian.PutUint16(*cc.Flags, uint16(flagBitmap.Int64()))
940 }
941
942 // Check refuse private chat option
943 if optBitmap.Bit(refuseChat) == 1 {
944 flagBitmap.SetBit(flagBitmap, userFLagRefusePChat, 1)
945 binary.BigEndian.PutUint16(*cc.Flags, uint16(flagBitmap.Int64()))
946 }
947
948 // Check auto response
949 if optBitmap.Bit(autoResponse) == 1 {
950 cc.AutoReply = t.GetField(fieldAutomaticResponse).Data
951 } else {
952 cc.AutoReply = []byte{}
953 }
954
955 cc.notifyOthers(
956 *NewTransaction(
957 tranNotifyChangeUser, nil,
958 NewField(fieldUserName, cc.UserName),
959 NewField(fieldUserID, *cc.ID),
960 NewField(fieldUserIconID, *cc.Icon),
961 NewField(fieldUserFlags, *cc.Flags),
962 ),
963 )
964
965 res = append(res, cc.NewReply(t))
966
967 return res, err
968 }
969
970 const defaultNewsDateFormat = "Jan02 15:04" // Jun23 20:49
971 // "Mon, 02 Jan 2006 15:04:05 MST"
972
973 const defaultNewsTemplate = `From %s (%s):
974
975 %s
976
977 __________________________________________________________`
978
979 // HandleTranOldPostNews updates the flat news
980 // Fields used in this request:
981 // 101 Data
982 func HandleTranOldPostNews(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
983 if !authorize(cc.Account.Access, accessNewsPostArt) {
984 res = append(res, cc.NewErrReply(t, "You are not allowed to post news."))
985 return res, err
986 }
987
988 cc.Server.flatNewsMux.Lock()
989 defer cc.Server.flatNewsMux.Unlock()
990
991 newsDateTemplate := defaultNewsDateFormat
992 if cc.Server.Config.NewsDateFormat != "" {
993 newsDateTemplate = cc.Server.Config.NewsDateFormat
994 }
995
996 newsTemplate := defaultNewsTemplate
997 if cc.Server.Config.NewsDelimiter != "" {
998 newsTemplate = cc.Server.Config.NewsDelimiter
999 }
1000
1001 newsPost := fmt.Sprintf(newsTemplate+"\r", cc.UserName, time.Now().Format(newsDateTemplate), t.GetField(fieldData).Data)
1002 newsPost = strings.Replace(newsPost, "\n", "\r", -1)
1003
1004 // update news in memory
1005 cc.Server.FlatNews = append([]byte(newsPost), cc.Server.FlatNews...)
1006
1007 // update news on disk
1008 if err := ioutil.WriteFile(cc.Server.ConfigDir+"MessageBoard.txt", cc.Server.FlatNews, 0644); err != nil {
1009 return res, err
1010 }
1011
1012 // Notify all clients of updated news
1013 cc.sendAll(
1014 tranNewMsg,
1015 NewField(fieldData, []byte(newsPost)),
1016 )
1017
1018 res = append(res, cc.NewReply(t))
1019 return res, err
1020 }
1021
1022 func HandleDisconnectUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1023 if !authorize(cc.Account.Access, accessDisconUser) {
1024 res = append(res, cc.NewErrReply(t, "You are not allowed to disconnect users."))
1025 return res, err
1026 }
1027
1028 clientConn := cc.Server.Clients[binary.BigEndian.Uint16(t.GetField(fieldUserID).Data)]
1029
1030 if authorize(clientConn.Account.Access, accessCannotBeDiscon) {
1031 res = append(res, cc.NewErrReply(t, clientConn.Account.Login+" is not allowed to be disconnected."))
1032 return res, err
1033 }
1034
1035 if err := clientConn.Connection.Close(); err != nil {
1036 return res, err
1037 }
1038
1039 res = append(res, cc.NewReply(t))
1040 return res, err
1041 }
1042
1043 // HandleGetNewsCatNameList returns a list of news categories for a path
1044 // Fields used in the request:
1045 // 325 News path (Optional)
1046 func HandleGetNewsCatNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1047 if !authorize(cc.Account.Access, accessNewsReadArt) {
1048 res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
1049 return res, err
1050 }
1051
1052 newsPath := t.GetField(fieldNewsPath).Data
1053 cc.Server.Logger.Infow("NewsPath: ", "np", string(newsPath))
1054
1055 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1056 cats := cc.Server.GetNewsCatByPath(pathStrs)
1057
1058 // To store the keys in slice in sorted order
1059 keys := make([]string, len(cats))
1060 i := 0
1061 for k := range cats {
1062 keys[i] = k
1063 i++
1064 }
1065 sort.Strings(keys)
1066
1067 var fieldData []Field
1068 for _, k := range keys {
1069 cat := cats[k]
1070 b, _ := cat.MarshalBinary()
1071 fieldData = append(fieldData, NewField(
1072 fieldNewsCatListData15,
1073 b,
1074 ))
1075 }
1076
1077 res = append(res, cc.NewReply(t, fieldData...))
