refactor: canAccessRoomId to async (#28540)

Co-authored-by: Rodrigo Nascimento <rodrigoknascimento@gmail.com>
3 years ago · 17ac357907
parent 6331e52e28
commit 17ac357907
17 changed files with 40 additions and 47 deletions
--- a/apps/meteor/app/api/server/v1/chat.ts
+++ b/apps/meteor/app/api/server/v1/chat.ts
@ -4,7 +4,7 @@ import { Messages, Users, Rooms, Subscriptions } from '@rocket.chat/models';
 import { escapeRegExp } from '@rocket.chat/string-helpers';
 import type { IMessage } from '@rocket.chat/core-typings';

-import { canAccessRoomId, roomAccessAttributes } from '../../../authorization/server';
+import { roomAccessAttributes } from '../../../authorization/server';
 import { hasPermissionAsync } from '../../../authorization/server/functions/hasPermission';
 import { normalizeMessagesForUser } from '../../../utils/server/lib/normalizeMessagesForUser';
 import { API } from '../api';
@ -13,7 +13,7 @@ import { settings } from '../../../settings/server';
 import { executeSetReaction } from '../../../reactions/server/setReaction';
 import { findDiscussionsFromRoom, findMentionedMessages, findStarredMessages } from '../lib/messages';
 import { executeSendMessage } from '../../../lib/server/methods/sendMessage';
-import { canAccessRoomAsync } from '../../../authorization/server/functions/canAccessRoom';
+import { canAccessRoomAsync, canAccessRoomIdAsync } from '../../../authorization/server/functions/canAccessRoom';

 API.v1.addRoute(
 	'chat.delete',
@ -452,7 +452,7 @@ API.v1.addRoute(
 				throw new Meteor.Error('error-roomId-param-not-provided', 'The required "roomId" query param is missing.');
 			}

-			if (!canAccessRoomId(roomId, this.userId)) {
+			if (!(await canAccessRoomIdAsync(roomId, this.userId))) {
 				throw new Meteor.Error('error-not-allowed', 'Not allowed');
 			}

--- a/apps/meteor/app/api/server/v1/commands.ts
+++ b/apps/meteor/app/api/server/v1/commands.ts
@ -4,7 +4,7 @@ import objectPath from 'object-path';

 import { slashCommands } from '../../../utils/server';
 import { Messages } from '../../../models/server';
-import { canAccessRoomId } from '../../../authorization/server';
+import { canAccessRoomIdAsync } from '../../../authorization/server/functions/canAccessRoom';
 import { API } from '../api';

 API.v1.addRoute(
@ -194,7 +194,7 @@ API.v1.addRoute(
 				return API.v1.failure('The command provided does not exist (or is disabled).');
 			}

-			if (!canAccessRoomId(body.roomId, this.userId)) {
+			if (!(await canAccessRoomIdAsync(body.roomId, this.userId))) {
 				return API.v1.unauthorized();
 			}

@ -248,7 +248,7 @@ API.v1.addRoute(
 				return API.v1.failure('The command provided does not exist (or is disabled).');
 			}

-			if (!canAccessRoomId(query.roomId, user._id)) {
+			if (!(await canAccessRoomIdAsync(query.roomId, user._id))) {
 				return API.v1.unauthorized();
 			}

@ -264,7 +264,7 @@ API.v1.addRoute(
 		},

 		// Expects a body format of: { command: 'giphy', params: 'mine', roomId: 'value', tmid: 'value', triggerId: 'value', previewItem: { id: 'sadf8' type: 'image', value: 'https://dev.null/gif' } }
-		post() {
+		async post() {
 			const body = this.bodyParams;

 			if (typeof body.command !== 'string') {
@ -300,7 +300,7 @@ API.v1.addRoute(
 				return API.v1.failure('The command provided does not exist (or is disabled).');
 			}

-			if (!canAccessRoomId(body.roomId, this.userId)) {
+			if (!(await canAccessRoomIdAsync(body.roomId, this.userId))) {
 				return API.v1.unauthorized();
 			}

