Use DialogManager::check_dialog_access when appropriate.

This commit is contained in:
levlam 2024-04-15 02:32:04 +03:00
parent e0a7ff6c53
commit 14b4666423
13 changed files with 61 additions and 215 deletions

View File

@ -842,27 +842,8 @@ void AttachMenuManager::request_web_view(DialogId dialog_id, UserId bot_user_id,
TRY_STATUS_PROMISE(promise, td_->user_manager_->get_bot_data(bot_user_id)); TRY_STATUS_PROMISE(promise, td_->user_manager_->get_bot_data(bot_user_id));
TRY_RESULT_PROMISE(promise, input_user, td_->user_manager_->get_input_user(bot_user_id)); TRY_RESULT_PROMISE(promise, input_user, td_->user_manager_->get_input_user(bot_user_id));
TRY_RESULT_PROMISE(promise, bot_data, td_->user_manager_->get_bot_data(bot_user_id)); TRY_RESULT_PROMISE(promise, bot_data, td_->user_manager_->get_bot_data(bot_user_id));
TRY_STATUS_PROMISE(
if (!td_->dialog_manager_->have_dialog_force(dialog_id, "request_web_view")) { promise, td_->dialog_manager_->check_dialog_access(dialog_id, false, AccessRights::Write, "request_web_view"));
return promise.set_error(Status::Error(400, "Chat not found"));
}
switch (dialog_id.get_type()) {
case DialogType::User:
case DialogType::Chat:
case DialogType::Channel:
// ok
break;
case DialogType::SecretChat:
return promise.set_error(Status::Error(400, "Web Apps can't be opened in secret chats"));
case DialogType::None:
default:
UNREACHABLE();
}
if (!td_->dialog_manager_->have_input_peer(dialog_id, false, AccessRights::Write)) {
return promise.set_error(Status::Error(400, "Have no write access to the chat"));
}
if (!top_thread_message_id.is_valid() || !top_thread_message_id.is_server() || if (!top_thread_message_id.is_valid() || !top_thread_message_id.is_server() ||
dialog_id.get_type() != DialogType::Channel || dialog_id.get_type() != DialogType::Channel ||

View File

@ -765,12 +765,7 @@ void BackgroundManager::delete_background(bool for_dark_theme, Promise<Unit> &&p
} }
Result<DialogId> BackgroundManager::get_background_dialog(DialogId dialog_id) { Result<DialogId> BackgroundManager::get_background_dialog(DialogId dialog_id) {
if (!td_->dialog_manager_->have_dialog_force(dialog_id, "get_background_dialog")) { TRY_STATUS(td_->dialog_manager_->check_dialog_access(dialog_id, true, AccessRights::Write, "get_background_dialog"));
return Status::Error(400, "Chat not found");
}
if (!td_->dialog_manager_->have_input_peer(dialog_id, true, AccessRights::Write)) {
return Status::Error(400, "Can't access the chat");
}
switch (dialog_id.get_type()) { switch (dialog_id.get_type()) {
case DialogType::User: case DialogType::User:

View File

@ -400,24 +400,15 @@ void BoostManager::get_boost_slots(Promise<td_api::object_ptr<td_api::chatBoostS
void BoostManager::get_dialog_boost_status(DialogId dialog_id, void BoostManager::get_dialog_boost_status(DialogId dialog_id,
Promise<td_api::object_ptr<td_api::chatBoostStatus>> &&promise) { Promise<td_api::object_ptr<td_api::chatBoostStatus>> &&promise) {
if (!td_->dialog_manager_->have_dialog_force(dialog_id, "get_dialog_boost_status")) { TRY_STATUS_PROMISE(promise, td_->dialog_manager_->check_dialog_access(dialog_id, false, AccessRights::Read,
return promise.set_error(Status::Error(400, "Chat not found")); "get_dialog_boost_status"));
}
if (!td_->dialog_manager_->have_input_peer(dialog_id, false, AccessRights::Read)) {
return promise.set_error(Status::Error(400, "Can't access the chat"));
}
td_->create_handler<GetBoostsStatusQuery>(std::move(promise))->send(dialog_id); td_->create_handler<GetBoostsStatusQuery>(std::move(promise))->send(dialog_id);
} }
void BoostManager::boost_dialog(DialogId dialog_id, vector<int32> slot_ids, void BoostManager::boost_dialog(DialogId dialog_id, vector<int32> slot_ids,
Promise<td_api::object_ptr<td_api::chatBoostSlots>> &&promise) { Promise<td_api::object_ptr<td_api::chatBoostSlots>> &&promise) {
if (!td_->dialog_manager_->have_dialog_force(dialog_id, "boost_dialog")) { TRY_STATUS_PROMISE(promise,
return promise.set_error(Status::Error(400, "Chat not found")); td_->dialog_manager_->check_dialog_access(dialog_id, false, AccessRights::Read, "boost_dialog"));
}
if (!td_->dialog_manager_->have_input_peer(dialog_id, false, AccessRights::Read)) {
return promise.set_error(Status::Error(400, "Can't access the chat"));
}
if (slot_ids.empty()) { if (slot_ids.empty()) {
return get_boost_slots(std::move(promise)); return get_boost_slots(std::move(promise));
} }
@ -426,12 +417,7 @@ void BoostManager::boost_dialog(DialogId dialog_id, vector<int32> slot_ids,
} }
Result<std::pair<string, bool>> BoostManager::get_dialog_boost_link(DialogId dialog_id) { Result<std::pair<string, bool>> BoostManager::get_dialog_boost_link(DialogId dialog_id) {
if (!td_->dialog_manager_->have_dialog_force(dialog_id, "get_dialog_boost_link")) { TRY_STATUS(td_->dialog_manager_->check_dialog_access(dialog_id, false, AccessRights::Read, "get_dialog_boost_link"));
return Status::Error(400, "Chat not found");
}
if (!td_->dialog_manager_->have_input_peer(dialog_id, false, AccessRights::Read)) {
return Status::Error(400, "Can't access the chat");
}
if (dialog_id.get_type() != DialogType::Channel) { if (dialog_id.get_type() != DialogType::Channel) {
return Status::Error(400, "Can't boost the chat"); return Status::Error(400, "Can't boost the chat");
} }
@ -475,12 +461,8 @@ td_api::object_ptr<td_api::chatBoostLinkInfo> BoostManager::get_chat_boost_link_
void BoostManager::get_dialog_boosts(DialogId dialog_id, bool only_gift_codes, const string &offset, int32 limit, void BoostManager::get_dialog_boosts(DialogId dialog_id, bool only_gift_codes, const string &offset, int32 limit,
Promise<td_api::object_ptr<td_api::foundChatBoosts>> &&promise) { Promise<td_api::object_ptr<td_api::foundChatBoosts>> &&promise) {
if (!td_->dialog_manager_->have_dialog_force(dialog_id, "get_dialog_boosts")) { TRY_STATUS_PROMISE(
return promise.set_error(Status::Error(400, "Chat not found")); promise, td_->dialog_manager_->check_dialog_access(dialog_id, false, AccessRights::Read, "get_dialog_boosts"));
}
if (!td_->dialog_manager_->have_input_peer(dialog_id, false, AccessRights::Read)) {
return promise.set_error(Status::Error(400, "Can't access the chat"));
}
if (limit <= 0) { if (limit <= 0) {
return promise.set_error(Status::Error(400, "Parameter limit must be positive")); return promise.set_error(Status::Error(400, "Parameter limit must be positive"));
} }
@ -490,12 +472,8 @@ void BoostManager::get_dialog_boosts(DialogId dialog_id, bool only_gift_codes, c
void BoostManager::get_user_dialog_boosts(DialogId dialog_id, UserId user_id, void BoostManager::get_user_dialog_boosts(DialogId dialog_id, UserId user_id,
Promise<td_api::object_ptr<td_api::foundChatBoosts>> &&promise) { Promise<td_api::object_ptr<td_api::foundChatBoosts>> &&promise) {
if (!td_->dialog_manager_->have_dialog_force(dialog_id, "get_user_dialog_boosts")) { TRY_STATUS_PROMISE(promise, td_->dialog_manager_->check_dialog_access(dialog_id, false, AccessRights::Read,
return promise.set_error(Status::Error(400, "Chat not found")); "get_user_dialog_boosts"));
}
if (!td_->dialog_manager_->have_input_peer(dialog_id, false, AccessRights::Read)) {
return promise.set_error(Status::Error(400, "Can't access the chat"));
}
if (!user_id.is_valid()) { if (!user_id.is_valid()) {
return promise.set_error(Status::Error(400, "User not found")); return promise.set_error(Status::Error(400, "User not found"));
} }

View File

@ -63,12 +63,8 @@ Result<BotCommandScope> BotCommandScope::get_bot_command_scope(Td *td,
return BotCommandScope(Type::Default); return BotCommandScope(Type::Default);
} }
if (!td->dialog_manager_->have_dialog_force(dialog_id, "get_bot_command_scope")) { TRY_STATUS(td->dialog_manager_->check_dialog_access(dialog_id, false, AccessRights::Read, "get_bot_command_scope"));
return Status::Error(400, "Chat not found");
}
if (!td->dialog_manager_->have_input_peer(dialog_id, false, AccessRights::Read)) {
return Status::Error(400, "Can't access the chat");
}
switch (dialog_id.get_type()) { switch (dialog_id.get_type()) {
case DialogType::User: case DialogType::User:
if (type != Type::Dialog) { if (type != Type::Dialog) {