1078 return res, err
1079 }
1080
1081 func HandleNewNewsCat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1082 if !authorize(cc.Account.Access, accessNewsCreateCat) {
1083 res = append(res, cc.NewErrReply(t, "You are not allowed to create news categories."))
1084 return res, err
1085 }
1086
1087 name := string(t.GetField(fieldNewsCatName).Data)
1088 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1089
1090 cats := cc.Server.GetNewsCatByPath(pathStrs)
1091 cats[name] = NewsCategoryListData15{
1092 Name: name,
1093 Type: []byte{0, 3},
1094 Articles: map[uint32]*NewsArtData{},
1095 SubCats: make(map[string]NewsCategoryListData15),
1096 }
1097
1098 if err := cc.Server.writeThreadedNews(); err != nil {
1099 return res, err
1100 }
1101 res = append(res, cc.NewReply(t))
1102 return res, err
1103 }
1104
1105 // Fields used in the request:
1106 // 322 News category name
1107 // 325 News path
1108 func HandleNewNewsFldr(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1109 if !authorize(cc.Account.Access, accessNewsCreateFldr) {
1110 res = append(res, cc.NewErrReply(t, "You are not allowed to create news folders."))
1111 return res, err
1112 }
1113
1114 name := string(t.GetField(fieldFileName).Data)
1115 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1116
1117 cc.Server.Logger.Infof("Creating new news folder %s", name)
1118
1119 cats := cc.Server.GetNewsCatByPath(pathStrs)
1120 cats[name] = NewsCategoryListData15{
1121 Name: name,
1122 Type: []byte{0, 2},
1123 Articles: map[uint32]*NewsArtData{},
1124 SubCats: make(map[string]NewsCategoryListData15),
1125 }
1126 if err := cc.Server.writeThreadedNews(); err != nil {
1127 return res, err
1128 }
1129 res = append(res, cc.NewReply(t))
1130 return res, err
1131 }
1132
1133 // Fields used in the request:
1134 // 325 News path Optional
1135 //
1136 // Reply fields:
1137 // 321 News article list data Optional
1138 func HandleGetNewsArtNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1139 if !authorize(cc.Account.Access, accessNewsReadArt) {
1140 res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
1141 return res, err
1142 }
1143 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1144
1145 var cat NewsCategoryListData15
1146 cats := cc.Server.ThreadedNews.Categories
1147
1148 for _, fp := range pathStrs {
1149 cat = cats[fp]
1150 cats = cats[fp].SubCats
1151 }
1152
1153 nald := cat.GetNewsArtListData()
1154
1155 res = append(res, cc.NewReply(t, NewField(fieldNewsArtListData, nald.Payload())))
1156 return res, err
1157 }
1158
1159 func HandleGetNewsArtData(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1160 if !authorize(cc.Account.Access, accessNewsReadArt) {
1161 res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
1162 return res, err
1163 }
1164
1165 // Request fields
1166 // 325 News fp
1167 // 326 News article ID
1168 // 327 News article data flavor
1169
1170 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1171
1172 var cat NewsCategoryListData15
1173 cats := cc.Server.ThreadedNews.Categories
1174
1175 for _, fp := range pathStrs {
1176 cat = cats[fp]
1177 cats = cats[fp].SubCats
1178 }
1179 newsArtID := t.GetField(fieldNewsArtID).Data
1180
1181 convertedArtID := binary.BigEndian.Uint16(newsArtID)
1182
1183 art := cat.Articles[uint32(convertedArtID)]
1184 if art == nil {
1185 res = append(res, cc.NewReply(t))
1186 return res, err
1187 }
1188
1189 // Reply fields
1190 // 328 News article title
1191 // 329 News article poster
1192 // 330 News article date
1193 // 331 Previous article ID
1194 // 332 Next article ID
1195 // 335 Parent article ID
1196 // 336 First child article ID
1197 // 327 News article data flavor "Should be “text/plain”
1198 // 333 News article data Optional (if data flavor is “text/plain”)
1199
1200 res = append(res, cc.NewReply(t,
