##########################################################################################

       LOC-5: Users can pretend to be SYSTEM

##########################################################################################


Issue Type: Bug 
-----------------------------------------------------------------------------------------

Issue Information
====================

Priority: Major					Status:      Closed
Resolution:  Fixed (2018-05-12 16:11:41)
Project: LocalChat (LOC)


Reported By: btasker					
Assigned To: btasker

Components: 
	- Server 

Affected Versions:		
	- v0.0.1a  			
	- V0.0.2  			


Targeted for fix in version: 
	- V0.0.2


Time Estimate: 0 minutes
Time Logged:   0 minutes


-----------------------------------------------------------------------------------------

Issue Description
==================

There's currently nothing in the codebase which prevents a user from inviting SYSTEM and
then joining with that name.

Although it'll push a notification to say that someone did so, that notification won't be
visible for anyone who joins afterwards. The user will then be able to push what appear to
be system messages (i.e. they'll be purple and from SYSTEM).

Need to adjust the backend to prevent SYSTEM from being invited, or from joining as it's a
reserved name.


-----------------------------------------------------------------------------------------

Issue Relations
================
	
	- relates to LOC-10: Clients can spoof sender value


-----------------------------------------------------------------------------------------

Activity
==========

	
-----------------------------------------------------------------------------------------
2018-05-12 16:10:13              git
-----------------------------------------------------------------------------------------


-- BEGIN QUOTE --

Repo: LocalChat
Host:Rimmer

commit cc2c1a0a6025762093e2bc208d23e20252b3e474
Author: B Tasker <github@<Domain Hidden>>
Date:   Sat May 12 16:09:01 2018 +0100

Commit Message: LOC-5 - Prevent SYSTEM from joining rooms, and warn if users try to invite
it
    
    We prevent anyone from joining with the name SYSTEM, and warn the entire room if
someone tries to authorise SYSTEM to log in (because they're almost certainly up to no
good)

 server/LocalChat.py |   15 +++++++++++++++
 1 files changed, 15 insertions(+), 0 deletions(-)

-- END QUOTE --

https://repos.bentasker.co.uk/projects/LocalChat.git/commits/cc2c1a0a6025762093e2bc208d23e20252b3e474
|
https://repos.bentasker.co.uk/projects/LocalChat.git/commitdiff/cc2c1a0a6025762093e2bc208d23e20252b3e474

	
-----------------------------------------------------------------------------------------
2018-05-12 16:10:50              btasker
-----------------------------------------------------------------------------------------

It's no longer possible to join with the name SYSTEM.

If a user runs /room invite SYSTEM a message is pushed into the group warning who tried to
do it. The room owner can then use /kick or /ban to exact vengeance :)
	
-----------------------------------------------------------------------------------------
2018-05-12 16:11:41              
-----------------------------------------------------------------------------------------

btasker changed status from 'Open' to 'Resolved'
	
-----------------------------------------------------------------------------------------
2018-05-12 16:11:41              
-----------------------------------------------------------------------------------------

btasker added 'Fixed' to resolution
	
-----------------------------------------------------------------------------------------
2018-05-12 16:11:45              
-----------------------------------------------------------------------------------------

btasker changed status from 'Resolved' to 'Closed'
	
-----------------------------------------------------------------------------------------
2018-05-20 23:40:38              git
-----------------------------------------------------------------------------------------


-- BEGIN QUOTE --

Repo: LocalChat
Host:Rimmer

commit b61c9c49052392ebc08d5d5c48ae07ab18ca2817
Author: B Tasker <github@<Domain Hidden>>
Date:   Sun May 20 23:29:46 2018 +0100

Commit Message: Added regression test for LOC-5
    
    Test user attempts to create an invite for SYSTEM (as a precursor to signing in using
the generated credentials)

 tests/run_tests.py |   56 ++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 files changed, 54 insertions(+), 2 deletions(-)
-- END QUOTE --

https://repos.bentasker.co.uk/projects/LocalChat.git/commits/b61c9c49052392ebc08d5d5c48ae07ab18ca2817
|
https://repos.bentasker.co.uk/projects/LocalChat.git/commitdiff/b61c9c49052392ebc08d5d5c48ae07ab18ca2817