Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding idManagement features + several corrections in the code #147

Open
wants to merge 18 commits into
base: full-id-service
Choose a base branch
from
Open
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
fix : added new package-lock for mutex dependency
h1ppox99 committed Aug 30, 2024
commit 3b173442d26e3e22a70d4eb748ac78c31446b2a7
10 changes: 9 additions & 1 deletion package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.


Unchanged files with check annotations Beta

)
} else {
clientServer.authenticate(req, res, (data, id) => {
// TODO : Handle error 403 where the user isn't allowed to see this user's presence status, may have to do with the "users_to_send_full_presence_to" table in the matrixDb

Check notice

Code scanning / devskim

A "TODO" or similar was left in source code, possibly indicating incomplete functionality Note

Suspicious comment
clientServer.matrixDb
.get(
'presence_stream',
jsonContent(req, res, clientServer.logger, (obj) => {
validateParameters(res, schema, obj, clientServer.logger, (obj) => {
const filter: Filter = new Filter(obj)
// TODO : verify if the user is allowed to make requests for this user id

Check notice

Code scanning / devskim

A "TODO" or similar was left in source code, possibly indicating incomplete functionality Note

Suspicious comment
// we consider for the moment that the user is only allowed to make requests for his own user id
const userId = (req as Request).params.userId
if (!isMatrixIdValid(userId)) {
.insert('user_filters', {
user_id: userId,
filter_id: filterId,
filter_json: JSON.stringify(filter) // TODO : clarify the type of the filter_json (bytea, string ???)

Check notice

Code scanning / devskim

A "TODO" or similar was left in source code, possibly indicating incomplete functionality Note

Suspicious comment
})
.then(() => {
clientServer.logger.info(`Inserted filter: ${filterId}`)
) as Record<string, string>
} else {
// We construct a URL object to extract the query parameters with .searchParams
const url = new URL(req.url ?? '', 'http://default-host') // No need to provide a correct host since we simply extract the query parameters

Check warning

Code scanning / devskim

An HTTP-based URL without TLS was detected. Warning

Insecure URL
queryParams = Object.fromEntries(
Array.from(url.searchParams.entries()).filter(
([, value]) => typeof value === 'string'