Move security evaluations for File/Echoareas back to model

This commit is contained in:
Deon George 2024-04-14 21:16:33 +10:00
parent 9c9fd84e0a
commit a2ff2df9f3
7 changed files with 42 additions and 8 deletions

View File

@ -360,7 +360,7 @@ class Tic extends FTNBase
// Validate sender is permitted to write
// @todo Send a notification
if (! $this->file->filearea->sec_write || ($this->file->fftn->security < $this->file->filearea->sec_write))
if (! $this->file->filearea->can_write($this->file->fftn->security))
throw new NoWriteSecurityException(sprintf('Node [%s] doesnt have enough security to write to [%s] (%d)',$this->file->fftn->ftn,$this->file->filearea->name,$this->file->fftn->security));
// If the file create time is blank, we'll take the files

View File

@ -52,8 +52,8 @@ class Rescan extends Command
throw new \Exception(sprintf('FTN [%s] is not subscribed to [%s]',$ao->ftn,$eao->name));
// Check that an FTN can read the area
if (! $eao->sec_read || ($ao->security < $eao->sec_read))
throw new \Exception(sprintf('FTN [%s] doesnt have permission to received [%s]',$ao->ftn,$eao->name));
if (! $eao->can_read($ao->security))
throw new \Exception(sprintf('FTN [%s] doesnt have permission to receive [%s]',$ao->ftn,$eao->name));
foreach (Echomail::select('id')
->where('echoarea_id',$eao->id)

View File

@ -343,7 +343,7 @@ class MessageProcess implements ShouldQueue
}
// Can the system send messages to this area?
if (! $ea->sec_write || ($this->pktsrc->security < $ea->sec_write)) {
if (! $ea->can_write($this->pktsrc->security)) {
Log::alert(sprintf('%s:! FTN [%s] is not allowed to post [%s] to [%s].',self::LOGKEY,$this->pktsrc->ftn,$this->msg->msgid,$ea->name));
if (! $this->msg->rescanned->count())
Notification::route('netmail',$this->pktsrc)->notify(new EchoareaNoWrite($this->msg));

View File

@ -149,7 +149,7 @@ final class Echomail extends Model implements Packet
$exportto = ($x=$model
->echoarea
->addresses
->filter(function($item) use ($model) { return $item->security >= $model->echoarea->sec_read; }))
->filter(function($item) use ($model) { return $model->echoarea->can_read($item->security); }))
->pluck('id')
->diff($seenby);

View File

@ -155,7 +155,7 @@ class File extends Model
$exportto = $model
->filearea
->addresses
->filter(function($item) use ($model) { return $item->security >= $model->filearea->sec_read; })
->filter(function($item) use ($model) { return $model->filearea->can_read($item->security); })
->pluck('id')
->diff($seenby);

View File

@ -7,6 +7,39 @@ namespace App\Traits;
trait AreaSecurity
{
/**
* Does the security level provide read or write access
*
* @param int $sec
* @return bool
*/
public function can_access(int $sec): bool
{
return $this->can_read($sec) || $this->can_write($sec);
}
/**
* Does the security level provide read access
*
* @param int $sec
* @return bool
*/
public function can_read(int $sec): bool
{
return $this->active && (($sec >= ($x=$this->getSecReadAttribute())) && $x);
}
/**
* Does the security level provide write access
*
* @param int $sec
* @return bool
*/
public function can_write(int $sec): bool
{
return $this->active && (($sec >= ($x=$this->getSecWriteAttribute())) && $x);
}
public function getSecReadAttribute(): int
{
return ($this->security>>3) & 0x7;

View File

@ -56,12 +56,12 @@
->sortBy('name')) as $o)
<tr>
<th class="nowrap">
<a href="{{ url('domain/view',[$o->id]) }}">{{ $o->name }}</a> <small>({{ $sec=$user->systems->pluck('akas')->flatten()->filter(function($item) use ($o) { return $item->zone->domain_id === $o->id; })->max('security') ?? '-' }})</small><br><br>
<a href="{{ url('domain/view',[$o->id]) }}">{{ $o->name }}</a> <small>({{ ($sec=$user->systems->pluck('akas')->flatten()->filter(function($item) use ($o) { return $item->zone->domain_id === $o->id; })->max('security') ?: 0) ?? '-' }})</small><br><br>
{{ ($sub=$user->systems->pluck('akas')->flatten()->pluck('echoareas')->flatten()->filter(function($item) use ($o) { return $item->domain_id === $o->id; }))->count() }} <small>Subscribed</small>
</th>
<td>
@foreach ($o->echoareas->sortBy('name') as $eo)
<span style="@if (($sec < $eo->sec_read) || ($sec < $eo->sec_write) || ! $eo->active) color: red; @elseif($sub->where('name',$eo->name)->count()) color: green; @endif">{{ $eo->name }}</span>
<span style="@if(! $eo->active) color: gray; @elseif(! $eo->can_access($sec)) color: red; @elseif($sub->where('name',$eo->name)->count()) color: green; @endif">{{ $eo->name }}</span>
@endforeach
</td>
</tr>
@ -113,6 +113,7 @@
--}}
</style>
@append
@section('page-scripts')
@js('highcharts')