reply.Fields = append(reply.Fields, NewField(fieldQuotingMsg, t.GetField(fieldQuotingMsg).Data))
}
- res = append(res, *reply)
-
id, _ := byteToInt(ID.Data)
otherClient, ok := cc.Server.Clients[uint16(id)]
if !ok {
return res, errors.New("invalid client ID")
}
+ // Check if target user has "Refuse private messages" flag
+ flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(otherClient.Flags)))
+ if flagBitmap.Bit(userFLagRefusePChat) == 1 {
+ res = append(res,
+ *NewTransaction(
+ tranServerMsg,
+ cc.ID,
+ NewField(fieldData, []byte(string(otherClient.UserName)+" does not accept private messages.")),
+ NewField(fieldUserName, otherClient.UserName),
+ NewField(fieldUserID, *otherClient.ID),
+ NewField(fieldOptions, []byte{0, 2}),
+ ),
+ )
+ } else {
+ res = append(res, *reply)
+ }
+
// Respond with auto reply if other client has it enabled
if len(otherClient.AutoReply) > 0 {
res = append(res,
newAccess := accessBitmap{}
copy(newAccess[:], getField(fieldUserAccess, &subFields).Data[:])
+ // Prevent account from creating new account with greater permission
+ for i := 0; i < 64; i++ {
+ if newAccess.IsSet(i) {
+ if !cc.Authorize(i) {
+ return append(res, cc.NewErrReply(t, "Cannot create account with more access than yourself.")), err
+ }
+ }
+ }
+
err := cc.Server.NewUser(login, string(getField(fieldUserName, &subFields).Data), string(getField(fieldUserPassword, &subFields).Data), newAccess)
if err != nil {
return []Transaction{}, err
newAccess := accessBitmap{}
copy(newAccess[:], t.GetField(fieldUserAccess).Data[:])
+ // Prevent account from creating new account with greater permission
+ for i := 0; i < 64; i++ {
+ if newAccess.IsSet(i) {
+ if !cc.Authorize(i) {
+ res = append(res, cc.NewErrReply(t, "Cannot create account with more access than yourself."))
+ return res, err
+ }
+ }
+ }
+
if err := cc.Server.NewUser(login, string(t.GetField(fieldUserName).Data), string(t.GetField(fieldUserPassword).Data), newAccess); err != nil {
return []Transaction{}, err
}
newsPost := fmt.Sprintf(newsTemplate+"\r", cc.UserName, time.Now().Format(newsDateTemplate), t.GetField(fieldData).Data)
newsPost = strings.Replace(newsPost, "\n", "\r", -1)
+ // update news in memory
+ cc.Server.FlatNews = append([]byte(newsPost), cc.Server.FlatNews...)
+
// update news on disk
if err := cc.Server.FS.WriteFile(filepath.Join(cc.Server.ConfigDir, "MessageBoard.txt"), cc.Server.FlatNews, 0644); err != nil {
return res, err
}
- // update news in memory
- cc.Server.FlatNews = append([]byte(newsPost), cc.Server.FlatNews...)
-
// Notify all clients of updated news
cc.sendAll(
tranNewMsg,
}
}
- if bytes.Compare(cats[delName].Type, []byte{0, 3}) == 0 {
+ if bytes.Equal(cats[delName].Type, []byte{0, 3}) {
if !cc.Authorize(accessNewsDeleteCat) {
return append(res, cc.NewErrReply(t, "You are not allowed to delete news categories.")), nil
}
git.r.bdr.sh / rbdr / mobius / blobdiff