--- a/apps/meteor/app/api/server/v1/rooms.ts
+++ b/apps/meteor/app/api/server/v1/rooms.ts
@ -6,7 +6,7 @@ import type { IRoom } from '@rocket.chat/core-typings';
 import { Media } from '@rocket.chat/core-services';

 import { API } from '../api';
-import { canAccessRoomAsync, canAccessRoomId } from '../../../authorization/server';
+import { canAccessRoomAsync, canAccessRoomIdAsync } from '../../../authorization/server/functions/canAccessRoom';
 import { hasPermissionAsync } from '../../../authorization/server/functions/hasPermission';
 import { getUploadFormData } from '../lib/getUploadFormData';
 import { settings } from '../../../settings/server';
@ -136,7 +136,7 @@ API.v1.addRoute(
 	{ authRequired: true },
 	{
 		async post() {
-			if (!(await canAccessRoomId(this.urlParams.rid, this.userId))) {
+			if (!(await canAccessRoomIdAsync(this.urlParams.rid, this.userId))) {
 				return API.v1.unauthorized();
 			}

--- a/apps/meteor/app/authorization/server/functions/canAccessRoom.ts
+++ b/apps/meteor/app/authorization/server/functions/canAccessRoom.ts
@ -1,5 +1,4 @@
 import { Authorization } from '@rocket.chat/core-services';
-import type { IAuthorization } from '@rocket.chat/core-services';

 export const canAccessRoomAsync = Authorization.canAccessRoom;
 export const canAccessRoomIdAsync = Authorization.canAccessRoomId;
@ -9,8 +8,3 @@ export const roomAccessAttributes = {
 	teamId: 1,
 	prid: 1,
 };
-
-/* deprecated */
-export const canAccessRoom = (...args: Parameters<IAuthorization['canAccessRoom']>): boolean => Promise.await(canAccessRoomAsync(...args));
-export const canAccessRoomId = (...args: Parameters<IAuthorization['canAccessRoomId']>): boolean =>
-	Promise.await(canAccessRoomIdAsync(...args));
--- a/apps/meteor/app/authorization/server/index.js
+++ b/apps/meteor/app/authorization/server/index.js
@ -1,4 +1,4 @@
-import { canAccessRoomId, roomAccessAttributes, canAccessRoomAsync } from './functions/canAccessRoom';
+import { roomAccessAttributes, canAccessRoomAsync } from './functions/canAccessRoom';
 import { canSendMessage } from './functions/canSendMessage';
 import { getRoles } from './functions/getRoles';
 import { getUsersInRole } from './functions/getUsersInRole';
@ -18,7 +18,6 @@ export {
 	subscriptionHasRole,
 	canSendMessage,
 	canAccessRoomAsync,
-	canAccessRoomId,
 	roomAccessAttributes,
 	hasAllPermission,
 	hasAtLeastOnePermission,
--- a/apps/meteor/app/e2e/server/methods/getUsersOfRoomWithoutKey.ts
+++ b/apps/meteor/app/e2e/server/methods/getUsersOfRoomWithoutKey.ts
@ -3,7 +3,7 @@ import { check } from 'meteor/check';
 import type { ServerMethods } from '@rocket.chat/ui-contexts';
 import type { IRoom, ISubscription, IUser } from '@rocket.chat/core-typings';

-import { canAccessRoomId } from '../../../authorization/server';
+import { canAccessRoomIdAsync } from '../../../authorization/server/functions/canAccessRoom';
 import { Subscriptions, Users } from '../../../models/server';

 declare module '@rocket.chat/ui-contexts' {
@ -14,7 +14,7 @@ declare module '@rocket.chat/ui-contexts' {
 }

 Meteor.methods<ServerMethods>({
-	'e2e.getUsersOfRoomWithoutKey'(rid) {
+	async 'e2e.getUsersOfRoomWithoutKey'(rid) {
 		check(rid, String);

 		const userId = Meteor.userId();
@ -30,7 +30,7 @@ Meteor.methods<ServerMethods>({
 			});
 		}

-		if (!canAccessRoomId(rid, userId)) {
+		if (!(await canAccessRoomIdAsync(rid, userId))) {
 			throw new Meteor.Error('error-invalid-room', 'Invalid room', { method: 'e2e.getUsersOfRoomWithoutKey' });
 		}

