Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensure Downgraded Teams can't authenticate MQTT Clients #4739

Merged
merged 4 commits into from
Nov 6, 2024
Merged

Ensure Downgraded Teams can't authenticate MQTT Clients #4739

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
0c46b4e
Ensure Downgraded Teams can't authenticate MQTT Clients
hardillb Nov 6, 2024
520f4a2
remove console.log
hardillb Nov 6, 2024
1c03876
Add test
hardillb Nov 6, 2024
e01bbc6
fix lint
hardillb Nov 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions forge/db/controllers/TeamBrokerClient.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,15 @@ module.exports = {
return false
}

if (user.Team.suspended) {
return false
}

const properties = user.Team.TeamType.properties
if (!properties?.features?.teamBroker) {
return false
}

if (!password || password.length > 128) {
return false
}
Expand Down
8 changes: 7 additions & 1 deletion forge/db/models/TeamBrokerClient.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,13 @@ module.exports = {
teamId = M.Team.decodeHashid(teamHashId)
}
return this.findOne({
where: { username, TeamId: teamId }
where: { username, TeamId: teamId },
include: {
model: M.Team,
include: {
model: M.TeamType
}
}
})
},
byTeam: async (teamHashId, pagination = {}, where = {}) => {
Expand Down
21 changes: 21 additions & 0 deletions test/unit/forge/ee/routes/teamBroker/index_spec.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -438,6 +438,27 @@ describe('Team Broker API', function () {
const result = response.json()
result.should.have.property('result', 'deny')
})
it('Test Authentication fail suspended team', async function () {
app.team.suspended = true
await app.team.save()

const response = await app.inject({
method: 'POST',
url: '/api/comms/v2/auth',
cookies: { sid: TestObjects.tokens.bob },
body: {
username: `bob@${app.team.hashid}`,
password: 'bbPassword',
clientId: `bob@${app.team.hashid}`
}
})
response.statusCode.should.equal(200)
const result = response.json()
result.should.have.property('result', 'deny')

app.team.suspended = false
await app.team.save()
})
it('Test subscribe allowed', async function () {
const response = await app.inject({
method: 'POST',
Expand Down
Loading