wieerwill/platform
1
0
Fork 0
mirror of https://github.com/hcengineering/platform.git synced 2025-05-11 01:40:32 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

fix: use readonly connections for guests (#8222)

Browse Source 
Signed-off-by: Alexander Onnikov <Alexander.Onnikov@xored.com>
This commit is contained in:
Alexander Onnikov 2025-03-14 01:07:45 +07:00 committed by GitHub
parent 90d6c37461
commit 694b5b2ede
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
server/collaborator/src/extensions/authentication.ts
View File

@ -13,9 +13,10 @@
// limitations under the License.
//
import { guestAccountEmail } from '@hcengineering/account'
import { decodeDocumentId } from '@hcengineering/collaborator-client'
import { MeasureContext } from '@hcengineering/core'
import { decodeToken } from '@hcengineering/server-token'
import { Token, decodeToken } from '@hcengineering/server-token'
import { Extension, onAuthenticatePayload } from '@hocuspocus/server'
import { getWorkspaceInfo } from '../account'
@ -38,8 +39,13 @@ export class AuthenticationExtension implements Extension {
return await ctx.with('authenticate', { workspaceId }, async () => {
const token = decodeToken(data.token)
const readonly = isGuest(token)
ctx.info('authenticate', { workspaceId, mode: token.extra?.mode ?? '' })
ctx.info('authenticate', { workspaceId, mode: token.extra?.mode ?? '', readonly })
if (readonly) {
data.connection.readOnly = true
}
// verify workspace can be accessed with the token
const workspaceInfo = await getWorkspaceInfo(data.token)
@ -53,3 +59,7 @@ export class AuthenticationExtension implements Extension {
})
}
}
export function isGuest (token: Token): boolean {
return token.email === guestAccountEmail && token.extra?.guest === 'true'
}