Move security evaluations for File/Echoareas back to model
This commit is contained in:
parent
9c9fd84e0a
commit
a2ff2df9f3
@ -360,7 +360,7 @@ class Tic extends FTNBase
|
|||||||
|
|
||||||
// Validate sender is permitted to write
|
// Validate sender is permitted to write
|
||||||
// @todo Send a notification
|
// @todo Send a notification
|
||||||
if (! $this->file->filearea->sec_write || ($this->file->fftn->security < $this->file->filearea->sec_write))
|
if (! $this->file->filearea->can_write($this->file->fftn->security))
|
||||||
throw new NoWriteSecurityException(sprintf('Node [%s] doesnt have enough security to write to [%s] (%d)',$this->file->fftn->ftn,$this->file->filearea->name,$this->file->fftn->security));
|
throw new NoWriteSecurityException(sprintf('Node [%s] doesnt have enough security to write to [%s] (%d)',$this->file->fftn->ftn,$this->file->filearea->name,$this->file->fftn->security));
|
||||||
|
|
||||||
// If the file create time is blank, we'll take the files
|
// If the file create time is blank, we'll take the files
|
||||||
|
|||||||
@ -52,8 +52,8 @@ class Rescan extends Command
|
|||||||
throw new \Exception(sprintf('FTN [%s] is not subscribed to [%s]',$ao->ftn,$eao->name));
|
throw new \Exception(sprintf('FTN [%s] is not subscribed to [%s]',$ao->ftn,$eao->name));
|
||||||
|
|
||||||
// Check that an FTN can read the area
|
// Check that an FTN can read the area
|
||||||
if (! $eao->sec_read || ($ao->security < $eao->sec_read))
|
if (! $eao->can_read($ao->security))
|
||||||
throw new \Exception(sprintf('FTN [%s] doesnt have permission to received [%s]',$ao->ftn,$eao->name));
|
throw new \Exception(sprintf('FTN [%s] doesnt have permission to receive [%s]',$ao->ftn,$eao->name));
|
||||||
|
|
||||||
foreach (Echomail::select('id')
|
foreach (Echomail::select('id')
|
||||||
->where('echoarea_id',$eao->id)
|
->where('echoarea_id',$eao->id)
|
||||||
|
|||||||
@ -343,7 +343,7 @@ class MessageProcess implements ShouldQueue
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Can the system send messages to this area?
|
// Can the system send messages to this area?
|
||||||
if (! $ea->sec_write || ($this->pktsrc->security < $ea->sec_write)) {
|
if (! $ea->can_write($this->pktsrc->security)) {
|
||||||
Log::alert(sprintf('%s:! FTN [%s] is not allowed to post [%s] to [%s].',self::LOGKEY,$this->pktsrc->ftn,$this->msg->msgid,$ea->name));
|
Log::alert(sprintf('%s:! FTN [%s] is not allowed to post [%s] to [%s].',self::LOGKEY,$this->pktsrc->ftn,$this->msg->msgid,$ea->name));
|
||||||
if (! $this->msg->rescanned->count())
|
if (! $this->msg->rescanned->count())
|
||||||
Notification::route('netmail',$this->pktsrc)->notify(new EchoareaNoWrite($this->msg));
|
Notification::route('netmail',$this->pktsrc)->notify(new EchoareaNoWrite($this->msg));
|
||||||
|
|||||||
@ -149,7 +149,7 @@ final class Echomail extends Model implements Packet
|
|||||||
$exportto = ($x=$model
|
$exportto = ($x=$model
|
||||||
->echoarea
|
->echoarea
|
||||||
->addresses
|
->addresses
|
||||||
->filter(function($item) use ($model) { return $item->security >= $model->echoarea->sec_read; }))
|
->filter(function($item) use ($model) { return $model->echoarea->can_read($item->security); }))
|
||||||
->pluck('id')
|
->pluck('id')
|
||||||
->diff($seenby);
|
->diff($seenby);
|
||||||
|
|
||||||
|
|||||||
@ -155,7 +155,7 @@ class File extends Model
|
|||||||
$exportto = $model
|
$exportto = $model
|
||||||
->filearea
|
->filearea
|
||||||
->addresses
|
->addresses
|
||||||
