Mirrors/movie-web
2
0
Fork 0
mirror of https://github.com/movie-web/movie-web.git synced 2024-11-11 04:15:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix permission check on domain level

Browse Source
This commit is contained in:
Jorrin 2024-01-14 22:33:46 +01:00
parent 9488437698
commit fa2b610ea6
2 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/backend/extension/messaging.ts
View File

@ -10,7 +10,7 @@ let activeExtension = false;
function sendMessage<MessageKey extends keyof MessagesMetadata>(
message: MessageKey,
payload: MessagesMetadata[MessageKey]["req"],
payload: MessagesMetadata[MessageKey]["req"] | undefined = undefined,
timeout: number = -1,
) {
return new Promise<MessagesMetadata[MessageKey]["res"] | null>((resolve) => {
@ -54,9 +54,7 @@ export async function sendPage(
export async function extensionInfo(): Promise<
MessagesMetadata["hello"]["res"] | null
> {
const message = await sendMessage("hello", {}, 300);
if (!message?.success) return null;
if (!message.allowed) return null;
const message = await sendMessage("hello", undefined, 300);
return message;
}

10
src/pages/parts/player/MetaPart.tsx
View File

@ -45,15 +45,17 @@ export function MetaPart(props: MetaPartProps) {
const { error, value, loading } = useAsync(async () => {
const info = await extensionInfo();
const isAllowed = info?.success && isAllowedExtensionVersion(info.version);
const isValidExtension =
info?.success && isAllowedExtensionVersion(info.version);
if (isAllowed) {
if (!info.hasPermission) throw new Error("extension-no-permission");
if (isValidExtension) {
if (!info.allowed || !info.hasPermission)
throw new Error("extension-no-permission");
}
// use api metadata or providers metadata
const providerApiUrl = getLoadbalancedProviderApiUrl();
if (providerApiUrl && !isAllowed) {
if (providerApiUrl && !isValidExtension) {
try {
await fetchMetadata(providerApiUrl);
} catch (err) {