--- a/apps/meteor/app/e2e/server/methods/setRoomKeyID.ts
+++ b/apps/meteor/app/e2e/server/methods/setRoomKeyID.ts
@ -3,7 +3,7 @@ import { check } from 'meteor/check';
 import type { ServerMethods } from '@rocket.chat/ui-contexts';
 import type { IRoom } from '@rocket.chat/core-typings';

-import { canAccessRoomId } from '../../../authorization/server';
+import { canAccessRoomIdAsync } from '../../../authorization/server/functions/canAccessRoom';
 import { Rooms } from '../../../models/server';

 declare module '@rocket.chat/ui-contexts' {
@ -14,7 +14,7 @@ declare module '@rocket.chat/ui-contexts' {
 }

 Meteor.methods<ServerMethods>({
-	'e2e.setRoomKeyID'(rid, keyID) {
+	async 'e2e.setRoomKeyID'(rid, keyID) {
 		check(rid, String);
 		check(keyID, String);

@ -27,7 +27,7 @@ Meteor.methods<ServerMethods>({
 			throw new Meteor.Error('error-invalid-room', 'Invalid room', { method: 'e2e.setRoomKeyID' });
 		}

-		if (!canAccessRoomId(rid, userId)) {
+		if (!(await canAccessRoomIdAsync(rid, userId))) {
 			throw new Meteor.Error('error-invalid-room', 'Invalid room', { method: 'e2e.setRoomKeyID' });
 		}

--- a/apps/meteor/app/lib/server/methods/getMessages.ts
+++ b/apps/meteor/app/lib/server/methods/getMessages.ts
@ -4,7 +4,7 @@ import type { IMessage } from '@rocket.chat/core-typings';
 import type { ServerMethods } from '@rocket.chat/ui-contexts';
 import { Messages } from '@rocket.chat/models';

-import { canAccessRoomId } from '../../../authorization/server';
+import { canAccessRoomIdAsync } from '../../../authorization/server/functions/canAccessRoom';

 declare module '@rocket.chat/ui-contexts' {
 	// eslint-disable-next-line @typescript-eslint/naming-convention
@ -23,9 +23,9 @@ Meteor.methods<ServerMethods>({
 		}

 		const msgs = await Messages.findVisibleByIds(messages).toArray();
-		const rids = [...new Set(msgs.map((m) => m.rid))];
+		const rids = await Promise.all([...new Set(msgs.map((m) => m.rid))].map((_id) => canAccessRoomIdAsync(_id, uid)));

-		if (!rids.every((_id) => canAccessRoomId(_id, uid))) {
+		if (!rids.every(Boolean)) {
 			throw new Meteor.Error('error-not-allowed', 'Not allowed', { method: 'getSingleMessage' });
 		}

--- a/apps/meteor/app/lib/server/methods/getSingleMessage.ts
+++ b/apps/meteor/app/lib/server/methods/getSingleMessage.ts
@ -3,7 +3,7 @@ import { check } from 'meteor/check';
 import type { IMessage } from '@rocket.chat/core-typings';
 import type { ServerMethods } from '@rocket.chat/ui-contexts';

-import { canAccessRoomId } from '../../../authorization/server';
+import { canAccessRoomIdAsync } from '../../../authorization/server/functions/canAccessRoom';
 import { Messages } from '../../../models/server';

 declare module '@rocket.chat/ui-contexts' {
@ -14,7 +14,7 @@ declare module '@rocket.chat/ui-contexts' {
 }

 Meteor.methods<ServerMethods>({
-	getSingleMessage(mid) {
+	async getSingleMessage(mid) {
 		check(mid, String);

 		const uid = Meteor.userId();
@ -29,7 +29,7 @@ Meteor.methods<ServerMethods>({
 			return undefined;
 		}

-		if (!canAccessRoomId(msg.rid, uid)) {
+		if (!(await canAccessRoomIdAsync(msg.rid, uid))) {
 			throw new Meteor.Error('error-not-allowed', 'Not allowed', { method: 'getSingleMessage' });
 		}

--- a/apps/meteor/app/threads/server/methods/followMessage.ts
+++ b/apps/meteor/app/threads/server/methods/followMessage.ts
@ -6,7 +6,7 @@ import type { ServerMethods } from '@rocket.chat/ui-contexts';
 import { Messages } from '../../../models/server';
 import { RateLimiter } from '../../../lib/server';
 import { settings } from '../../../settings/server';
-import { canAccessRoomId } from '../../../authorization/server';
+import { canAccessRoomIdAsync } from '../../../authorization/server/functions/canAccessRoom';
 import { follow } from '../functions';
 import { Apps, AppEvents } from '../../../../ee/server/apps/orchestrator';