->filter(function($item) use ($model) { return $item->security >= $model->filearea->sec_read; })
|
->filter(function($item) use ($model) { return $model->filearea->can_read($item->security); })
|
||||||
->pluck('id')
|
->pluck('id')
|
||||||
->diff($seenby);
|
->diff($seenby);
|
||||||
|
|
||||||
|
|||||||
@ -7,6 +7,39 @@ namespace App\Traits;
|
|||||||
|
|
||||||
trait AreaSecurity
|
trait AreaSecurity
|
||||||
{
|
{
|
||||||
|
/**
|
||||||
|
* Does the security level provide read or write access
|
||||||
|
*
|
||||||
|
* @param int $sec
|
||||||
|
* @return bool
|
||||||
|
*/
|
||||||
|
public function can_access(int $sec): bool
|
||||||
|
{
|
||||||
|
return $this->can_read($sec) || $this->can_write($sec);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Does the security level provide read access
|
||||||
|
*
|
||||||
|
* @param int $sec
|
||||||
|
* @return bool
|
||||||
|
*/
|
||||||
|
public function can_read(int $sec): bool
|
||||||
|
{
|
||||||
|
return $this->active && (($sec >= ($x=$this->getSecReadAttribute())) && $x);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Does the security level provide write access
|
||||||
|
*
|
||||||
|
* @param int $sec
|
||||||
|
* @return bool
|
||||||
|
*/
|
||||||
|
public function can_write(int $sec): bool
|
||||||
|
{
|
||||||
|
return $this->active && (($sec >= ($x=$this->getSecWriteAttribute())) && $x);
|
||||||
|
}
|
||||||
|
|
||||||
public function getSecReadAttribute(): int
|
public function getSecReadAttribute(): int
|
||||||
{
|
{
|
||||||
return ($this->security>>3) & 0x7;
|
return ($this->security>>3) & 0x7;
|
||||||
|
|||||||
@ -56,12 +56,12 @@
|
|||||||
->sortBy('name')) as $o)
|
->sortBy('name')) as $o)
|
||||||
<tr>
|
<tr>
|
||||||
<th class="nowrap">
|
<th class="nowrap">
|
||||||
<a href="{{ url('domain/view',[$o->id]) }}">{{ $o->name }}</a> <small>({{ $sec=$user->systems->pluck('akas')->flatten()->filter(function($item) use ($o) { return $item->zone->domain_id === $o->id; })->max('security') ?? '-' }})</small><br><br>
|
<a href="{{ url('domain/view',[$o->id]) }}">{{ $o->name }}</a> <small>({{ ($sec=$user->systems->pluck('akas')->flatten()->filter(function($item) use ($o) { return $item->zone->domain_id === $o->id; })->max('security') ?: 0) ?? '-' }})</small><br><br>
|
||||||
{{ ($sub=$user->systems->pluck('akas')->flatten()->pluck('echoareas')->flatten()->filter(function($item) use ($o) { return $item->domain_id === $o->id; }))->count() }} <small>Subscribed</small>
|
{{ ($sub=$user->systems->pluck('akas')->flatten()->pluck('echoareas')->flatten()->filter(function($item) use ($o) { return $item->domain_id === $o->id; }))->count() }} <small>Subscribed</small>
|
||||||
</th>
|
</th>
|
||||||
<td>
|
<td>
|
||||||
@foreach ($o->echoareas->sortBy('name') as $eo)
|
@foreach ($o->echoareas->sortBy('name') as $eo)
|
||||||
<span style="@if (($sec < $eo->sec_read) || ($sec < $eo->sec_write) || ! $eo->active) color: red; @elseif($sub->where('name',$eo->name)->count()) color: green; @endif">{{ $eo->name }}</span>
|
<span style="@if(! $eo->active) color: gray; @elseif(! $eo->can_access($sec)) color: red; @elseif($sub->where('name',$eo->name)->count()) color: green; @endif">{{ $eo->name }}</span>
|
||||||
@endforeach
|
@endforeach
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
@ -113,6 +113,7 @@
|
|||||||
--}}
|
--}}
|
||||||
</style>
|
</style>
|
||||||
@append
|
@append
|
||||||
|
|
||||||
@section('page-scripts')
|
@section('page-scripts')
|
||||||
@js('highcharts')
|
@js('highcharts')
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user