From e89530fb84e81f822d9c1a6b58d086d669fd9008 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Blin?= <sebastien.blin@savoirfairelinux.com> Date: Thu, 14 Dec 2023 14:23:39 -0500 Subject: [PATCH] conversationrepository: fix level check for profile validation If a member leaves the conversation after changing the profile, it should not break the validation Change-Id: I0a7135f8b2906a2049ca4443f6bddb9d44ee5cc8 --- src/jamidht/conversationrepository.cpp | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/src/jamidht/conversationrepository.cpp b/src/jamidht/conversationrepository.cpp index 283a560366..fd1675765f 100644 --- a/src/jamidht/conversationrepository.cpp +++ b/src/jamidht/conversationrepository.cpp @@ -1469,18 +1469,21 @@ ConversationRepository::Impl::checkValidProfileUpdate(const std::string& userDev if (userUri.empty()) return false; + // Check if profile is changed by an user with correct privilege auto valid = false; - { - std::lock_guard<std::mutex> lk(membersMtx_); - for (const auto& member : members_) { - if (member.uri == userUri) { - valid = member.role <= updateProfilePermLvl_; - break; - } - } + if (updateProfilePermLvl_ == MemberRole::ADMIN) { + std::string adminFile = fmt::format("admins/{}.crt", userUri); + auto adminCert = fileAtTree(adminFile, treeNew); + valid |= adminCert != nullptr; } + if (updateProfilePermLvl_ >= MemberRole::MEMBER) { + std::string memberFile = fmt::format("members/{}.crt", userUri); + auto memberCert = fileAtTree(memberFile, treeNew); + valid |= memberCert != nullptr; + } + if (!valid) { - JAMI_ERROR("Profile changed from unauthorized user: {}", userDevice); + JAMI_ERROR("Profile changed from unauthorized user: {} ({})", userDevice, userUri); return false; } -- GitLab