make serveKeepLocked check auth just to be safe

2024-07-22 19:15:52 -04:00 · 2024-07-22 19:15:52 -04:00 · e979e85bff
commit e979e85bff
parent 63e42aa1bc
5 changed files with 34 additions and 17 deletions
--- a/P2P/Http/State.hs
+++ b/P2P/Http/State.hs
@ -104,13 +104,7 @@ getP2PConnection
 	-> (ConnectionParams -> ConnectionParams)
 	-> Handler P2PConnectionPair
 getP2PConnection apiver st cu su bypass sec auth actionclass fconnparams =
-	case (getServerMode st sec auth, actionclass) of
-		(Just P2P.ServeReadWrite, _) -> go P2P.ServeReadWrite
-		(Just P2P.ServeAppendOnly, RemoveAction) -> throwError err403
-		(Just P2P.ServeAppendOnly, _) -> go P2P.ServeAppendOnly
-		(Just P2P.ServeReadOnly, ReadAction) -> go P2P.ServeReadOnly
-		(Just P2P.ServeReadOnly, _) -> throwError err403
-		(Nothing, _) -> throwError basicAuthRequired
+	checkAuthActionClass st sec auth actionclass go
  where
 	go servermode = liftIO (acquireP2PConnection st cp) >>= \case
 		Left (ConnectionFailed err) -> 
@ -128,6 +122,22 @@ getP2PConnection apiver st cu su bypass sec auth actionclass fconnparams =
 			, connectionWaitVar = True
 			}

+checkAuthActionClass
+	:: P2PHttpServerState
+	-> IsSecure
+	-> Maybe Auth
+	-> ActionClass
+	-> (P2P.ServerMode -> Handler a)
+	-> Handler a
+checkAuthActionClass st sec auth actionclass go =
+	case (getServerMode st sec auth, actionclass) of
+		(Just P2P.ServeReadWrite, _) -> go P2P.ServeReadWrite
+		(Just P2P.ServeAppendOnly, RemoveAction) -> throwError err403
+		(Just P2P.ServeAppendOnly, _) -> go P2P.ServeAppendOnly
+		(Just P2P.ServeReadOnly, ReadAction) -> go P2P.ServeReadOnly
+		(Just P2P.ServeReadOnly, _) -> throwError err403
+		(Nothing, _) -> throwError basicAuthRequired
+
 basicAuthRequired :: ServerError
 basicAuthRequired = err401 { errHeaders = [(h, v)] }
  where