From a5c97fd849a2a25d06cbb80382a1a94ca4439d50 Mon Sep 17 00:00:00 2001 From: Juliusz Chroboczek Date: Fri, 30 Jul 2021 19:26:34 +0200 Subject: [PATCH] Add System permission. This replaces the OverridePermissions method, and is communicated to clients that can reliably and safely identify a system user. --- diskwriter/diskwriter.go | 8 +++----- group/client.go | 2 +- group/group.go | 2 +- rtpconn/webclient.go | 4 ---- 4 files changed, 5 insertions(+), 11 deletions(-) diff --git a/diskwriter/diskwriter.go b/diskwriter/diskwriter.go index 197235d..474ef52 100644 --- a/diskwriter/diskwriter.go +++ b/diskwriter/diskwriter.go @@ -63,16 +63,14 @@ func (client *Client) Challenge(group string, cred group.ClientCredentials) bool return true } -func (client *Client) OverridePermissions(g *group.Group) bool { - return true -} - func (client *Client) SetPermissions(perms group.ClientPermissions) { return } func (client *Client) Permissions() group.ClientPermissions { - return group.ClientPermissions{} + return group.ClientPermissions{ + System: true, + } } func (client *Client) Status() map[string]interface{} { diff --git a/group/client.go b/group/client.go index f3c080f..a97cc9a 100644 --- a/group/client.go +++ b/group/client.go @@ -85,6 +85,7 @@ type ClientPermissions struct { Op bool `json:"op,omitempty"` Present bool `json:"present,omitempty"` Record bool `json:"record,omitempty"` + System bool `json:"system,omitempty"` } type Challengeable interface { @@ -99,7 +100,6 @@ type Client interface { Permissions() ClientPermissions SetPermissions(ClientPermissions) Status() map[string]interface{} - OverridePermissions(*Group) bool PushConn(g *Group, id string, conn conn.Up, tracks []conn.UpTrack, replace string) error RequestConns(target Client, g *Group, id string) error Joined(group, kind string) error diff --git a/group/group.go b/group/group.go index 4730121..edb06d3 100644 --- a/group/group.go +++ b/group/group.go @@ -485,7 +485,7 @@ func AddClient(group string, c Client) (*Group, error) { clients := g.getClientsUnlocked(nil) - if !c.OverridePermissions(g) { + if !c.Permissions().System { perms, err := g.description.GetPermission(group, c) if err != nil { return nil, err diff --git a/rtpconn/webclient.go b/rtpconn/webclient.go index 2f43afe..31bfb4e 100644 --- a/rtpconn/webclient.go +++ b/rtpconn/webclient.go @@ -107,10 +107,6 @@ func (c *webClient) SetPermissions(perms group.ClientPermissions) { c.permissions = perms } -func (c *webClient) OverridePermissions(g *group.Group) bool { - return false -} - func (c *webClient) PushClient(group, kind, id, username string, permissions group.ClientPermissions, status map[string]interface{}) error { return c.action(pushClientAction{ group, kind, id, username, permissions, status,