View File

@ -237,10 +237,8 @@ void CallbackQueriesManager::send_callback_query(MessageFullId message_full_id,
} }
auto dialog_id = message_full_id.get_dialog_id(); auto dialog_id = message_full_id.get_dialog_id();
td_->dialog_manager_->have_dialog_force(dialog_id, "send_callback_query"); TRY_STATUS_PROMISE(
if (!td_->dialog_manager_->have_input_peer(dialog_id, false, AccessRights::Read)) { promise, td_->dialog_manager_->check_dialog_access(dialog_id, false, AccessRights::Read, "send_callback_query"));
return promise.set_error(Status::Error(400, "Can't access the chat"));
}
if (!td_->messages_manager_->have_message_force(message_full_id, "send_callback_query")) { if (!td_->messages_manager_->have_message_force(message_full_id, "send_callback_query")) {
return promise.set_error(Status::Error(400, "Message not found")); return promise.set_error(Status::Error(400, "Message not found"));
@ -275,9 +273,8 @@ void CallbackQueriesManager::send_get_callback_answer_query(
TRY_STATUS_PROMISE(promise, G()->close_status()); TRY_STATUS_PROMISE(promise, G()->close_status());
auto dialog_id = message_full_id.get_dialog_id(); auto dialog_id = message_full_id.get_dialog_id();
if (!td_->dialog_manager_->have_input_peer(dialog_id, false, AccessRights::Read)) { TRY_STATUS_PROMISE(promise, td_->dialog_manager_->check_dialog_access(dialog_id, false, AccessRights::Read,
return promise.set_error(Status::Error(400, "Can't access the chat")); "send_get_callback_answer_query"));
}
if (!td_->messages_manager_->have_message_force(message_full_id, "send_get_callback_answer_query")) { if (!td_->messages_manager_->have_message_force(message_full_id, "send_get_callback_answer_query")) {
return promise.set_error(Status::Error(400, "Message not found")); return promise.set_error(Status::Error(400, "Message not found"));
} }

View File

@ -2147,12 +2147,8 @@ void DialogFilterManager::add_dialog_filter_by_invite_link(const string &invite_
return promise.set_error(Status::Error(400, "Wrong invite link")); return promise.set_error(Status::Error(400, "Wrong invite link"));
} }
for (auto dialog_id : dialog_ids) { for (auto dialog_id : dialog_ids) {
if (!td_->dialog_manager_->have_dialog_force(dialog_id, "add_dialog_filter_by_invite_link")) { TRY_STATUS_PROMISE(promise, td_->dialog_manager_->check_dialog_access(dialog_id, false, AccessRights::Know,
return promise.set_error(Status::Error(400, "Chat not found")); "add_dialog_filter_by_invite_link"));
}
if (!td_->dialog_manager_->have_input_peer(dialog_id, false, AccessRights::Know)) {
return promise.set_error(Status::Error(400, "Can't access the chat"));
}
} }
CHECK(!invite_link.empty()); CHECK(!invite_link.empty());
@ -2181,12 +2177,8 @@ void DialogFilterManager::add_dialog_filter_new_chats(DialogFilterId dialog_filt
return promise.set_error(Status::Error(400, "Chat folder must be shareable")); return promise.set_error(Status::Error(400, "Chat folder must be shareable"));
} }
for (auto dialog_id : dialog_ids) { for (auto dialog_id : dialog_ids) {
if (!td_->dialog_manager_->have_dialog_force(dialog_id, "add_dialog_filter_new_chats")) { TRY_STATUS_PROMISE(promise, td_->dialog_manager_->check_dialog_access(dialog_id, false, AccessRights::Know,
return promise.set_error(Status::Error(400, "Chat not found")); "add_dialog_filter_new_chats"));
}
if (!td_->dialog_manager_->have_input_peer(dialog_id, false, AccessRights::Know)) {
return promise.set_error(Status::Error(400, "Can't access the chat"));
}
} }
if (dialog_ids.empty()) { if (dialog_ids.empty()) {