1201 NewField(fieldNewsArtTitle, []byte(art.Title)),
1202 NewField(fieldNewsArtPoster, []byte(art.Poster)),
1203 NewField(fieldNewsArtDate, art.Date),
1204 NewField(fieldNewsArtPrevArt, art.PrevArt),
1205 NewField(fieldNewsArtNextArt, art.NextArt),
1206 NewField(fieldNewsArtParentArt, art.ParentArt),
1207 NewField(fieldNewsArt1stChildArt, art.FirstChildArt),
1208 NewField(fieldNewsArtDataFlav, []byte("text/plain")),
1209 NewField(fieldNewsArtData, []byte(art.Data)),
1210 ))
1211 return res, err
1212 }
1213
1214 func HandleDelNewsItem(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1215 // Has multiple access flags: News Delete Folder (37) or News Delete Category (35)
1216 // TODO: Implement
1217
1218 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1219
1220 // TODO: determine if path is a Folder (Bundle) or Category and check for permission
1221
1222 cc.Server.Logger.Infof("DelNewsItem %v", pathStrs)
1223
1224 cats := cc.Server.ThreadedNews.Categories
1225
1226 delName := pathStrs[len(pathStrs)-1]
1227 if len(pathStrs) > 1 {
1228 for _, fp := range pathStrs[0 : len(pathStrs)-1] {
1229 cats = cats[fp].SubCats
1230 }
1231 }
1232
1233 delete(cats, delName)
1234
1235 err = cc.Server.writeThreadedNews()
1236 if err != nil {
1237 return res, err
1238 }
1239
1240 // Reply params: none
1241 res = append(res, cc.NewReply(t))
1242
1243 return res, err
1244 }
1245
1246 func HandleDelNewsArt(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1247 if !authorize(cc.Account.Access, accessNewsDeleteArt) {
1248 res = append(res, cc.NewErrReply(t, "You are not allowed to delete news articles."))
1249 return res, err
1250 }
1251
1252 // Request Fields
1253 // 325 News path
1254 // 326 News article ID
1255 // 337 News article – recursive delete Delete child articles (1) or not (0)
1256 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1257 ID := binary.BigEndian.Uint16(t.GetField(fieldNewsArtID).Data)
1258
1259 // TODO: Delete recursive
1260 cats := cc.Server.GetNewsCatByPath(pathStrs[:len(pathStrs)-1])
1261
1262 catName := pathStrs[len(pathStrs)-1]
1263 cat := cats[catName]
1264
1265 delete(cat.Articles, uint32(ID))
1266
1267 cats[catName] = cat
1268 if err := cc.Server.writeThreadedNews(); err != nil {
1269 return res, err
1270 }
1271
1272 res = append(res, cc.NewReply(t))
1273 return res, err
1274 }
1275
1276 // Request fields
1277 // 325 News path
1278 // 326 News article ID ID of the parent article?
1279 // 328 News article title
1280 // 334 News article flags
1281 // 327 News article data flavor Currently “text/plain”
1282 // 333 News article data
1283 func HandlePostNewsArt(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1284 if !authorize(cc.Account.Access, accessNewsPostArt) {
1285 res = append(res, cc.NewErrReply(t, "You are not allowed to post news articles."))
1286 return res, err
1287 }
1288
1289 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1290 cats := cc.Server.GetNewsCatByPath(pathStrs[:len(pathStrs)-1])
1291
1292 catName := pathStrs[len(pathStrs)-1]
1293 cat := cats[catName]
1294
1295 newArt := NewsArtData{
1296 Title: string(t.GetField(fieldNewsArtTitle).Data),
1297 Poster: string(cc.UserName),
1298 Date: toHotlineTime(time.Now()),
1299 PrevArt: []byte{0, 0, 0, 0},
1300 NextArt: []byte{0, 0, 0, 0},
1301 ParentArt: append([]byte{0, 0}, t.GetField(fieldNewsArtID).Data...),
1302 FirstChildArt: []byte{0, 0, 0, 0},
1303 DataFlav: []byte("text/plain"),
1304 Data: string(t.GetField(fieldNewsArtData).Data),
1305 }
1306
1307 var keys []int
1308 for k := range cat.Articles {
1309 keys = append(keys, int(k))
1310 }
1311
1312 nextID := uint32(1)
1313 if len(keys) > 0 {
1314 sort.Ints(keys)
1315 prevID := uint32(keys[len(keys)-1])
1316 nextID = prevID + 1
1317
1318 binary.BigEndian.PutUint32(newArt.PrevArt, prevID)
1319
