"errors"
"fmt"
"gopkg.in/yaml.v3"
- "io/ioutil"
"math/big"
"os"
"path"
}
func HandleChatSend(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessSendChat) {
+ if !cc.Authorize(accessSendChat) {
res = append(res, cc.NewErrReply(t, "You are not allowed to participate in chat."))
return res, err
}
for _, c := range sortedClients(cc.Server.Clients) {
// Filter out clients that do not have the read chat permission
- if authorize(c.Account.Access, accessReadChat) {
+ if c.Authorize(accessReadChat) {
res = append(res, *NewTransaction(tranChatMsg, c.ID, NewField(fieldData, []byte(formattedMsg))))
}
}
if t.GetField(fieldFileComment).Data != nil {
switch mode := fi.Mode(); {
case mode.IsDir():
- if !authorize(cc.Account.Access, accessSetFolderComment) {
+ if !cc.Authorize(accessSetFolderComment) {
res = append(res, cc.NewErrReply(t, "You are not allowed to set comments for folders."))
return res, err
}
case mode.IsRegular():
- if !authorize(cc.Account.Access, accessSetFileComment) {
+ if !cc.Authorize(accessSetFileComment) {
res = append(res, cc.NewErrReply(t, "You are not allowed to set comments for files."))
return res, err
}
if fileNewName != nil {
switch mode := fi.Mode(); {
case mode.IsDir():
- if !authorize(cc.Account.Access, accessRenameFolder) {
+ if !cc.Authorize(accessRenameFolder) {
res = append(res, cc.NewErrReply(t, "You are not allowed to rename folders."))
return res, err
}
return res, err
}
case mode.IsRegular():
- if !authorize(cc.Account.Access, accessRenameFile) {
+ if !cc.Authorize(accessRenameFile) {
res = append(res, cc.NewErrReply(t, "You are not allowed to rename files."))
return res, err
}
switch mode := fi.Mode(); {
case mode.IsDir():
- if !authorize(cc.Account.Access, accessDeleteFolder) {
+ if !cc.Authorize(accessDeleteFolder) {
res = append(res, cc.NewErrReply(t, "You are not allowed to delete folders."))
return res, err
}
case mode.IsRegular():
- if !authorize(cc.Account.Access, accessDeleteFile) {
+ if !cc.Authorize(accessDeleteFile) {
res = append(res, cc.NewErrReply(t, "You are not allowed to delete files."))
return res, err
}
}
switch mode := fi.Mode(); {
case mode.IsDir():
- if !authorize(cc.Account.Access, accessMoveFolder) {
+ if !cc.Authorize(accessMoveFolder) {
res = append(res, cc.NewErrReply(t, "You are not allowed to move folders."))
return res, err
}
case mode.IsRegular():
- if !authorize(cc.Account.Access, accessMoveFile) {
+ if !cc.Authorize(accessMoveFile) {
res = append(res, cc.NewErrReply(t, "You are not allowed to move files."))
return res, err
}
}
func HandleNewFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessCreateFolder) {
+ if !cc.Authorize(accessCreateFolder) {
res = append(res, cc.NewErrReply(t, "You are not allowed to create folders."))
return res, err
}
// fieldFilePath is only present for nested paths
if t.GetField(fieldFilePath).Data != nil {
var newFp FilePath
- err := newFp.UnmarshalBinary(t.GetField(fieldFilePath).Data)
+ _, err := newFp.Write(t.GetField(fieldFilePath).Data)
if err != nil {
return nil, err
}
}
func HandleSetUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessModifyUser) {
+ if !cc.Authorize(accessModifyUser) {
res = append(res, cc.NewErrReply(t, "You are not allowed to modify accounts."))
return res, err
}
newAccessLvl := t.GetField(fieldUserAccess).Data
account := cc.Server.Accounts[login]
- account.Access = &newAccessLvl
account.Name = userName
+ copy(account.Access[:], newAccessLvl)
// If the password field is cleared in the Hotline edit user UI, the SetUser transaction does
// not include fieldUserPassword
res = append(res, *newT)
flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(c.Flags)))
- if authorize(c.Account.Access, accessDisconUser) {
+ if c.Authorize(accessDisconUser) {
flagBitmap.SetBit(flagBitmap, userFlagAdmin, 1)
} else {
flagBitmap.SetBit(flagBitmap, userFlagAdmin, 0)
}
func HandleGetUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessOpenUser) {
+ if !cc.Authorize(accessOpenUser) {
res = append(res, cc.NewErrReply(t, "You are not allowed to view accounts."))
