LOC-1: Only invited users or owners should be able to invite a user into a room

Issue Information

Issue Type: Improvement
Priority: Major
Status: Closed

Reported By:
Ben Tasker
Assigned To:
Ben Tasker
Project: LocalChat (LOC)
Resolution: Done (2018-05-12 15:21:10)
Affects Version: v0.0.1a,
Target version: V0.0.2,
Components: Server ,

Created: 2018-05-12 12:03:36
Time Spent Working

Currently, the server doesn't check that the inviting user is authorised on the room they are inviting another user into (so, they could in fact, invite themselves).

In the longer-term, this will be less of an issue as that user wouldn't have the details needed to decrypt the messages, but it'd still be wise to close this angle .

Toggle State Changes


btasker changed status from 'Open' to 'Resolved'
btasker added 'Done' to resolution
btasker changed status from 'Resolved' to 'Closed'
Repo: LocalChat

commit 0f0a12e1391e426b0bfe066e3e5a8fa815fe08f4
Author: B Tasker <github@<Domain Hidden>>
Date: Sat May 12 15:20:11 2018 +0100

Commit Message: LOC-1 Only users authorised on a room may grant access to others

Was originally going to make it admin only, but decided it was better to push a notification in instead.

client/LocalChatClient.py | 15 ++++++++-------
1 files changed, 8 insertions(+), 7 deletions(-)

View Commit | View Changes
Repo: LocalChat

commit 56e40eb5da27e2832dd473c4e0f46cab3df5d04d
Author: B Tasker <github@<Domain Hidden>>
Date: Sat May 12 15:23:26 2018 +0100

Commit Message: LOC-1 - forgot to include the server component in the earlier commit

server/LocalChat.py | 17 +++++++++++++++--
1 files changed, 15 insertions(+), 2 deletions(-)

View Commit | View Changes