1320 // Set next article ID
1321 binary.BigEndian.PutUint32(cat.Articles[prevID].NextArt, nextID)
1322 }
1323
1324 // Update parent article with first child reply
1325 parentID := binary.BigEndian.Uint16(t.GetField(fieldNewsArtID).Data)
1326 if parentID != 0 {
1327 parentArt := cat.Articles[uint32(parentID)]
1328
1329 if bytes.Equal(parentArt.FirstChildArt, []byte{0, 0, 0, 0}) {
1330 binary.BigEndian.PutUint32(parentArt.FirstChildArt, nextID)
1331 }
1332 }
1333
1334 cat.Articles[nextID] = &newArt
1335
1336 cats[catName] = cat
1337 if err := cc.Server.writeThreadedNews(); err != nil {
1338 return res, err
1339 }
1340
1341 res = append(res, cc.NewReply(t))
1342 return res, err
1343 }
1344
1345 // HandleGetMsgs returns the flat news data
1346 func HandleGetMsgs(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1347 if !authorize(cc.Account.Access, accessNewsReadArt) {
1348 res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
1349 return res, err
1350 }
1351
1352 res = append(res, cc.NewReply(t, NewField(fieldData, cc.Server.FlatNews)))
1353
1354 return res, err
1355 }
1356
1357 func HandleDownloadFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1358 if !authorize(cc.Account.Access, accessDownloadFile) {
1359 res = append(res, cc.NewErrReply(t, "You are not allowed to download files."))
1360 return res, err
1361 }
1362
1363 fileName := t.GetField(fieldFileName).Data
1364 filePath := t.GetField(fieldFilePath).Data
1365 resumeData := t.GetField(fieldFileResumeData).Data
1366
1367 var dataOffset int64
1368 var frd FileResumeData
1369 if resumeData != nil {
1370 if err := frd.UnmarshalBinary(t.GetField(fieldFileResumeData).Data); err != nil {
1371 return res, err
1372 }
1373 // TODO: handle rsrc fork offset
1374 dataOffset = int64(binary.BigEndian.Uint32(frd.ForkInfoList[0].DataSize[:]))
1375 }
1376
1377 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
1378 if err != nil {
1379 return res, err
1380 }
1381
1382 hlFile, err := newFileWrapper(cc.Server.FS, fullFilePath, dataOffset)
1383 if err != nil {
1384 return res, err
1385 }
1386
1387 transactionRef := cc.Server.NewTransactionRef()
1388 data := binary.BigEndian.Uint32(transactionRef)
1389
1390 ft := &FileTransfer{
1391 FileName: fileName,
1392 FilePath: filePath,
1393 ReferenceNumber: transactionRef,
1394 Type: FileDownload,
1395 }
1396
1397 // TODO: refactor to remove this
1398 if resumeData != nil {
1399 var frd FileResumeData
1400 if err := frd.UnmarshalBinary(t.GetField(fieldFileResumeData).Data); err != nil {
1401 return res, err
1402 }
1403 ft.fileResumeData = &frd
1404 }
1405
1406 xferSize := hlFile.ffo.TransferSize(0)
1407
1408 // Optional field for when a HL v1.5+ client requests file preview
1409 // Used only for TEXT, JPEG, GIFF, BMP or PICT files
1410 // The value will always be 2
1411 if t.GetField(fieldFileTransferOptions).Data != nil {
1412 ft.options = t.GetField(fieldFileTransferOptions).Data
1413 xferSize = hlFile.ffo.FlatFileDataForkHeader.DataSize[:]
1414 }
1415
1416 cc.Server.mux.Lock()
1417 defer cc.Server.mux.Unlock()
1418 cc.Server.FileTransfers[data] = ft
1419
1420 cc.Transfers[FileDownload] = append(cc.Transfers[FileDownload], ft)
1421
1422 res = append(res, cc.NewReply(t,
1423 NewField(fieldRefNum, transactionRef),
1424 NewField(fieldWaitingCount, []byte{0x00, 0x00}), // TODO: Implement waiting count
1425 NewField(fieldTransferSize, xferSize),
1426 NewField(fieldFileSize, hlFile.ffo.FlatFileDataForkHeader.DataSize[:]),
1427 ))
1428
1429 return res, err
1430 }
1431
1432 // Download all files from the specified folder and sub-folders
1433 func HandleDownloadFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1434 if !authorize(cc.Account.Access, accessDownloadFile) {
1435 res = append(res, cc.NewErrReply(t, "You are not allowed to download folders."))