return res, err
}
NewField(fieldUserName, []byte(account.Name)),
NewField(fieldUserLogin, negateString(t.GetField(fieldUserLogin).Data)),
NewField(fieldUserPassword, []byte(account.Password)),
- NewField(fieldUserAccess, *account.Access),
+ NewField(fieldUserAccess, account.Access[:]),
))
return res, err
}
func HandleListUsers(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessOpenUser) {
+ if !cc.Authorize(accessOpenUser) {
res = append(res, cc.NewErrReply(t, "You are not allowed to view accounts."))
return res, err
}
login := DecodeUserString(getField(fieldData, &subFields).Data)
cc.logger.Infow("DeleteUser", "login", login)
- if !authorize(cc.Account.Access, accessDeleteUser) {
+ if !cc.Authorize(accessDeleteUser) {
res = append(res, cc.NewErrReply(t, "You are not allowed to delete accounts."))
return res, err
}
cc.logger.Infow("UpdateUser", "login", login)
// account dataFile, so this is an update action
- if !authorize(cc.Account.Access, accessModifyUser) {
+ if !cc.Authorize(accessModifyUser) {
res = append(res, cc.NewErrReply(t, "You are not allowed to modify accounts."))
return res, err
}
}
if getField(fieldUserAccess, &subFields) != nil {
- acc.Access = &getField(fieldUserAccess, &subFields).Data
+ copy(acc.Access[:], getField(fieldUserAccess, &subFields).Data)
}
err = cc.Server.UpdateUser(
DecodeUserString(getField(fieldUserLogin, &subFields).Data),
string(getField(fieldUserName, &subFields).Data),
acc.Password,
- *acc.Access,
+ acc.Access,
)
if err != nil {
return res, err
} else {
cc.logger.Infow("CreateUser", "login", login)
- if !authorize(cc.Account.Access, accessCreateUser) {
+ if !cc.Authorize(accessCreateUser) {
res = append(res, cc.NewErrReply(t, "You are not allowed to create new accounts."))
return res, err
}
- err := cc.Server.NewUser(
- login,
- string(getField(fieldUserName, &subFields).Data),
- string(getField(fieldUserPassword, &subFields).Data),
- getField(fieldUserAccess, &subFields).Data,
- )
+ newAccess := accessBitmap{}
+ copy(newAccess[:], getField(fieldUserAccess, &subFields).Data[:])
+
+ err := cc.Server.NewUser(login, string(getField(fieldUserName, &subFields).Data), string(getField(fieldUserPassword, &subFields).Data), newAccess)
if err != nil {
return []Transaction{}, err
}
// HandleNewUser creates a new user account
func HandleNewUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessCreateUser) {
+ if !cc.Authorize(accessCreateUser) {
res = append(res, cc.NewErrReply(t, "You are not allowed to create new accounts."))
return res, err
}
return res, err
}
- if err := cc.Server.NewUser(
- login,
- string(t.GetField(fieldUserName).Data),
- string(t.GetField(fieldUserPassword).Data),
- t.GetField(fieldUserAccess).Data,
- ); err != nil {
+ newAccess := accessBitmap{}
+ copy(newAccess[:], t.GetField(fieldUserAccess).Data[:])
+
+ if err := cc.Server.NewUser(login, string(t.GetField(fieldUserName).Data), string(t.GetField(fieldUserPassword).Data), newAccess); err != nil {
return []Transaction{}, err
}
}
func HandleDeleteUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessDeleteUser) {
+ if !cc.Authorize(accessDeleteUser) {
res = append(res, cc.NewErrReply(t, "You are not allowed to delete accounts."))
return res, err
}
// HandleUserBroadcast sends an Administrator Message to all connected clients of the server
func HandleUserBroadcast(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessBroadcast) {
+ if !cc.Authorize(accessBroadcast) {
res = append(res, cc.NewErrReply(t, "You are not allowed to send broadcast messages."))
return res, err
}
// 102 User name
// 101 Data User info text string
func HandleGetClientInfoText(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessGetClientInfo) {
+ if !cc.Authorize(accessGetClientInfo) {
res = append(res, cc.NewErrReply(t, "You are not allowed to get client info."))
return res, err
}
cc.Icon = t.GetField(fieldUserIconID).Data
cc.logger = cc.logger.With("name", string(cc.UserName))
- cc.logger.Infow("Login successful", "clientVersion", fmt.Sprintf("%x", cc.Version))
+ cc.logger.Infow("Login successful", "clientVersion", fmt.Sprintf("%v", func() int { i, _ := byteToInt(cc.Version); return i }()))
options := t.GetField(fieldOptions).Data
optBitmap := big.NewInt(int64(binary.BigEndian.Uint16(options)))
// Fields used in this request:
// 101 Data
func HandleTranOldPostNews(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessNewsPostArt) {
+ if !cc.Authorize(accessNewsPostArt) {
res = append(res, cc.NewErrReply(t, "You are not allowed to post news."))
return res, err
}
newsPost := fmt.Sprintf(newsTemplate+"\r", cc.UserName, time.Now().Format(newsDateTemplate), t.GetField(fieldData).Data)
newsPost = strings.Replace(newsPost, "\n", "\r", -1)
- // update news in memory
- cc.Server.FlatNews = append([]byte(newsPost), cc.Server.FlatNews...)