View File

@ -1616,12 +1616,7 @@ void DialogManager::set_dialog_profile_accent_color(DialogId dialog_id, AccentCo
void DialogManager::set_dialog_permissions(DialogId dialog_id, void DialogManager::set_dialog_permissions(DialogId dialog_id,
const td_api::object_ptr<td_api::chatPermissions> &permissions, const td_api::object_ptr<td_api::chatPermissions> &permissions,
Promise<Unit> &&promise) { Promise<Unit> &&promise) {
if (!have_dialog_force(dialog_id, "set_dialog_permissions")) { TRY_STATUS_PROMISE(promise, check_dialog_access(dialog_id, false, AccessRights::Write, "set_dialog_permissions"));
return promise.set_error(Status::Error(400, "Chat not found"));
}
if (!have_input_peer(dialog_id, false, AccessRights::Write)) {
return promise.set_error(Status::Error(400, "Can't access the chat"));
}
if (permissions == nullptr) { if (permissions == nullptr) {
return promise.set_error(Status::Error(400, "New permissions must be non-empty")); return promise.set_error(Status::Error(400, "New permissions must be non-empty"));
@ -1694,12 +1689,8 @@ void DialogManager::set_dialog_emoji_status(DialogId dialog_id, const EmojiStatu
void DialogManager::toggle_dialog_has_protected_content(DialogId dialog_id, bool has_protected_content, void DialogManager::toggle_dialog_has_protected_content(DialogId dialog_id, bool has_protected_content,
Promise<Unit> &&promise) { Promise<Unit> &&promise) {
if (!have_dialog_force(dialog_id, "toggle_dialog_has_protected_content")) { TRY_STATUS_PROMISE(promise,
return promise.set_error(Status::Error(400, "Chat not found")); check_dialog_access(dialog_id, false, AccessRights::Read, "toggle_dialog_has_protected_content"));
}
if (!have_input_peer(dialog_id, false, AccessRights::Read)) {
return promise.set_error(Status::Error(400, "Can't access the chat"));
}
switch (dialog_id.get_type()) { switch (dialog_id.get_type()) {
case DialogType::User: case DialogType::User:
@ -1792,13 +1783,7 @@ bool DialogManager::can_report_dialog(DialogId dialog_id) const {
void DialogManager::report_dialog(DialogId dialog_id, const vector<MessageId> &message_ids, ReportReason &&reason, void DialogManager::report_dialog(DialogId dialog_id, const vector<MessageId> &message_ids, ReportReason &&reason,
Promise<Unit> &&promise) { Promise<Unit> &&promise) {
if (!have_dialog_force(dialog_id, "report_dialog")) { TRY_STATUS_PROMISE(promise, check_dialog_access(dialog_id, true, AccessRights::Read, "report_dialog"));
return promise.set_error(Status::Error(400, "Chat not found"));
}
if (!have_input_peer(dialog_id, true, AccessRights::Read)) {
return promise.set_error(Status::Error(400, "Can't access the chat"));
}
MessagesManager::ReportDialogFromActionBar report_from_action_bar; MessagesManager::ReportDialogFromActionBar report_from_action_bar;
if (reason.is_spam() && message_ids.empty()) { if (reason.is_spam() && message_ids.empty()) {
@ -1836,13 +1821,7 @@ void DialogManager::report_dialog(DialogId dialog_id, const vector<MessageId> &m
void DialogManager::report_dialog_photo(DialogId dialog_id, FileId file_id, ReportReason &&reason, void DialogManager::report_dialog_photo(DialogId dialog_id, FileId file_id, ReportReason &&reason,
Promise<Unit> &&promise) { Promise<Unit> &&promise) {
if (!have_dialog_force(dialog_id, "report_dialog_photo")) { TRY_STATUS_PROMISE(promise, check_dialog_access(dialog_id, false, AccessRights::Read, "report_dialog_photo"));
return promise.set_error(Status::Error(400, "Chat not found"));
}
if (!have_input_peer(dialog_id, false, AccessRights::Read)) {
return promise.set_error(Status::Error(400, "Can't access the chat"));
}
if (!can_report_dialog(dialog_id)) { if (!can_report_dialog(dialog_id)) {
return promise.set_error(Status::Error(400, "Chat photo can't be reported")); return promise.set_error(Status::Error(400, "Chat photo can't be reported"));
@ -2324,12 +2303,8 @@ void DialogManager::remove_dialog_suggested_action(SuggestedAction action) {
void DialogManager::dismiss_dialog_suggested_action(SuggestedAction action, Promise<Unit> &&promise) { void DialogManager::dismiss_dialog_suggested_action(SuggestedAction action, Promise<Unit> &&promise) {
auto dialog_id = action.dialog_id_; auto dialog_id = action.dialog_id_;
if (!td_->messages_manager_->have_dialog(dialog_id)) { TRY_STATUS_PROMISE(promise,
return promise.set_error(Status::Error(400, "Chat not found")); check_dialog_access(dialog_id, false, AccessRights::Read, "dismiss_dialog_suggested_action"));
}
if (!have_input_peer(dialog_id, false, AccessRights::Read)) {
return promise.set_error(Status::Error(400, "Can't access the chat"));
}
auto it = dialog_suggested_actions_.find(dialog_id); auto it = dialog_suggested_actions_.find(dialog_id);
if (it == dialog_suggested_actions_.end() || !td::contains(it->second, action)) { if (it == dialog_suggested_actions_.end() || !td::contains(it->second, action)) {

