pass correct padID to checkAccess if pad is requested via readOnly link

2025-04-20 15:36:16 -04:00 · 2013-10-13 22:31:41 +02:00 · 2013-10-13 22:31:41 +02:00 · 77c2313025
commit 77c2313025
parent ef4e0d0eb0
2 changed files with 34 additions and 17 deletions
--- a/src/node/handler/PadMessageHandler.js
+++ b/src/node/handler/PadMessageHandler.js
@ -240,7 +240,7 @@ exports.handleMessage = function(client, message)
          callback();
        }else{
          var auth = sessioninfos[client.id].auth;
-          securityManager.checkAccess(auth.padID, auth.sessionID, auth.token, auth.password, function(err, statusObject)
+          var checkAccessCallback = function(err, statusObject)
          {
            if(ERR(err, callback)) return;
 
@ -254,7 +254,17 @@ exports.handleMessage = function(client, message)
            {
              client.json.send({accessStatus: statusObject.accessStatus})
            }
-          });
+          };
+          //check if pad is requested via readOnly
+          if (auth.padID.indexOf("r.") === 0) {
+            //Pad is readOnly, first get the real Pad ID
+            readOnlyManager.getPadId(auth.padID, function(err, value) {
+              ERR(err);
+              securityManager.checkAccess(value, auth.sessionID, auth.token, auth.password, checkAccessCallback);
+            });
+          } else {
+            securityManager.checkAccess(auth.padID, auth.sessionID, auth.token, auth.password, checkAccessCallback);
+          }
        }
      },
      finalHandler