1436 return res, err
1437 }
1438
1439 transactionRef := cc.Server.NewTransactionRef()
1440 data := binary.BigEndian.Uint32(transactionRef)
1441
1442 fileTransfer := &FileTransfer{
1443 FileName: t.GetField(fieldFileName).Data,
1444 FilePath: t.GetField(fieldFilePath).Data,
1445 ReferenceNumber: transactionRef,
1446 Type: FolderDownload,
1447 }
1448 cc.Server.mux.Lock()
1449 cc.Server.FileTransfers[data] = fileTransfer
1450 cc.Server.mux.Unlock()
1451 cc.Transfers[FolderDownload] = append(cc.Transfers[FolderDownload], fileTransfer)
1452
1453 var fp FilePath
1454 err = fp.UnmarshalBinary(t.GetField(fieldFilePath).Data)
1455 if err != nil {
1456 return res, err
1457 }
1458
1459 fullFilePath, err := readPath(cc.Server.Config.FileRoot, t.GetField(fieldFilePath).Data, t.GetField(fieldFileName).Data)
1460 if err != nil {
1461 return res, err
1462 }
1463
1464 transferSize, err := CalcTotalSize(fullFilePath)
1465 if err != nil {
1466 return res, err
1467 }
1468 itemCount, err := CalcItemCount(fullFilePath)
1469 if err != nil {
1470 return res, err
1471 }
1472 res = append(res, cc.NewReply(t,
1473 NewField(fieldRefNum, transactionRef),
1474 NewField(fieldTransferSize, transferSize),
1475 NewField(fieldFolderItemCount, itemCount),
1476 NewField(fieldWaitingCount, []byte{0x00, 0x00}), // TODO: Implement waiting count
1477 ))
1478 return res, err
1479 }
1480
1481 // Upload all files from the local folder and its subfolders to the specified path on the server
1482 // Fields used in the request
1483 // 201 File name
1484 // 202 File path
1485 // 108 transfer size Total size of all items in the folder
1486 // 220 Folder item count
1487 // 204 File transfer options "Optional Currently set to 1" (TODO: ??)
1488 func HandleUploadFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1489 transactionRef := cc.Server.NewTransactionRef()
1490 data := binary.BigEndian.Uint32(transactionRef)
1491
1492 var fp FilePath
1493 if t.GetField(fieldFilePath).Data != nil {
1494 if err = fp.UnmarshalBinary(t.GetField(fieldFilePath).Data); err != nil {
1495 return res, err
1496 }
1497 }
1498
1499 // Handle special cases for Upload and Drop Box folders
1500 if !authorize(cc.Account.Access, accessUploadAnywhere) {
1501 if !fp.IsUploadDir() && !fp.IsDropbox() {
1502 res = append(res, cc.NewErrReply(t, fmt.Sprintf("Cannot accept upload of the folder \"%v\" because you are only allowed to upload to the \"Uploads\" folder.", string(t.GetField(fieldFileName).Data))))
1503 return res, err
1504 }
1505 }
1506
1507 fileTransfer := &FileTransfer{
1508 FileName: t.GetField(fieldFileName).Data,
1509 FilePath: t.GetField(fieldFilePath).Data,
1510 ReferenceNumber: transactionRef,
1511 Type: FolderUpload,
1512 FolderItemCount: t.GetField(fieldFolderItemCount).Data,
1513 TransferSize: t.GetField(fieldTransferSize).Data,
1514 }
1515 cc.Server.FileTransfers[data] = fileTransfer
1516
1517 res = append(res, cc.NewReply(t, NewField(fieldRefNum, transactionRef)))
1518 return res, err
1519 }
1520
1521 // HandleUploadFile
1522 // Fields used in the request:
1523 // 201 File name
1524 // 202 File path
1525 // 204 File transfer options "Optional
1526 // Used only to resume download, currently has value 2"
1527 // 108 File transfer size "Optional used if download is not resumed"
1528 func HandleUploadFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1529 if !authorize(cc.Account.Access, accessUploadFile) {
1530 res = append(res, cc.NewErrReply(t, "You are not allowed to upload files."))
1531 return res, err
1532 }
1533
1534 fileName := t.GetField(fieldFileName).Data
1535 filePath := t.GetField(fieldFilePath).Data
1536
1537 transferOptions := t.GetField(fieldFileTransferOptions).Data
1538
1539 // TODO: is this field useful for anything?