@ -37,7 +37,7 @@ Meteor.methods<ServerMethods>({
 			});
 		}

-		if (!canAccessRoomId(message.rid, uid)) {
+		if (!(await canAccessRoomIdAsync(message.rid, uid))) {
 			throw new Meteor.Error('error-not-allowed', 'not-allowed', { method: 'followMessage' });
 		}

--- a/apps/meteor/app/threads/server/methods/unfollowMessage.ts
+++ b/apps/meteor/app/threads/server/methods/unfollowMessage.ts
@ -6,7 +6,7 @@ import type { ServerMethods } from '@rocket.chat/ui-contexts';
 import { Messages } from '../../../models/server';
 import { RateLimiter } from '../../../lib/server';
 import { settings } from '../../../settings/server';
-import { canAccessRoomId } from '../../../authorization/server';
+import { canAccessRoomIdAsync } from '../../../authorization/server/functions/canAccessRoom';
 import { unfollow } from '../functions';
 import { Apps, AppEvents } from '../../../../ee/server/apps/orchestrator';

@ -37,7 +37,7 @@ Meteor.methods<ServerMethods>({
 			});
 		}

-		if (!canAccessRoomId(message.rid, uid)) {
+		if (!(await canAccessRoomIdAsync(message.rid, uid))) {
 			throw new Meteor.Error('error-not-allowed', 'not-allowed', { method: 'unfollowMessage' });
 		}

--- a/apps/meteor/ee/server/methods/getReadReceipts.ts
+++ b/apps/meteor/ee/server/methods/getReadReceipts.ts
@ -4,7 +4,7 @@ import type { ServerMethods } from '@rocket.chat/ui-contexts';
 import type { ReadReceipt as ReadReceiptType, IMessage } from '@rocket.chat/core-typings';

 import { Messages } from '../../../app/models/server';
-import { canAccessRoomId } from '../../../app/authorization/server';
+import { canAccessRoomIdAsync } from '../../../app/authorization/server/functions/canAccessRoom';
 import { hasLicense } from '../../app/license/server/license';
 import { ReadReceipt } from '../lib/message-read-receipt/ReadReceipt';

@ -16,7 +16,7 @@ declare module '@rocket.chat/ui-contexts' {
 }

 Meteor.methods<ServerMethods>({
-	getReadReceipts({ messageId }) {
+	async getReadReceipts({ messageId }) {
 		if (!hasLicense('message-read-receipt')) {
 			throw new Meteor.Error('error-action-not-allowed', 'This is an enterprise feature', { method: 'getReadReceipts' });
 		}
@ -40,7 +40,7 @@ Meteor.methods<ServerMethods>({
 			});
 		}

-		if (!canAccessRoomId(message.rid, uid)) {
+		if (!(await canAccessRoomIdAsync(message.rid, uid))) {
 			throw new Meteor.Error('error-invalid-room', 'Invalid room', { method: 'getReadReceipts' });
 		}

--- a/apps/meteor/server/methods/loadMissedMessages.ts
+++ b/apps/meteor/server/methods/loadMissedMessages.ts
@ -4,7 +4,7 @@ import type { IMessage, IRoom } from '@rocket.chat/core-typings';
 import type { ServerMethods } from '@rocket.chat/ui-contexts';
 import { Messages } from '@rocket.chat/models';

-import { canAccessRoomId } from '../../app/authorization/server';
+import { canAccessRoomIdAsync } from '../../app/authorization/server/functions/canAccessRoom';

 declare module '@rocket.chat/ui-contexts' {
 	// eslint-disable-next-line @typescript-eslint/naming-convention
@ -24,7 +24,7 @@ Meteor.methods<ServerMethods>({
 			throw new Meteor.Error('error-invalid-room', 'Invalid room', { method: 'getUsersOfRoom' });
 		}

-		if (!canAccessRoomId(rid, fromId)) {
+		if (!(await canAccessRoomIdAsync(rid, fromId))) {
 			return false;
 		}