View File

@ -203,15 +203,13 @@ void GameManager::set_game_score(MessageFullId message_full_id, bool edit_messag
bool force, Promise<td_api::object_ptr<td_api::message>> &&promise) { bool force, Promise<td_api::object_ptr<td_api::message>> &&promise) {
CHECK(td_->auth_manager_->is_bot()); CHECK(td_->auth_manager_->is_bot());
auto dialog_id = message_full_id.get_dialog_id();
TRY_STATUS_PROMISE(promise,
td_->dialog_manager_->check_dialog_access(dialog_id, false, AccessRights::Edit, "set_game_score"));
if (!td_->messages_manager_->have_message_force(message_full_id, "set_game_score")) { if (!td_->messages_manager_->have_message_force(message_full_id, "set_game_score")) {
return promise.set_error(Status::Error(400, "Message not found")); return promise.set_error(Status::Error(400, "Message not found"));
} }
auto dialog_id = message_full_id.get_dialog_id();
if (!td_->dialog_manager_->have_input_peer(dialog_id, false, AccessRights::Edit)) {
return promise.set_error(Status::Error(400, "Can't access the chat"));
}
TRY_RESULT_PROMISE(promise, input_user, td_->user_manager_->get_input_user(user_id)); TRY_RESULT_PROMISE(promise, input_user, td_->user_manager_->get_input_user(user_id));
if (!td_->messages_manager_->can_set_game_score(message_full_id)) { if (!td_->messages_manager_->can_set_game_score(message_full_id)) {
@ -253,14 +251,14 @@ void GameManager::get_game_high_scores(MessageFullId message_full_id, UserId use
Promise<td_api::object_ptr<td_api::gameHighScores>> &&promise) { Promise<td_api::object_ptr<td_api::gameHighScores>> &&promise) {
CHECK(td_->auth_manager_->is_bot()); CHECK(td_->auth_manager_->is_bot());
auto dialog_id = message_full_id.get_dialog_id();
TRY_STATUS_PROMISE(
promise, td_->dialog_manager_->check_dialog_access(dialog_id, false, AccessRights::Read, "get_game_high_scores"));
if (!td_->messages_manager_->have_message_force(message_full_id, "get_game_high_scores")) { if (!td_->messages_manager_->have_message_force(message_full_id, "get_game_high_scores")) {
return promise.set_error(Status::Error(400, "Message not found")); return promise.set_error(Status::Error(400, "Message not found"));
} }
auto dialog_id = message_full_id.get_dialog_id();
if (!td_->dialog_manager_->have_input_peer(dialog_id, false, AccessRights::Read)) {
return promise.set_error(Status::Error(400, "Can't access the chat"));
}
auto message_id = message_full_id.get_message_id(); auto message_id = message_full_id.get_message_id();
if (message_id.is_scheduled() || !message_id.is_server()) { if (message_id.is_scheduled() || !message_id.is_server()) {
return promise.set_error(Status::Error(400, "Wrong message identifier specified")); return promise.set_error(Status::Error(400, "Wrong message identifier specified"));