1540 // transferSize := t.GetField(fieldTransferSize).Data
1541
1542 var fp FilePath
1543 if filePath != nil {
1544 if err = fp.UnmarshalBinary(filePath); err != nil {
1545 return res, err
1546 }
1547 }
1548
1549 // Handle special cases for Upload and Drop Box folders
1550 if !authorize(cc.Account.Access, accessUploadAnywhere) {
1551 if !fp.IsUploadDir() && !fp.IsDropbox() {
1552 res = append(res, cc.NewErrReply(t, fmt.Sprintf("Cannot accept upload of the file \"%v\" because you are only allowed to upload to the \"Uploads\" folder.", string(fileName))))
1553 return res, err
1554 }
1555 }
1556
1557 transactionRef := cc.Server.NewTransactionRef()
1558 data := binary.BigEndian.Uint32(transactionRef)
1559
1560 cc.Server.mux.Lock()
1561 cc.Server.FileTransfers[data] = &FileTransfer{
1562 FileName: fileName,
1563 FilePath: filePath,
1564 ReferenceNumber: transactionRef,
1565 Type: FileUpload,
1566 }
1567 cc.Server.mux.Unlock()
1568
1569 replyT := cc.NewReply(t, NewField(fieldRefNum, transactionRef))
1570
1571 // client has requested to resume a partially transferred file
1572 if transferOptions != nil {
1573 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
1574 if err != nil {
1575 return res, err
1576 }
1577
1578 fileInfo, err := cc.Server.FS.Stat(fullFilePath + incompleteFileSuffix)
1579 if err != nil {
1580 return res, err
1581 }
1582
1583 offset := make([]byte, 4)
1584 binary.BigEndian.PutUint32(offset, uint32(fileInfo.Size()))
1585
1586 fileResumeData := NewFileResumeData([]ForkInfoList{
1587 *NewForkInfoList(offset),
1588 })
1589
1590 b, _ := fileResumeData.BinaryMarshal()
1591
1592 replyT.Fields = append(replyT.Fields, NewField(fieldFileResumeData, b))
1593 }
1594
1595 res = append(res, replyT)
1596 return res, err
1597 }
1598
1599 func HandleSetClientUserInfo(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1600 var icon []byte
1601 if len(t.GetField(fieldUserIconID).Data) == 4 {
1602 icon = t.GetField(fieldUserIconID).Data[2:]
1603 } else {
1604 icon = t.GetField(fieldUserIconID).Data
1605 }
1606 *cc.Icon = icon
1607 cc.UserName = t.GetField(fieldUserName).Data
1608
1609 // the options field is only passed by the client versions > 1.2.3.
1610 options := t.GetField(fieldOptions).Data
1611
1612 if options != nil {
1613 optBitmap := big.NewInt(int64(binary.BigEndian.Uint16(options)))
1614 flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(*cc.Flags)))
1615
1616 flagBitmap.SetBit(flagBitmap, userFlagRefusePM, optBitmap.Bit(refusePM))
1617 binary.BigEndian.PutUint16(*cc.Flags, uint16(flagBitmap.Int64()))
1618
1619 flagBitmap.SetBit(flagBitmap, userFLagRefusePChat, optBitmap.Bit(refuseChat))
1620 binary.BigEndian.PutUint16(*cc.Flags, uint16(flagBitmap.Int64()))
1621
1622 // Check auto response
1623 if optBitmap.Bit(autoResponse) == 1 {
1624 cc.AutoReply = t.GetField(fieldAutomaticResponse).Data
1625 } else {
1626 cc.AutoReply = []byte{}
1627 }
1628 }
1629
1630 // Notify all clients of updated user info
1631 cc.sendAll(
1632 tranNotifyChangeUser,
1633 NewField(fieldUserID, *cc.ID),
1634 NewField(fieldUserIconID, *cc.Icon),
1635 NewField(fieldUserFlags, *cc.Flags),
1636 NewField(fieldUserName, cc.UserName),
1637 )
1638
1639 return res, err
1640 }
1641
1642 // HandleKeepAlive responds to keepalive transactions with an empty reply
1643 // * HL 1.9.2 Client sends keepalive msg every 3 minutes
1644 // * HL 1.2.3 Client doesn't send keepalives
1645 func HandleKeepAlive(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1646 res = append(res, cc.NewReply(t))
1647
1648 return res, err
1649 }
1650
1651 func HandleGetFileNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1652 fullPath, err := readPath(
1653 cc.Server.Config.FileRoot,
1654 t.GetField(fieldFilePath).Data,
1655 nil,
1656 )
1657 if err != nil {
1658 return res, err
1659 }
1660
1661 var fp FilePath
1662 if t.GetField(fieldFilePath).Data != nil {
1663 if err = fp.UnmarshalBinary(t.GetField(fieldFilePath).Data); err != nil {
1664 return res, err
1665 }
1666 }
1667
1668 // Handle special case for drop box folders
1669 if fp.IsDropbox() && !authorize(cc.Account.Access, accessViewDropBoxes) {
1670 res = append(res, cc.NewReply(t))
1671 return res, err
1672 }
1673
1674 fileNames, err := getFileNameList(fullPath)
1675 if err != nil {
1676 return res, err
1677 }
1678
1679 res = append(res, cc.NewReply(t, fileNames...))
