From 78e6f6928db911e6c4eb769016a91832d27ae5bd Mon Sep 17 00:00:00 2001
From: stuebinm <stuebinm@disroot.org>
Date: Fri, 24 Dec 2021 16:27:52 +0100
Subject: [PATCH] allow openWebsiteAllowApi if website is on static.rc3.world
---
lib/Properties.hs | 14 ++++++++++++--
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/lib/Properties.hs b/lib/Properties.hs
index edffe8d..cf63e12 100644
--- a/lib/Properties.hs
+++ b/lib/Properties.hs
@@ -27,6 +27,7 @@ import Badges (Badge (Badge),
BadgeArea (BadgePoint, BadgeRect),
BadgeToken, parseToken)
import Data.Data (Proxy (Proxy))
+import Data.Functor ((<&>))
import Data.List ((\\))
import Data.Maybe (fromMaybe, isJust)
import Data.Set (Set)
@@ -471,9 +472,18 @@ checkTileLayerProperty p@(Property name _value) = case name of
-> do { isString p; requireProperty "bindVariable" }
| T.toLower name `elem` [ "jitsiurl", "jitsiconfig", "jitsiclientconfig"
, "jitsiroomadmintag", "jitsiinterfaceconfig"
- , "openwebsitepolicy", "openwebsiteallowapi"
- , "allowapi" ]
+ , "openwebsitepolicy", "allowapi" ]
-> forbidProperty name
+ -- the openWebsite Api can only be allowed if the website is on static.rc3.world
+ | T.toLower name == "openwebsiteallowapi"
+ -> do
+ properties <- askContext <&> getProperties
+ unless (all (\(Property name value) -> case value of
+ StrProp str -> name /= "openWebsite" || "https://static.rc3.world" `isPrefixOf` str
+ _ -> True
+ ) properties)
+ $ complain "\"openWebsiteAllowApi\" can only be used with websites hosted \
+ \on https://static.rc3.world"
| name `elem` [ "openWebsite", "openTab" ] -> do
uselessEmptyLayer
suggestProperty $ Property "openWebsiteTrigger" (StrProp "onaction")
--
GitLab