-
// update news on disk
- if err := ioutil.WriteFile(cc.Server.ConfigDir+"MessageBoard.txt", cc.Server.FlatNews, 0644); err != nil {
+ if err := cc.Server.FS.WriteFile(filepath.Join(cc.Server.ConfigDir, "MessageBoard.txt"), cc.Server.FlatNews, 0644); err != nil {
return res, err
}
+ // update news in memory
+ cc.Server.FlatNews = append([]byte(newsPost), cc.Server.FlatNews...)
+
// Notify all clients of updated news
cc.sendAll(
tranNewMsg,
}
func HandleDisconnectUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessDisconUser) {
+ if !cc.Authorize(accessDisconUser) {
res = append(res, cc.NewErrReply(t, "You are not allowed to disconnect users."))
return res, err
}
clientConn := cc.Server.Clients[binary.BigEndian.Uint16(t.GetField(fieldUserID).Data)]
- if authorize(clientConn.Account.Access, accessCannotBeDiscon) {
+ if clientConn.Authorize(accessCannotBeDiscon) {
res = append(res, cc.NewErrReply(t, clientConn.Account.Login+" is not allowed to be disconnected."))
return res, err
}
// Fields used in the request:
// 325 News path (Optional)
func HandleGetNewsCatNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessNewsReadArt) {
+ if !cc.Authorize(accessNewsReadArt) {
res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
return res, err
}
}
func HandleNewNewsCat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessNewsCreateCat) {
+ if !cc.Authorize(accessNewsCreateCat) {
res = append(res, cc.NewErrReply(t, "You are not allowed to create news categories."))
return res, err
}
// 322 News category name
// 325 News path
func HandleNewNewsFldr(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessNewsCreateFldr) {
+ if !cc.Authorize(accessNewsCreateFldr) {
res = append(res, cc.NewErrReply(t, "You are not allowed to create news folders."))
return res, err
}
// Reply fields:
// 321 News article list data Optional
func HandleGetNewsArtNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessNewsReadArt) {
+ if !cc.Authorize(accessNewsReadArt) {
res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
return res, err
}
}
func HandleGetNewsArtData(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessNewsReadArt) {
+ if !cc.Authorize(accessNewsReadArt) {
res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
return res, err
}
return res, err
}
+// HandleDelNewsItem deletes an existing threaded news folder or category from the server.
+// Fields used in the request:
+// 325 News path
+// Fields used in the reply:
+// None
func HandleDelNewsItem(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- // Has multiple access flags: News Delete Folder (37) or News Delete Category (35)
- // TODO: Implement
-
pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
- // TODO: determine if path is a Folder (Bundle) or Category and check for permission
-
- cc.logger.Infof("DelNewsItem %v", pathStrs)
-
cats := cc.Server.ThreadedNews.Categories
-
delName := pathStrs[len(pathStrs)-1]
if len(pathStrs) > 1 {
for _, fp := range pathStrs[0 : len(pathStrs)-1] {
}
}
+ if bytes.Compare(cats[delName].Type, []byte{0, 3}) == 0 {
+ if !cc.Authorize(accessNewsDeleteCat) {
+ return append(res, cc.NewErrReply(t, "You are not allowed to delete news categories.")), nil
+ }
+ } else {
+ if !cc.Authorize(accessNewsDeleteFldr) {
+ return append(res, cc.NewErrReply(t, "You are not allowed to delete news folders.")), nil
+ }
+ }
+
delete(cats, delName)
- err = cc.Server.writeThreadedNews()
- if err != nil {
+ if err := cc.Server.writeThreadedNews(); err != nil {
return res, err
}
- // Reply params: none
- res = append(res, cc.NewReply(t))
-
- return res, err
+ return append(res, cc.NewReply(t)), nil
}
func HandleDelNewsArt(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessNewsDeleteArt) {
+ if !cc.Authorize(accessNewsDeleteArt) {
res = append(res, cc.NewErrReply(t, "You are not allowed to delete news articles."))
return res, err
}
// 327 News article data flavor Currently “text/plain”
// 333 News article data
func HandlePostNewsArt(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessNewsPostArt) {
+ if !cc.Authorize(accessNewsPostArt) {
res = append(res, cc.NewErrReply(t, "You are not allowed to post news articles."))