1680
1681 return res, err
1682 }
1683
1684 // =================================
1685 // Hotline private chat flow
1686 // =================================
1687 // 1. ClientA sends tranInviteNewChat to server with user ID to invite
1688 // 2. Server creates new ChatID
1689 // 3. Server sends tranInviteToChat to invitee
1690 // 4. Server replies to ClientA with new Chat ID
1691 //
1692 // A dialog box pops up in the invitee client with options to accept or decline the invitation.
1693 // If Accepted is clicked:
1694 // 1. ClientB sends tranJoinChat with fieldChatID
1695
1696 // HandleInviteNewChat invites users to new private chat
1697 func HandleInviteNewChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1698 if !authorize(cc.Account.Access, accessOpenChat) {
1699 res = append(res, cc.NewErrReply(t, "You are not allowed to request private chat."))
1700 return res, err
1701 }
1702
1703 // Client to Invite
1704 targetID := t.GetField(fieldUserID).Data
1705 newChatID := cc.Server.NewPrivateChat(cc)
1706
1707 res = append(res,
1708 *NewTransaction(
1709 tranInviteToChat,
1710 &targetID,
1711 NewField(fieldChatID, newChatID),
1712 NewField(fieldUserName, cc.UserName),
1713 NewField(fieldUserID, *cc.ID),
1714 ),
1715 )
1716
1717 res = append(res,
1718 cc.NewReply(t,
1719 NewField(fieldChatID, newChatID),
1720 NewField(fieldUserName, cc.UserName),
1721 NewField(fieldUserID, *cc.ID),
1722 NewField(fieldUserIconID, *cc.Icon),
1723 NewField(fieldUserFlags, *cc.Flags),
1724 ),
1725 )
1726
1727 return res, err
1728 }
1729
1730 func HandleInviteToChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1731 if !authorize(cc.Account.Access, accessOpenChat) {
1732 res = append(res, cc.NewErrReply(t, "You are not allowed to request private chat."))
1733 return res, err
1734 }
1735
1736 // Client to Invite
1737 targetID := t.GetField(fieldUserID).Data
1738 chatID := t.GetField(fieldChatID).Data
1739
1740 res = append(res,
1741 *NewTransaction(
1742 tranInviteToChat,
1743 &targetID,
1744 NewField(fieldChatID, chatID),
1745 NewField(fieldUserName, cc.UserName),
1746 NewField(fieldUserID, *cc.ID),
1747 ),
1748 )
1749 res = append(res,
1750 cc.NewReply(
1751 t,
1752 NewField(fieldChatID, chatID),
1753 NewField(fieldUserName, cc.UserName),
1754 NewField(fieldUserID, *cc.ID),
1755 NewField(fieldUserIconID, *cc.Icon),
1756 NewField(fieldUserFlags, *cc.Flags),
1757 ),
1758 )
1759
1760 return res, err
1761 }
1762
1763 func HandleRejectChatInvite(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1764 chatID := t.GetField(fieldChatID).Data
1765 chatInt := binary.BigEndian.Uint32(chatID)
1766
1767 privChat := cc.Server.PrivateChats[chatInt]
1768
1769 resMsg := append(cc.UserName, []byte(" declined invitation to chat")...)
