ahtlon/deck
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

sessions: ignore self-emitted update events

Browse Source 
Signed-off-by: chandi Langecker <git@chandi.it>
This commit is contained in:
chandi Langecker
2022-11-21 20:01:53 +01:00
parent 6d86ec70ef
commit 541ee13780
4 changed files with 74 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
lib/Service/SessionService.php
View File

@@ -57,11 +57,11 @@ class SessionService {
$this->eventDispatcher = $eventDispatcher;
}
public function initSession($boardId): Session {
public function initSession(int $boardId): Session {
$session = new Session();
$session->setBoardId($boardId);
$session->setUserId($this->userId);
$session->setToken($this->secureRandom->generate(64));
$session->setToken($this->secureRandom->generate(32));
$session->setLastContact($this->timeFactory->getTime());
$session = $this->sessionMapper->insert($session);
@@ -91,12 +91,34 @@ class SessionService {
return $this->sessionMapper->deleteInactive();
}
public function notifyAllSessions(IQueue $queue, int $boardId, $event, $excludeUserId, $body) {
public function notifyAllSessions(IQueue $queue, int $boardId, $event, $body, $causingSessionToken = null) {
$activeSessions = $this->sessionMapper->findAllActive($boardId);
$userIds = [];
foreach ($activeSessions as $session) {
if ($causingSessionToken && $session->getToken() === $causingSessionToken) {
// Limitation:
// If the same user has a second session active, the session $causingSessionToken
// still gets notified due to the current fact, that notify_push only supports
// to specify users, not individual sessions
// https://github.com/nextcloud/notify_push/issues/195
continue;
}
// don't notify the same user multiple times
if (!in_array($session->getUserId(), $userIds)) {
$userIds[] = $session->getUserId();
}
}
if ($causingSessionToken) {
// we only send a slice of the session token to everyone
// since knowledge of the full token allows everyone
// to close the session maliciously
$body['_causingSessionToken'] = substr($causingSessionToken, 0, 12);
}
foreach ($userIds as $userId) {
$queue->push('notify_custom', [
'user' => $session->getUserId(),
'user' => $userId,
'message' => $event,
'body' => $body
]);