mirrors/etherpad-lite
1
0
Fork 0
mirror of https://github.com/ether/etherpad-lite.git synced 2025-04-23 17:06:16 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 25

PadMessageHandler: Pass session info to handleMessageSecurity hook

Browse source
This commit is contained in:
Richard Hansen 2021-12-07 02:30:08 -05:00
parent 1b52c9f0c4
commit 31b025bd9d
4 changed files with 30 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

16
doc/api/hooks_server-side.md
View file

@ -585,6 +585,12 @@ then the message will not be subject to further processing.
Context properties:
* `message`: The message being handled.
* `sessionInfo`: Object describing the socket.io session with the following
properties:
* `authorId`: The user's author ID.
* `padId`: The real (not read-only) ID of the pad.
* `readOnly`: Whether the client has read-only access (true) or read/write
access (false).
* `socket`: The socket.io Socket object.
* `client`: (**Deprecated**; use `socket` instead.) Synonym of `socket`.
@ -620,13 +626,21 @@ Supported return values:
Context properties:
* `message`: The message being handled.
* `sessionInfo`: Object describing the socket.io connection with the following
properties:
* `authorId`: The user's author ID.
* `padId`: The real (not read-only) ID of the pad.
* `readOnly`: Whether the client has read-only access (true) or read/write
access (false).
* `socket`: The socket.io Socket object.
* `client`: (**Deprecated**; use `socket` instead.) Synonym of `socket`.
Example:
```javascript
exports.handleMessageSecurity = async (hookName, {message, socket}) => {
exports.handleMessageSecurity = async (hookName, context) => {
const {message, sessionInfo: {readOnly}, socket} = context;
if (!readOnly || message.type !== 'COLLABROOM') return;
if (shouldGrantWriteAccess(message, socket)) return true;
};
```