Fix stream issues

2e03dae6 · Diego Sampaio · 88154da1 · 2e03dae6 · 2e03dae6 · 2e03dae6
Unverified Commit 2e03dae6 authored 7 years ago by Diego Sampaio
--- a/.meteor/versions
+++ b/.meteor/versions
@@ -211,7 +211,7 @@ rocketchat:smarsh-connector@0.0.1
 rocketchat:sms@0.0.1
 rocketchat:spotify@0.0.1
 rocketchat:statistics@0.0.1
-rocketchat:streamer@0.5.0
+rocketchat:streamer@0.6.0
 rocketchat:theme@0.0.1
 rocketchat:tokenpass@0.0.1
 rocketchat:tooltip@0.0.1

--- a/packages/rocketchat-authorization/server/functions/canAccessRoom.js
+++ b/packages/rocketchat-authorization/server/functions/canAccessRoom.js
@@ -17,9 +17,9 @@ RocketChat.authz.roomAccessValidators = [
 	}
 ];

-RocketChat.authz.canAccessRoom = function(room, user) {
+RocketChat.authz.canAccessRoom = function(room, user, extraData) {
 	return RocketChat.authz.roomAccessValidators.some((validator) => {
-		return validator.call(this, room, user);
+		return validator.call(this, room, user, extraData);
 	});
 };


--- a/packages/rocketchat-lib/server/functions/Notifications.js
+++ b/packages/rocketchat-lib/server/functions/Notifications.js
@@ -25,10 +25,7 @@ RocketChat.Notifications = new class {
 		this.streamUser.allowWrite('logged');
 		this.streamAll.allowRead('all');
 		this.streamLogged.allowRead('logged');
-		this.streamRoom.allowRead(function(eventName) {
-			if (this.userId == null) {
-				return false;
-			}
+		this.streamRoom.allowRead(function(eventName, extraData) {
 			const [roomId] = eventName.split('/');
 			const user = Meteor.users.findOne(this.userId, {
 				fields: {
@@ -40,9 +37,12 @@ RocketChat.Notifications = new class {
 				console.warn(`Invalid streamRoom eventName: "${ eventName }"`);
 				return false;
 			}
-			if (room.t === 'l' && room.v._id === user._id) {
+			if (room.t === 'l' && extraData && extraData.token && room.v.token === extraData.token) {
 				return true;
 			}
+			if (this.userId == null) {
+				return false;
+			}
 			return room.usernames.indexOf(user.username) > -1;
 		});
 		this.streamRoomUsers.allowRead('none');
@@ -117,12 +117,21 @@ RocketChat.Notifications = new class {
 	}
 };

-RocketChat.Notifications.streamRoom.allowWrite(function(eventName, username) {
-	const [, e] = eventName.split('/');
+RocketChat.Notifications.streamRoom.allowWrite(function(eventName, username, typing, extraData) {
+	const [roomId, e] = eventName.split('/');
 	if (e === 'webrtc') {
 		return true;
 	}
 	if (e === 'typing') {
+
+		// typing from livechat widget
+		if (extraData && extraData.token) {
+			const room = RocketChat.models.Rooms.findOneById(roomId);
+			if (room && room.t === 'l' && room.v.token === extraData.token) {
+				return true;
+			}
+		}
+
 		const user = Meteor.users.findOne(this.userId, {
 			fields: {
 				username: 1

--- a/packages/rocketchat-livechat/.app/.meteor/versions
+++ b/packages/rocketchat-livechat/.app/.meteor/versions
@@ -70,7 +70,7 @@ rate-limit@1.0.8
 reactive-dict@1.2.0
 reactive-var@1.0.11
 retry@1.0.9
-rocketchat:streamer@0.5.0
+rocketchat:streamer@0.6.0
 routepolicy@1.0.12
 service-configuration@1.0.11
 session@1.1.7