View File

@ -1223,15 +1223,7 @@ GroupCallManager::GroupCall *GroupCallManager::get_group_call(InputGroupCallId i
} }
Status GroupCallManager::can_join_group_calls(DialogId dialog_id) const { Status GroupCallManager::can_join_group_calls(DialogId dialog_id) const {
if (!dialog_id.is_valid()) { TRY_STATUS(td_->dialog_manager_->check_dialog_access(dialog_id, false, AccessRights::Read, "can_join_group_calls"));
return Status::Error(400, "Invalid chat identifier specified");
}
if (!td_->dialog_manager_->have_dialog_force(dialog_id, "get_group_call_join_as")) {
return Status::Error(400, "Chat not found");
}
if (!td_->dialog_manager_->have_input_peer(dialog_id, false, AccessRights::Read)) {
return Status::Error(400, "Can't access chat");
}
switch (dialog_id.get_type()) { switch (dialog_id.get_type()) {
case DialogType::Chat: case DialogType::Chat:
case DialogType::Channel: case DialogType::Channel:
@ -1333,16 +1325,8 @@ void GroupCallManager::set_group_call_default_join_as(DialogId dialog_id, Dialog
void GroupCallManager::create_voice_chat(DialogId dialog_id, string title, int32 start_date, bool is_rtmp_stream, void GroupCallManager::create_voice_chat(DialogId dialog_id, string title, int32 start_date, bool is_rtmp_stream,
Promise<GroupCallId> &&promise) { Promise<GroupCallId> &&promise) {
if (!dialog_id.is_valid()) { TRY_STATUS_PROMISE(
return promise.set_error(Status::Error(400, "Invalid chat identifier specified")); promise, td_->dialog_manager_->check_dialog_access(dialog_id, false, AccessRights::Read, "create_voice_chat"));
}
if (!td_->dialog_manager_->have_dialog_force(dialog_id, "create_voice_chat")) {
return promise.set_error(Status::Error(400, "Chat not found"));
}
if (!td_->dialog_manager_->have_input_peer(dialog_id, false, AccessRights::Read)) {
return promise.set_error(Status::Error(400, "Can't access chat"));
}
TRY_STATUS_PROMISE(promise, can_manage_group_calls(dialog_id)); TRY_STATUS_PROMISE(promise, can_manage_group_calls(dialog_id));
title = clean_name(title, MAX_TITLE_LENGTH); title = clean_name(title, MAX_TITLE_LENGTH);
@ -1362,16 +1346,8 @@ void GroupCallManager::create_voice_chat(DialogId dialog_id, string title, int32
void GroupCallManager::get_voice_chat_rtmp_stream_url(DialogId dialog_id, bool revoke, void GroupCallManager::get_voice_chat_rtmp_stream_url(DialogId dialog_id, bool revoke,
Promise<td_api::object_ptr<td_api::rtmpUrl>> &&promise) { Promise<td_api::object_ptr<td_api::rtmpUrl>> &&promise) {
if (!dialog_id.is_valid()) { TRY_STATUS_PROMISE(promise, td_->dialog_manager_->check_dialog_access(dialog_id, false, AccessRights::Read,
return promise.set_error(Status::Error(400, "Invalid chat identifier specified")); "get_voice_chat_rtmp_stream_url"));
}
if (!td_->dialog_manager_->have_dialog_force(dialog_id, "get_voice_chat_rtmp_stream_url")) {
return promise.set_error(Status::Error(400, "Chat not found"));
}
if (!td_->dialog_manager_->have_input_peer(dialog_id, false, AccessRights::Read)) {
return promise.set_error(Status::Error(400, "Can't access chat"));
}
TRY_STATUS_PROMISE(promise, can_manage_group_calls(dialog_id)); TRY_STATUS_PROMISE(promise, can_manage_group_calls(dialog_id));
td_->create_handler<GetGroupCallRtmpStreamUrlGroupCallQuery>(std::move(promise))->send(dialog_id, revoke); td_->create_handler<GetGroupCallRtmpStreamUrlGroupCallQuery>(std::move(promise))->send(dialog_id, revoke);

View File

@ -287,12 +287,7 @@ void MessageImportManager::get_message_file_type(const string &message_file_head
} }
Status MessageImportManager::can_import_messages(DialogId dialog_id) { Status MessageImportManager::can_import_messages(DialogId dialog_id) {
if (!td_->dialog_manager_->have_dialog_force(dialog_id, "can_import_messages")) { TRY_STATUS(td_->dialog_manager_->check_dialog_access(dialog_id, false, AccessRights::Write, "can_import_messages"));
return Status::Error(400, "Chat not found");
}
if (!td_->dialog_manager_->have_input_peer(dialog_id, false, AccessRights::Write)) {
return Status::Error(400, "Have no write access to the chat");
}
switch (dialog_id.get_type()) { switch (dialog_id.get_type()) {
case DialogType::User: case DialogType::User:

View File

@ -937,14 +937,10 @@ void get_message_added_reactions(Td *td, MessageFullId message_full_id, Reaction
void report_message_reactions(Td *td, MessageFullId message_full_id, DialogId chooser_dialog_id, void report_message_reactions(Td *td, MessageFullId message_full_id, DialogId chooser_dialog_id,
Promise<Unit> &&promise) { Promise<Unit> &&promise) {
auto dialog_id = message_full_id.get_dialog_id(); auto dialog_id = message_full_id.get_dialog_id();
if (!td->dialog_manager_->have_dialog_force(dialog_id, "send_callback_query")) { TRY_STATUS_PROMISE(promise, td->dialog_manager_->check_dialog_access(dialog_id, false, AccessRights::Read,
return promise.set_error(Status::Error(400, "Chat not found")); "report_message_reactions"));
}
if (!td->dialog_manager_->have_input_peer(dialog_id, false, AccessRights::Read)) {
return promise.set_error(Status::Error(400, "Can't access the chat"));
}
if (!td->messages_manager_->have_message_force(message_full_id, "report_user_reactions")) { if (!td->messages_manager_->have_message_force(message_full_id, "report_message_reactions")) {
return promise.set_error(Status::Error(400, "Message not found")); return promise.set_error(Status::Error(400, "Message not found"));
} }
auto message_id = message_full_id.get_message_id(); auto message_id = message_full_id.get_message_id();

