Reverse visibility check to properly disclose machines

Machines that you have disclose on are always shown. Machines you *don't* have `disclose` on are *also* show *iff* you are using them.
2024-11-21 22:47:55 +01:00 · 2022-03-16 15:09:25 +01:00 · 2022-03-16 15:09:25 +01:00 · cc2b43a9f2
commit cc2b43a9f2
parent 069819bb9a
1 changed files with 24 additions and 15 deletions
--- a/src/api/machines.rs
+++ b/src/api/machines.rs
@ -62,24 +62,33 @@ impl machines::Server for Machines {

                let mut filtered_v = Vec::with_capacity(v.len());
                for (id, machine) in v.into_iter() {
-                    match machine.get_status().await {
-                        // Always show a machine if they're in use by myself
-                        Status::InUse(ref bywho) =>
-                            if bywho.is_some() && bywho.as_ref().filter(|bywho| *bywho == user).is_some()
-                            {
+                    // Check if the user has disclose. If yes, machines are always shown.
+                    let required_disclose = &machine.desc.privs.disclose;
+                    if session.as_ref().unwrap().perms.iter()
+                              .any(|rule| rule.match_perm(required_disclose))
+                    {
+                        filtered_v.push((id, machine));
+                    } else {
+                        // If no, match their state. Used & reserved machines are also shown
+                        match machine.get_status().await {
+                            // Always show a machine if they're in use by myself
+                            Status::InUse(ref bywho) =>
+                                if bywho.is_some() && bywho.as_ref().filter(|bywho| *bywho == user).is_some()
+                                {
+                                    filtered_v.push((id, machine));
+                                }
+                            Status::Reserved(ref bywho) => if bywho == user {
                                filtered_v.push((id, machine));
                            }
-                        Status::Reserved(ref bywho) => if bywho == user {
-                            filtered_v.push((id, machine));
-                        }

-                        // The rest depends on the actual priviledges below
-                        _ => {
-                            let required_disclose = &machine.desc.privs.disclose;
-                            if session.as_ref().unwrap().perms.iter()
-                                .any(|rule| rule.match_perm(required_disclose))
-                            {
-                                filtered_v.push((id, machine));
+                            // The rest depends on the actual priviledges below
+                            _ => {
+                                let required_disclose = &machine.desc.privs.disclose;
+                                if session.as_ref().unwrap().perms.iter()
+                                          .any(|rule| rule.match_perm(required_disclose))
+                                {
+                                    filtered_v.push((id, machine));
+                                }
                            }
                        }
                    }