--- a/packages/rocketchat-livechat/.app/client/lib/_livechat.js
+++ b/packages/rocketchat-livechat/.app/client/lib/_livechat.js
@@ -42,7 +42,7 @@ this.Livechat = new (class Livechat {
 						this._agent.set(result);
 					}
 				});
-				this.stream.on(this._room.get(), (eventData) => {
+				this.stream.on(this._room.get(), { token: visitor.getToken() }, (eventData) => {
 					if (!eventData || !eventData.type) {
 						return;
 					}

--- a/packages/rocketchat-livechat/.app/client/lib/fromApp/Notifications.js
+++ b/packages/rocketchat-livechat/.app/client/lib/fromApp/Notifications.js
@@ -47,23 +47,23 @@ this.Notifications = new class {
 		return this.streamUser.emit.apply(this.streamUser, args);
 	}
 	onAll(eventName, callback) {
-		return this.streamAll.on(eventName, callback);
+		return this.streamAll.on(eventName, { token: visitor.getToken() }, callback);
 	}
 	onLogged(eventName, callback) {
 		return this.onLogin(() => {
-			return this.streamLogged.on(eventName, callback);
+			return this.streamLogged.on(eventName, { token: visitor.getToken() }, callback);
 		});
 	}
 	onRoom(room, eventName, callback) {
 		if (this.debug === true) {
-			this.streamRoom.on(room, function() {
+			this.streamRoom.on(room, { token: visitor.getToken() }, function() {
 				return console.log(`RocketChat.Notifications: onRoom ${ room }`, arguments);
 			});
 		}
-		return this.streamRoom.on(`${ room }/${ eventName }`, callback);
+		return this.streamRoom.on(`${ room }/${ eventName }`, { token: visitor.getToken() }, callback);
 	}
 	onUser(eventName, callback) {
-		return this.streamUser.on(`${ visitor.getId() }/${ eventName }`, callback);
+		return this.streamUser.on(`${ visitor.getId() }/${ eventName }`, { token: visitor.getToken() }, callback);
 	}
 	unAll(callback) {
 		return this.streamAll.removeListener('notify', callback);

--- a/packages/rocketchat-livechat/.app/client/lib/msgTyping.js
+++ b/packages/rocketchat-livechat/.app/client/lib/msgTyping.js
@@ -16,7 +16,7 @@ export const MsgTyping = (function() {
 			return;
 		}
 		usersTyping[room] = { users: {} };
-		return Notifications.onRoom(room, 'typing', function(username, typing) {
+		return Notifications.onRoom(room, 'typing', function(username, typing, extraData) {
 			const user = Meteor.user();
 			if (username === (user && user.username)) {
 				return;
@@ -49,8 +49,8 @@ export const MsgTyping = (function() {
 			clearTimeout(timeouts[room]);
 			timeouts[room] = null;
 		}
-		const user = Meteor.user();
-		return Notifications.notifyRoom(room, 'typing', user && user.username, false);
+		const visitorData = visitor.getData();
+		return Notifications.notifyRoom(room, 'typing', visitorData && visitorData.username, false, { token: visitor.getToken() });
 	};
 	const start = function(room) {
 		if (!renew) { return; }
@@ -59,8 +59,8 @@ export const MsgTyping = (function() {

 		renew = false;
 		selfTyping.set(true);
-		const user = Meteor.user();
-		Notifications.notifyRoom(room, 'typing', user && user.username, true);
+		const visitorData = visitor.getData();
+		Notifications.notifyRoom(room, 'typing', visitorData && visitorData.username, true, { token: visitor.getToken() });
 		clearTimeout(timeouts[room]);
 		return timeouts[room] = Meteor.setTimeout(() => stop(room), timeout);
 	};

--- a/packages/rocketchat-livechat/.app/imports/client/visitor.js
+++ b/packages/rocketchat-livechat/.app/imports/client/visitor.js
@@ -63,7 +63,7 @@ export default {

 		this.roomSubscribed = roomId;

-		msgStream.on(roomId, (msg) => {
+		msgStream.on(roomId, { token: this.getToken() }, (msg) => {
 			if (msg.t === 'command') {
 				Commands[msg.msg] && Commands[msg.msg]();
 			} else if (msg.t !== 'livechat_video_call') {