View File

@ -1408,12 +1408,8 @@ Result<vector<QuickReplyManager::QuickReplyMessageContent>> QuickReplyManager::g
return Status::Error(400, "Shortcut messages aren't loaded yet"); return Status::Error(400, "Shortcut messages aren't loaded yet");
} }
if (!td_->dialog_manager_->have_dialog_force(dialog_id, "get_quick_reply_message_contents")) { TRY_STATUS(td_->dialog_manager_->check_dialog_access(dialog_id, false, AccessRights::Write,
return Status::Error(400, "Chat not found"); "get_quick_reply_message_contents"));
}
if (!td_->dialog_manager_->have_input_peer(dialog_id, false, AccessRights::Write)) {
return Status::Error(400, "Have no write access to the chat");
}
if (dialog_id.get_type() != DialogType::User || td_->user_manager_->is_user_bot(dialog_id.get_user_id())) { if (dialog_id.get_type() != DialogType::User || td_->user_manager_->is_user_bot(dialog_id.get_user_id())) {
return Status::Error(400, "Can't use quick replies in the chat"); return Status::Error(400, "Can't use quick replies in the chat");
} }

View File

@ -2299,12 +2299,8 @@ void StoryManager::on_synchronized_archive_all_stories(bool set_archive_all_stor
void StoryManager::toggle_dialog_stories_hidden(DialogId dialog_id, StoryListId story_list_id, void StoryManager::toggle_dialog_stories_hidden(DialogId dialog_id, StoryListId story_list_id,
Promise<Unit> &&promise) { Promise<Unit> &&promise) {
if (!td_->dialog_manager_->have_dialog_force(dialog_id, "toggle_dialog_stories_hidden")) { TRY_STATUS_PROMISE(promise, td_->dialog_manager_->check_dialog_access(dialog_id, false, AccessRights::Read,
return promise.set_error(Status::Error(400, "Story sender not found")); "toggle_dialog_stories_hidden"));
}
if (!td_->dialog_manager_->have_input_peer(dialog_id, false, AccessRights::Read)) {
return promise.set_error(Status::Error(400, "Can't access the story sender"));
}
if (story_list_id == get_dialog_story_list_id(dialog_id)) { if (story_list_id == get_dialog_story_list_id(dialog_id)) {
return promise.set_value(Unit()); return promise.set_value(Unit());
} }
@ -2321,13 +2317,8 @@ void StoryManager::get_dialog_pinned_stories(DialogId owner_dialog_id, StoryId f
if (limit <= 0) { if (limit <= 0) {
return promise.set_error(Status::Error(400, "Parameter limit must be positive")); return promise.set_error(Status::Error(400, "Parameter limit must be positive"));
} }
TRY_STATUS_PROMISE(promise, td_->dialog_manager_->check_dialog_access(owner_dialog_id, false, AccessRights::Read,
if (!td_->dialog_manager_->have_dialog_force(owner_dialog_id, "get_dialog_pinned_stories")) { "get_dialog_pinned_stories"));
return promise.set_error(Status::Error(400, "Story sender not found"));
}
if (!td_->dialog_manager_->have_input_peer(owner_dialog_id, false, AccessRights::Read)) {
return promise.set_error(Status::Error(400, "Can't access the story sender"));
}
if (from_story_id != StoryId() && !from_story_id.is_server()) { if (from_story_id != StoryId() && !from_story_id.is_server()) {
return promise.set_error(Status::Error(400, "Invalid value of parameter from_story_id specified")); return promise.set_error(Status::Error(400, "Invalid value of parameter from_story_id specified"));
@ -2396,12 +2387,8 @@ void StoryManager::on_get_story_archive(DialogId owner_dialog_id,
void StoryManager::get_dialog_expiring_stories(DialogId owner_dialog_id, void StoryManager::get_dialog_expiring_stories(DialogId owner_dialog_id,
Promise<td_api::object_ptr<td_api::chatActiveStories>> &&promise) { Promise<td_api::object_ptr<td_api::chatActiveStories>> &&promise) {
TRY_STATUS_PROMISE(promise, G()->close_status()); TRY_STATUS_PROMISE(promise, G()->close_status());
if (!td_->dialog_manager_->have_dialog_force(owner_dialog_id, "get_dialog_expiring_stories")) { TRY_STATUS_PROMISE(promise, td_->dialog_manager_->check_dialog_access(owner_dialog_id, false, AccessRights::Read,
return promise.set_error(Status::Error(400, "Story sender not found")); "get_dialog_expiring_stories"));
}
if (!td_->dialog_manager_->have_input_peer(owner_dialog_id, false, AccessRights::Read)) {
return promise.set_error(Status::Error(400, "Can't access the story sender"));
