Add System permission.

This replaces the OverridePermissions method, and is communicated to clients that can reliably and safely identify a system user.

Add System permission.
This replaces the OverridePermissions method, and is communicated to clients that can reliably and safely identify a system user.
a5c97fd8 · Juliusz Chroboczek · a25d4631 · a5c97fd8 · a5c97fd8 · a5c97fd8
Commit a5c97fd8 authored Jul 30, 2021 by Juliusz Chroboczek
Showing with 5 additions and 11 deletions

diskwriter/diskwriter.go diskwriter/diskwriter.go +3 -5

group/client.go group/client.go +1 -1

group/group.go group/group.go +1 -1

rtpconn/webclient.go rtpconn/webclient.go +0 -4

No files found.
--- a/diskwriter/diskwriter.go
+++ b/diskwriter/diskwriter.go
@@ -63,16 +63,14 @@ func (client *Client) Challenge(group string, cred group.ClientCredentials) bool
 	return true
 }

-func (client *Client) OverridePermissions(g *group.Group) bool {
-	return true
-}
-
 func (client *Client) SetPermissions(perms group.ClientPermissions) {
 	return
 }

 func (client *Client) Permissions() group.ClientPermissions {
-	return group.ClientPermissions{}
+	return group.ClientPermissions{
+		System: true,
+	}
 }

 func (client *Client) Status() map[string]interface{} {

--- a/group/client.go
+++ b/group/client.go
@@ -85,6 +85,7 @@ type ClientPermissions struct {
 	Op      bool `json:"op,omitempty"`
 	Present bool `json:"present,omitempty"`
 	Record  bool `json:"record,omitempty"`
+	System  bool `json:"system,omitempty"`
 }

 type Challengeable interface {
@@ -99,7 +100,6 @@ type Client interface {
 	Permissions() ClientPermissions
 	SetPermissions(ClientPermissions)
 	Status() map[string]interface{}
-	OverridePermissions(*Group) bool
 	PushConn(g *Group, id string, conn conn.Up, tracks []conn.UpTrack, replace string) error
 	RequestConns(target Client, g *Group, id string) error
 	Joined(group, kind string) error

--- a/group/group.go
+++ b/group/group.go
@@ -485,7 +485,7 @@ func AddClient(group string, c Client) (*Group, error) {

 	clients := g.getClientsUnlocked(nil)

-	if !c.OverridePermissions(g) {
+	if !c.Permissions().System {
 		perms, err := g.description.GetPermission(group, c)
 		if err != nil {
 			return nil, err

--- a/rtpconn/webclient.go
+++ b/rtpconn/webclient.go
@@ -107,10 +107,6 @@ func (c *webClient) SetPermissions(perms group.ClientPermissions) {
 	c.permissions = perms
 }

-func (c *webClient) OverridePermissions(g *group.Group) bool {
-	return false
-}
-
 func (c *webClient) PushClient(group, kind, id, username string, permissions group.ClientPermissions, status map[string]interface{}) error {
 	return c.action(pushClientAction{
 		group, kind, id, username, permissions, status,