Skip to content

Commit

Permalink
Chore: Room access validation may be called without user information (#…
Browse files Browse the repository at this point in the history
  • Loading branch information
pierre-lehnen-rc authored and tassoevan committed Jul 1, 2022
1 parent 79fbc29 commit bb445d3
Show file tree
Hide file tree
Showing 4 changed files with 5 additions and 5 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ export class AuthorizationLivechat extends ServiceClassInternal implements IAuth

protected internal = true;

async canAccessRoom(room: IOmnichannelRoom, user: Pick<IUser, '_id'>, extraData?: object): Promise<boolean> {
async canAccessRoom(room: IOmnichannelRoom, user?: Pick<IUser, '_id'>, extraData?: object): Promise<boolean> {
for (const validator of validators) {
if (validator(room, user, extraData)) {
return true;
Expand Down
4 changes: 2 additions & 2 deletions apps/meteor/server/sdk/types/IAuthorization.ts
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ import type { IRoom, IUser } from '@rocket.chat/core-typings';

export type RoomAccessValidator = (
room: Pick<IRoom, '_id' | 't' | 'teamId' | 'prid'>,
user: Pick<IUser, '_id'>,
user?: Pick<IUser, '_id'>,
extraData?: Record<string, any>,
) => Promise<boolean>;

Expand All @@ -11,5 +11,5 @@ export interface IAuthorization {
hasPermission(userId: string, permissionId: string, scope?: string): Promise<boolean>;
hasAtLeastOnePermission(userId: string, permissions: string[], scope?: string): Promise<boolean>;
canAccessRoom: RoomAccessValidator;
canAccessRoomId(rid: IRoom['_id'], uid: IUser['_id']): Promise<boolean>;
canAccessRoomId(rid: IRoom['_id'], uid?: IUser['_id']): Promise<boolean>;
}
2 changes: 1 addition & 1 deletion apps/meteor/server/sdk/types/IAuthorizationLivechat.ts
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
import type { IOmnichannelRoom, IUser } from '@rocket.chat/core-typings';

export interface IAuthorizationLivechat {
canAccessRoom: (room: IOmnichannelRoom, user: Pick<IUser, '_id'>, extraData?: Record<string, any>) => Promise<boolean>;
canAccessRoom: (room: IOmnichannelRoom, user?: Pick<IUser, '_id'>, extraData?: Record<string, any>) => Promise<boolean>;
}
2 changes: 1 addition & 1 deletion apps/meteor/server/services/authorization/canAccessRoom.ts
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ import { RoomAccessValidator } from '../../sdk/types/IAuthorization';
import { canAccessRoomLivechat } from './canAccessRoomLivechat';
import { canAccessRoomVoip } from './canAccessRoomVoip';

async function canAccessPublicRoom(user: Partial<IUser>): Promise<boolean> {
async function canAccessPublicRoom(user?: Partial<IUser>): Promise<boolean> {
if (!user?._id) {
// TODO: it was using cached version from /app/settings/server/raw.js
const anon = await Settings.getValueById('Accounts_AllowAnonymousRead');
Expand Down

0 comments on commit bb445d3

Please sign in to comment.