1770
1771 for _, c := range sortedClients(privChat.ClientConn) {
1772 res = append(res,
1773 *NewTransaction(
1774 tranChatMsg,
1775 c.ID,
1776 NewField(fieldChatID, chatID),
1777 NewField(fieldData, resMsg),
1778 ),
1779 )
1780 }
1781
1782 return res, err
1783 }
1784
1785 // HandleJoinChat is sent from a v1.8+ Hotline client when the joins a private chat
1786 // Fields used in the reply:
1787 // * 115 Chat subject
1788 // * 300 User name with info (Optional)
1789 // * 300 (more user names with info)
1790 func HandleJoinChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1791 chatID := t.GetField(fieldChatID).Data
1792 chatInt := binary.BigEndian.Uint32(chatID)
1793
1794 privChat := cc.Server.PrivateChats[chatInt]
1795
1796 // Send tranNotifyChatChangeUser to current members of the chat to inform of new user
1797 for _, c := range sortedClients(privChat.ClientConn) {
1798 res = append(res,
1799 *NewTransaction(
1800 tranNotifyChatChangeUser,
1801 c.ID,
1802 NewField(fieldChatID, chatID),
1803 NewField(fieldUserName, cc.UserName),
1804 NewField(fieldUserID, *cc.ID),
1805 NewField(fieldUserIconID, *cc.Icon),
1806 NewField(fieldUserFlags, *cc.Flags),
1807 ),
1808 )
1809 }
1810
1811 privChat.ClientConn[cc.uint16ID()] = cc
1812
1813 replyFields := []Field{NewField(fieldChatSubject, []byte(privChat.Subject))}
1814 for _, c := range sortedClients(privChat.ClientConn) {
1815 user := User{
1816 ID: *c.ID,
1817 Icon: *c.Icon,
1818 Flags: *c.Flags,
1819 Name: string(c.UserName),
1820 }
1821
1822 replyFields = append(replyFields, NewField(fieldUsernameWithInfo, user.Payload()))
1823 }
1824
1825 res = append(res, cc.NewReply(t, replyFields...))
1826 return res, err
1827 }
1828
1829 // HandleLeaveChat is sent from a v1.8+ Hotline client when the user exits a private chat
1830 // Fields used in the request:
1831 // * 114 fieldChatID
1832 // Reply is not expected.
1833 func HandleLeaveChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1834 chatID := t.GetField(fieldChatID).Data
1835 chatInt := binary.BigEndian.Uint32(chatID)
1836
1837 privChat := cc.Server.PrivateChats[chatInt]
1838
1839 delete(privChat.ClientConn, cc.uint16ID())
1840
1841 // Notify members of the private chat that the user has left
1842 for _, c := range sortedClients(privChat.ClientConn) {
1843 res = append(res,
1844 *NewTransaction(
1845 tranNotifyChatDeleteUser,
1846 c.ID,
1847 NewField(fieldChatID, chatID),
1848 NewField(fieldUserID, *cc.ID),
1849 ),
1850 )
1851 }
1852
1853 return res, err
1854 }
1855
1856 // HandleSetChatSubject is sent from a v1.8+ Hotline client when the user sets a private chat subject
1857 // Fields used in the request:
1858 // * 114 Chat ID
1859 // * 115 Chat subject Chat subject string
1860 // Reply is not expected.
1861 func HandleSetChatSubject(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1862 chatID := t.GetField(fieldChatID).Data
1863 chatInt := binary.BigEndian.Uint32(chatID)
1864
1865 privChat := cc.Server.PrivateChats[chatInt]
1866 privChat.Subject = string(t.GetField(fieldChatSubject).Data)
1867
1868 for _, c := range sortedClients(privChat.ClientConn) {
1869 res = append(res,
1870 *NewTransaction(
1871 tranNotifyChatSubject,
1872 c.ID,
1873 NewField(fieldChatID, chatID),
1874 NewField(fieldChatSubject, t.GetField(fieldChatSubject).Data),
1875 ),
1876 )
1877 }
1878
1879 return res, err
1880 }
1881
1882 // HandleMakeAlias makes a filer alias using the specified path.
1883 // Fields used in the request:
1884 // 201 File name
1885 // 202 File path
1886 // 212 File new path Destination path
1887 //
1888 // Fields used in the reply:
1889 // None
1890 func HandleMakeAlias(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1891 if !authorize(cc.Account.Access, accessMakeAlias) {
1892 res = append(res, cc.NewErrReply(t, "You are not allowed to make aliases."))
1893 return res, err
1894 }
1895 fileName := t.GetField(fieldFileName).Data
1896 filePath := t.GetField(fieldFilePath).Data
1897 fileNewPath := t.GetField(fieldFileNewPath).Data
1898
1899 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
1900 if err != nil {
1901 return res, err
1902 }
1903
1904 fullNewFilePath, err := readPath(cc.Server.Config.FileRoot, fileNewPath, fileName)
1905 if err != nil {
1906 return res, err
1907 }
1908
1909 cc.Server.Logger.Debugw("Make alias", "src", fullFilePath, "dst", fullNewFilePath)
1910
1911 if err := cc.Server.FS.Symlink(fullFilePath, fullNewFilePath); err != nil {
1912 res = append(res, cc.NewErrReply(t, "Error creating alias"))
1913 return res, nil
1914 }
1915
1916 res = append(res, cc.NewReply(t))
1917 return res, err
1918 }
Friendship Quest remix of mobius, a hotline server in go #cli