--- a/packages/rocketchat-livechat/client/views/app/tabbar/visitorForward.js
+++ b/packages/rocketchat-livechat/client/views/app/tabbar/visitorForward.js
@@ -68,7 +68,7 @@ Template.visitorForward.events({
 	},

 	'change #forwardUser, blur #forwardUser'(event, instance) {
-		if (event.currentTarget.value) {
+		if (event.currentTarget.value && instance.find('#forwardDepartment')) {
 			instance.find('#forwardDepartment').value = '';
 		}
 	},

--- a/packages/rocketchat-livechat/server/lib/Livechat.js
+++ b/packages/rocketchat-livechat/server/lib/Livechat.js
@@ -551,8 +551,17 @@ RocketChat.Livechat = {

 RocketChat.Livechat.stream = new Meteor.Streamer('livechat-room');

-// @TODO create a allow function
-RocketChat.Livechat.stream.allowRead('all');
+RocketChat.Livechat.stream.allowRead((roomId, extraData) => {
+	const room = RocketChat.models.Rooms.findOneById(roomId);
+	if (!room) {
+		console.warn(`Invalid eventName: "${ roomId }"`);
+		return false;
+	}
+	if (room.t === 'l' && extraData && extraData.token && room.v.token === extraData.token) {
+		return true;
+	}
+	return false;
+});

 RocketChat.settings.get('Livechat_history_monitor_type', (key, value) => {
 	RocketChat.Livechat.historyMonitorType = value;

--- a/packages/rocketchat-livechat/server/methods/loginByToken.js
+++ b/packages/rocketchat-livechat/server/methods/loginByToken.js
@@ -11,24 +11,5 @@ Meteor.methods({
 		return {
 			_id: user._id
 		};
-
-		// const stampedToken = Accounts._generateStampedLoginToken();
-		// const hashStampedToken = Accounts._hashStampedToken(stampedToken);
-
-		// const updateUser = {
-		// 	$set: {
-		// 		services: {
-		// 			resume: {
-		// 				loginTokens: [ hashStampedToken ]
-		// 			}
-		// 		}
-		// 	}
-		// };
-
-		// Meteor.users.update(user._id, updateUser);
-
-		// return {
-		// 	token: stampedToken.token
-		// };
 	}
 });
--- a/packages/rocketchat-livechat/server/methods/registerGuest.js
+++ b/packages/rocketchat-livechat/server/methods/registerGuest.js
 Meteor.methods({
 	'livechat:registerGuest'({ token, name, email, department } = {}) {
-		// const stampedToken = Accounts._generateStampedLoginToken();
-		// const hashStampedToken = Accounts._hashStampedToken(stampedToken);
-
 		const userId = RocketChat.Livechat.registerGuest.call(this, {
 			token,
 			name,

--- a/packages/rocketchat-livechat/server/methods/sendMessageLivechat.js
+++ b/packages/rocketchat-livechat/server/methods/sendMessageLivechat.js
@@ -16,8 +16,6 @@ Meteor.methods({
 			}
 		});

-		console.log('guest ->', guest);
-
 		if (!guest) {
 			throw new Meteor.Error('invalid-token');
 		}

--- a/packages/rocketchat-livechat/server/methods/transfer.js
+++ b/packages/rocketchat-livechat/server/methods/transfer.js
 /* eslint new-cap: [2, {"capIsNewExceptions": ["Match.Optional"]}] */
+
+import LivechatVisitors from '../models/LivechatVisitors';
+
 Meteor.methods({
 	'livechat:transfer'(transferData) {
 		if (!Meteor.userId() || !RocketChat.authz.hasPermission(Meteor.userId(), 'view-l-room')) {
@@ -13,7 +16,7 @@ Meteor.methods({

 		const room = RocketChat.models.Rooms.findOneById(transferData.roomId);

-		const guest = RocketChat.models.Users.findOneById(room.v._id);
+		const guest = LivechatVisitors.findOneById(room.v._id);

 		const user = Meteor.user();