--- a/apps/meteor/server/methods/loadNextMessages.ts
+++ b/apps/meteor/server/methods/loadNextMessages.ts
@ -4,7 +4,7 @@ import type { IMessage, IRoom } from '@rocket.chat/core-typings';
 import type { ServerMethods } from '@rocket.chat/ui-contexts';
 import { Messages } from '@rocket.chat/models';

-import { canAccessRoomId } from '../../app/authorization/server';
+import { canAccessRoomIdAsync } from '../../app/authorization/server/functions/canAccessRoom';
 import { normalizeMessagesForUser } from '../../app/utils/server/lib/normalizeMessagesForUser';

 declare module '@rocket.chat/ui-contexts' {
@ -31,7 +31,7 @@ Meteor.methods<ServerMethods>({

 		const fromId = Meteor.userId();

-		if (!fromId || !canAccessRoomId(rid, fromId)) {
+		if (!fromId || !(await canAccessRoomIdAsync(rid, fromId))) {
 			throw new Meteor.Error('error-not-allowed', 'Not allowed', { method: 'loadNextMessages' });
 		}

--- a/apps/meteor/server/methods/loadSurroundingMessages.ts
+++ b/apps/meteor/server/methods/loadSurroundingMessages.ts
@ -5,7 +5,7 @@ import type { IMessage } from '@rocket.chat/core-typings';
 import type { ServerMethods } from '@rocket.chat/ui-contexts';
 import { Messages } from '@rocket.chat/models';

-import { canAccessRoomId } from '../../app/authorization/server';
+import { canAccessRoomIdAsync } from '../../app/authorization/server/functions/canAccessRoom';
 import { normalizeMessagesForUser } from '../../app/utils/server/lib/normalizeMessagesForUser';

 declare module '@rocket.chat/ui-contexts' {
@ -47,7 +47,7 @@ Meteor.methods<ServerMethods>({
 			return false;
 		}

-		if (!canAccessRoomId(mainMessage.rid, fromId)) {
+		if (!(await canAccessRoomIdAsync(mainMessage.rid, fromId))) {
 			return false;
 		}

--- a/apps/meteor/server/methods/messageSearch.ts
+++ b/apps/meteor/server/methods/messageSearch.ts
@ -4,7 +4,7 @@ import { Messages } from '@rocket.chat/models';
 import type { ServerMethods } from '@rocket.chat/ui-contexts';
 import type { ISubscription, IUser } from '@rocket.chat/core-typings';

-import { canAccessRoomId } from '../../app/authorization/server';
+import { canAccessRoomIdAsync } from '../../app/authorization/server/functions/canAccessRoom';
 import { Subscriptions } from '../../app/models/server';
 import { settings } from '../../app/settings/server';
 import { readSecondaryPreferred } from '../database/readSecondaryPreferred';
@ -34,7 +34,7 @@ Meteor.methods<ServerMethods>({

 		// Don't process anything else if the user can't access the room
 		if (rid) {
-			if (!canAccessRoomId(rid, currentUserId)) {
+			if (!(await canAccessRoomIdAsync(rid, currentUserId))) {
 				return false;
 			}
 		} else if (settings.get('Search.defaultProvider.GlobalSearchEnabled') !== true) {
--- a/apps/meteor/server/publications/messages.ts
+++ b/apps/meteor/server/publications/messages.ts
@ -4,7 +4,7 @@ import { Messages } from '@rocket.chat/models';
 import type { ServerMethods } from '@rocket.chat/ui-contexts';
 import type { IMessage, IRoom } from '@rocket.chat/core-typings';

-import { canAccessRoomId } from '../../app/authorization/server';
+import { canAccessRoomIdAsync } from '../../app/authorization/server/functions/canAccessRoom';
 import { Messages as MessagesSync } from '../../app/models/server';

 declare module '@rocket.chat/ui-contexts' {
@ -36,7 +36,7 @@ Meteor.methods<ServerMethods>({
 			throw new Meteor.Error('error-invalid-room', 'Invalid room', { method: 'messages/get' });
 		}

-		if (!canAccessRoomId(rid, fromId)) {
+		if (!(await canAccessRoomIdAsync(rid, fromId))) {
 			throw new Meteor.Error('error-not-allowed', 'Not allowed', {
 				method: 'messages/get',
 			});