Merge pull request #9 from jagerman/show-recent

Make showing recent messages via web configurable

Author: majestrate

sogs/base_config.py

@@ -56,3 +56,7 @@
 # file containing "bad" words for filtration.  This feature in temporary and will be removed once
 # more robust bot/spam filtering is available.
 BAD_WORDS_FILE = 'badwords.txt'
+
+# If true, show recent messages for public rooms when accessed via a web browser.  If false only
+# show the QR code and URL but no recent messages.
+HTTP_SHOW_RECENT = True

sogs/model.py

@@ -415,15 +415,21 @@ def get_rooms():
     return [Room(row) for row in result]
 
 
-def get_readable_rooms(pubkey):
-    """get a list of rooms that a user can access"""
-    result = db.conn.execute(
-        """
-        SELECT rooms.* FROM user_permissions perm JOIN rooms ON rooms.id = room
-        WHERE session_id = ? AND perm.read AND NOT perm.banned
-        """,
-        [pubkey],
-    )
+def get_readable_rooms(pubkey=None):
+    """
+    Get a list of rooms that a user can access; if pubkey is None then return all publicly readable
+    rooms.
+    """
+    if pubkey is None:
+        result = db.conn.execute("SELECT * FROM rooms WHERE read")
+    else:
+        result = db.conn.execute(
+            """
+            SELECT rooms.* FROM user_permissions perm JOIN rooms ON rooms.id = room
+            WHERE session_id = ? AND perm.read AND NOT perm.banned
+            """,
+            [pubkey],
+        )
     return [Room(row) for row in result]
 
 

sogs/routes.py

@@ -42,7 +42,7 @@ def to_python(self, value):
 
 @app.get("/")
 def serve_index():
-    rooms = model.get_rooms()
+    rooms = model.get_readable_rooms()
     if len(rooms) == 0:
         return render_template('setup.html')
     return render_template(
@@ -52,11 +52,22 @@ def serve_index():
 
 @app.get("/view/room/<Room:room>")
 def view_room(room):
-    return render_template("view_room.html", room=room.token, room_url=utils.server_url(room.token))
+    if not room.default_read:
+        abort(http.FORBIDDEN)
+
+    return render_template(
+        "view_room.html",
+        room=room.token,
+        room_url=utils.server_url(room.token),
+        show_recent=config.HTTP_SHOW_RECENT,
+    )
 
 
 @app.get("/view/<Room:room>/invite.png")
 def serve_invite_qr(room):
+    if not room.default_read:
+        abort(http.FORBIDDEN)
+
     img = qrencode.encode(utils.server_url(room.token))
     data = BytesIO()
     img = img[-1].resize((512, 512), NEAREST)
@@ -79,6 +90,7 @@ def get_recent_room_messages(room):
 
     msgs = list()
     with db.conn as conn:
+        # FIXME: need to check user permissions here too
         rows = conn.execute(
             """
             SELECT

sogs/templates/view_room.html

@@ -5,13 +5,15 @@
   <img src="/view/{{room}}/invite.png" style="margin: 2em" />
   <pre>{{room_url}}</pre>
 </center>
-<ul id="messages">
-  <li>loading...</li>
-</ul>
-<script>
-  window.view_room = "{{room}}";
-</script>
-<script src="/static/protobuf.min.js"></script>
-<script src="/static/view_room.js"></script>
+{% if show_recent %}
+  <ul id="messages">
+    <li>loading...</li>
+  </ul>
+  <script>
+    window.view_room = "{{room}}";
+  </script>
+  <script src="/static/protobuf.min.js"></script>
+  <script src="/static/view_room.js"></script>
+{%endif%}
 
 {% endblock %}