--- a/packages/rocketchat-livechat/server/startup.js
+++ b/packages/rocketchat-livechat/server/startup.js
@@ -4,11 +4,11 @@ Meteor.startup(() => {
 	});

 	RocketChat.authz.addRoomAccessValidator(function(room, user) {
-		return room.t === 'l' && RocketChat.authz.hasPermission(user._id, 'view-livechat-rooms');
+		return room.t === 'l' && user && RocketChat.authz.hasPermission(user._id, 'view-livechat-rooms');
 	});

-	RocketChat.authz.addRoomAccessValidator(function(room, user) {
-		return room.t === 'l' && room.v && room.v._id === user._id;
+	RocketChat.authz.addRoomAccessValidator(function(room, user, extraData) {
+		return room.t === 'l' && extraData && extraData.token && room.v && room.v.token === extraData.token;
 	});

 	RocketChat.callbacks.add('beforeLeaveRoom', function(user, room) {

--- a/packages/rocketchat-tokenpass/server/startup.js
+++ b/packages/rocketchat-tokenpass/server/startup.js
@@ -23,7 +23,7 @@ function validateTokenAccess(userData, roomData) {

 Meteor.startup(function() {
 	RocketChat.authz.addRoomAccessValidator(function(room, user) {
-		if (!room.tokenpass) {
+		if (!room.tokenpass || !user) {
 			return false;
 		}


--- a/server/methods/canAccessRoom.js
+++ b/server/methods/canAccessRoom.js
 Meteor.methods({
-	canAccessRoom(rid, userId) {
+	canAccessRoom(rid, userId, extraData) {
 		check(rid, String);
 		check(userId, Match.Maybe(String));

 		let user;

-		if (!userId && RocketChat.settings.get('Accounts_AllowAnonymousRead') === false) {
-			throw new Meteor.Error('error-invalid-user', 'Invalid user', {
-				method: 'canAccessRoom'
-			});
-		}
-
 		if (userId) {
 			user = RocketChat.models.Users.findOneById(userId, {
 				fields: {
@@ -33,13 +27,19 @@ Meteor.methods({

 		const room = RocketChat.models.Rooms.findOneById(rid);
 		if (room) {
-			if (RocketChat.authz.canAccessRoom.call(this, room, user)) {
+			if (RocketChat.authz.canAccessRoom.call(this, room, user, extraData)) {
 				if (user) {
 					room.username = user.username;
 				}
 				return room;
 			}

+			if (!userId && RocketChat.settings.get('Accounts_AllowAnonymousRead') === false) {
+				throw new Meteor.Error('error-invalid-user', 'Invalid user', {
+					method: 'canAccessRoom'
+				});
+			}
+
 			return false;
 		} else {
 			throw new Meteor.Error('error-invalid-room', 'Invalid room', {

--- a/server/stream/messages.js
+++ b/server/stream/messages.js
@@ -3,26 +3,24 @@ this.msgStream = msgStream;

 msgStream.allowWrite('none');

-msgStream.allowRead('all');
-// @TODO fix livechat
-// msgStream.allowRead(function(eventName) {
-// 	try {
-// 		const room = Meteor.call('canAccessRoom', eventName, this.userId);
+msgStream.allowRead(function(eventName, args) {
+	try {
+		const room = Meteor.call('canAccessRoom', eventName, this.userId, args);

-// 		if (!room) {
-// 			return false;
-// 		}
+		if (!room) {
+			return false;
+		}

-// 		if (room.t === 'c' && !RocketChat.authz.hasPermission(this.userId, 'preview-c-room') && room.usernames.indexOf(room.username) === -1) {
-// 			return false;
-// 		}
+		if (room.t === 'c' && !RocketChat.authz.hasPermission(this.userId, 'preview-c-room') && room.usernames.indexOf(room.username) === -1) {
+			return false;
+		}

-// 		return true;
-// 	} catch (error) {
-// 		/*error*/
-// 		return false;
-// 	}
-// });
+		return true;
+	} catch (error) {
+		/*error*/
+		return false;
+	}
+});

 msgStream.allowRead('__my_messages__', 'all');