return res, err
}
// HandleGetMsgs returns the flat news data
func HandleGetMsgs(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessNewsReadArt) {
+ if !cc.Authorize(accessNewsReadArt) {
res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
return res, err
}
}
func HandleDownloadFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessDownloadFile) {
+ if !cc.Authorize(accessDownloadFile) {
res = append(res, cc.NewErrReply(t, "You are not allowed to download files."))
return res, err
}
// Download all files from the specified folder and sub-folders
func HandleDownloadFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessDownloadFile) {
+ if !cc.Authorize(accessDownloadFile) {
res = append(res, cc.NewErrReply(t, "You are not allowed to download folders."))
return res, err
}
fileTransfer := cc.newFileTransfer(FolderDownload, t.GetField(fieldFileName).Data, t.GetField(fieldFilePath).Data, transferSize)
var fp FilePath
- err = fp.UnmarshalBinary(t.GetField(fieldFilePath).Data)
+ _, err = fp.Write(t.GetField(fieldFilePath).Data)
if err != nil {
return res, err
}
func HandleUploadFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
var fp FilePath
if t.GetField(fieldFilePath).Data != nil {
- if err = fp.UnmarshalBinary(t.GetField(fieldFilePath).Data); err != nil {
+ if _, err = fp.Write(t.GetField(fieldFilePath).Data); err != nil {
return res, err
}
}
// Handle special cases for Upload and Drop Box folders
- if !authorize(cc.Account.Access, accessUploadAnywhere) {
+ if !cc.Authorize(accessUploadAnywhere) {
if !fp.IsUploadDir() && !fp.IsDropbox() {
res = append(res, cc.NewErrReply(t, fmt.Sprintf("Cannot accept upload of the folder \"%v\" because you are only allowed to upload to the \"Uploads\" folder.", string(t.GetField(fieldFileName).Data))))
return res, err
// Used only to resume download, currently has value 2"
// 108 File transfer size "Optional used if download is not resumed"
func HandleUploadFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessUploadFile) {
+ if !cc.Authorize(accessUploadFile) {
res = append(res, cc.NewErrReply(t, "You are not allowed to upload files."))
return res, err
}
var fp FilePath
if filePath != nil {
- if err = fp.UnmarshalBinary(filePath); err != nil {
+ if _, err = fp.Write(filePath); err != nil {
return res, err
}
}
// Handle special cases for Upload and Drop Box folders
- if !authorize(cc.Account.Access, accessUploadAnywhere) {
+ if !cc.Authorize(accessUploadAnywhere) {
if !fp.IsUploadDir() && !fp.IsDropbox() {
res = append(res, cc.NewErrReply(t, fmt.Sprintf("Cannot accept upload of the file \"%v\" because you are only allowed to upload to the \"Uploads\" folder.", string(fileName))))
return res, err
var fp FilePath
if t.GetField(fieldFilePath).Data != nil {
- if err = fp.UnmarshalBinary(t.GetField(fieldFilePath).Data); err != nil {
+ if _, err = fp.Write(t.GetField(fieldFilePath).Data); err != nil {
return res, err
}
}
// Handle special case for drop box folders
- if fp.IsDropbox() && !authorize(cc.Account.Access, accessViewDropBoxes) {
+ if fp.IsDropbox() && !cc.Authorize(accessViewDropBoxes) {
res = append(res, cc.NewErrReply(t, "You are not allowed to view drop boxes."))
return res, err
}
// HandleInviteNewChat invites users to new private chat
func HandleInviteNewChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessOpenChat) {
+ if !cc.Authorize(accessOpenChat) {
res = append(res, cc.NewErrReply(t, "You are not allowed to request private chat."))
return res, err
}
}
func HandleInviteToChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessOpenChat) {
+ if !cc.Authorize(accessOpenChat) {
res = append(res, cc.NewErrReply(t, "You are not allowed to request private chat."))
return res, err
}
// Fields used in the reply:
// None
func HandleMakeAlias(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessMakeAlias) {
+ if !cc.Authorize(accessMakeAlias) {
res = append(res, cc.NewErrReply(t, "You are not allowed to make aliases."))
return res, err
}
return res, err
}
+// HandleDownloadBanner handles requests for a new banner from the server
+// Fields used in the request:
+// None
+// Fields used in the reply:
+// 107 fieldRefNum Used later for transfer
+// 108 fieldTransferSize Size of data to be downloaded
func HandleDownloadBanner(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
fi, err := cc.Server.FS.Stat(filepath.Join(cc.Server.ConfigDir, cc.Server.Config.BannerFile))
if err != nil {
git.r.bdr.sh / rbdr / mobius / blobdiff