(partially) fix security problem with federated session

author: metamuffin <metamuffin@disroot.org> 2023-12-11 01:19:51 +0100
committer: metamuffin <metamuffin@disroot.org> 2023-12-11 01:19:51 +0100
commit: 36d7fb2790774c53415c96f8c6955be42bad952f (patch)
tree: 4481dac53a6d0896e90ff72b9b68665e59e159db /common
parent: 767d6c4c7b8518198b0343781128027051b94ae5 (diff)
download: jellything-36d7fb2790774c53415c96f8c6955be42bad952f.tar
jellything-36d7fb2790774c53415c96f8c6955be42bad952f.tar.bz2
jellything-36d7fb2790774c53415c96f8c6955be42bad952f.tar.zst
1 files changed, 17 insertions, 7 deletions
diff --git a/common/src/user.rs b/common/src/user.rs
index ae9a757..f33ca71 100644
--- a/common/src/user.rs
+++ b/common/src/user.rs
@@ -38,18 +38,26 @@ pub struct PermissionSet(pub HashMap<UserPermission, bool>);
 #[serde(rename_all = "snake_case")]
 pub enum UserPermission {
     Admin,
+    // ManageUsers,
+    // GenerateInvite,
+    ManageSelf,
+
+    AccessNode(String),
+    StreamFormat(StreamFormat),
     Transcode,
-    ManageUsers,
     FederatedContent,
-    GenerateInvite,
-    StreamFormat(StreamFormat),
-    AccessNode(String),
 }
 
 impl UserPermission {
     pub const ALL_ENUMERABLE: &'static [UserPermission] = {
         use UserPermission::*;
-        &[Admin, Transcode, StreamFormat(user::StreamFormat::Original)]
+        &[
+            Admin,
+            Transcode,
+            ManageSelf,
+            FederatedContent,
+            StreamFormat(user::StreamFormat::Original),
+        ]
     };
     pub fn default_value(&self) -> bool {
         use user::StreamFormat::*;
@@ -57,6 +65,7 @@ impl UserPermission {
         matches!(
             self,
             Transcode
+                | ManageSelf
                 | FederatedContent
                 | StreamFormat(Jhls | HlsMaster | HlsVariant | Matroska | Segment | Webvtt)
         )
@@ -66,6 +75,7 @@ impl UserPermission {
 impl Display for UserPermission {
     fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
         f.write_str(&match self {
+            UserPermission::ManageSelf => format!("manage self (password, display name, etc.)"),
             UserPermission::FederatedContent => format!("access to federated content"),
             UserPermission::Admin => format!("administrative rights"),
             UserPermission::StreamFormat(StreamFormat::Original) => {
@@ -78,8 +88,8 @@ impl Display for UserPermission {
                 format!("downloading media via {x:?}")
             }
             UserPermission::Transcode => format!("transcoding"),
-            UserPermission::ManageUsers => format!("management of all users"),
-            UserPermission::GenerateInvite => format!("inviting new users"),
+            // UserPermission::ManageUsers => format!("management of all users"),
+            // UserPermission::GenerateInvite => format!("inviting new users"),
             UserPermission::AccessNode(s) => format!("access to library node {s:?}"),
         })
     }
author	metamuffin <metamuffin@disroot.org>	2023-12-11 01:19:51 +0100
committer	metamuffin <metamuffin@disroot.org>	2023-12-11 01:19:51 +0100
commit	36d7fb2790774c53415c96f8c6955be42bad952f (patch)
tree	4481dac53a6d0896e90ff72b9b68665e59e159db /common
parent	767d6c4c7b8518198b0343781128027051b94ae5 (diff)
download	jellything-36d7fb2790774c53415c96f8c6955be42bad952f.tar jellything-36d7fb2790774c53415c96f8c6955be42bad952f.tar.bz2 jellything-36d7fb2790774c53415c96f8c6955be42bad952f.tar.zst