}
LOG(INFO) << "Get active stories in " << owner_dialog_id; LOG(INFO) << "Get active stories in " << owner_dialog_id;
auto active_stories = get_active_stories_force(owner_dialog_id, "get_dialog_expiring_stories"); auto active_stories = get_active_stories_force(owner_dialog_id, "get_dialog_expiring_stories");
@ -2516,12 +2503,8 @@ void StoryManager::on_get_dialog_expiring_stories(DialogId owner_dialog_id,
} }
void StoryManager::open_story(DialogId owner_dialog_id, StoryId story_id, Promise<Unit> &&promise) { void StoryManager::open_story(DialogId owner_dialog_id, StoryId story_id, Promise<Unit> &&promise) {
if (!td_->dialog_manager_->have_dialog_force(owner_dialog_id, "open_story")) { TRY_STATUS_PROMISE(
return promise.set_error(Status::Error(400, "Story sender not found")); promise, td_->dialog_manager_->check_dialog_access(owner_dialog_id, false, AccessRights::Read, "open_story"));
}
if (!td_->dialog_manager_->have_input_peer(owner_dialog_id, false, AccessRights::Read)) {
return promise.set_error(Status::Error(400, "Can't access the story sender"));
}
if (!story_id.is_valid()) { if (!story_id.is_valid()) {
return promise.set_error(Status::Error(400, "Invalid story identifier specified")); return promise.set_error(Status::Error(400, "Invalid story identifier specified"));
} }
@ -2579,12 +2562,8 @@ void StoryManager::open_story(DialogId owner_dialog_id, StoryId story_id, Promis
} }
void StoryManager::close_story(DialogId owner_dialog_id, StoryId story_id, Promise<Unit> &&promise) { void StoryManager::close_story(DialogId owner_dialog_id, StoryId story_id, Promise<Unit> &&promise) {
if (!td_->dialog_manager_->have_dialog_force(owner_dialog_id, "close_story")) { TRY_STATUS_PROMISE(
return promise.set_error(Status::Error(400, "Story sender not found")); promise, td_->dialog_manager_->check_dialog_access(owner_dialog_id, false, AccessRights::Read, "close_story"));
}
if (!td_->dialog_manager_->have_input_peer(owner_dialog_id, false, AccessRights::Read)) {
return promise.set_error(Status::Error(400, "Can't access the story sender"));
}
if (!story_id.is_valid()) { if (!story_id.is_valid()) {
return promise.set_error(Status::Error(400, "Invalid story identifier specified")); return promise.set_error(Status::Error(400, "Invalid story identifier specified"));
} }
@ -2691,12 +2670,8 @@ void StoryManager::on_story_chosen_reaction_changed(StoryFullId story_full_id, S
void StoryManager::set_story_reaction(StoryFullId story_full_id, ReactionType reaction_type, bool add_to_recent, void StoryManager::set_story_reaction(StoryFullId story_full_id, ReactionType reaction_type, bool add_to_recent,
Promise<Unit> &&promise) { Promise<Unit> &&promise) {
auto owner_dialog_id = story_full_id.get_dialog_id(); auto owner_dialog_id = story_full_id.get_dialog_id();
if (!td_->dialog_manager_->have_dialog_force(owner_dialog_id, "set_story_reaction")) { TRY_STATUS_PROMISE(promise, td_->dialog_manager_->check_dialog_access(owner_dialog_id, false, AccessRights::Read,
return promise.set_error(Status::Error(400, "Story sender not found")); "set_story_reaction"));
}
if (!td_->dialog_manager_->have_input_peer(owner_dialog_id, false, AccessRights::Read)) {
return promise.set_error(Status::Error(400, "Can't access the story sender"));
}
if (!story_full_id.get_story_id().is_valid()) { if (!story_full_id.get_story_id().is_valid()) {
return promise.set_error(Status::Error(400, "Invalid story identifier specified")); return promise.set_error(Status::Error(400, "Invalid story identifier specified"));
} }
@ -4604,12 +4579,8 @@ void StoryManager::on_reload_story(StoryFullId story_full_id, Result<Unit> &&res
void StoryManager::get_story(DialogId owner_dialog_id, StoryId story_id, bool only_local, void StoryManager::get_story(DialogId owner_dialog_id, StoryId story_id, bool only_local,
Promise<td_api::object_ptr<td_api::story>> &&promise) { Promise<td_api::object_ptr<td_api::story>> &&promise) {
if (!td_->dialog_manager_->have_dialog_force(owner_dialog_id, "get_story")) { TRY_STATUS_PROMISE(
return promise.set_error(Status::Error(400, "Story sender not found")); promise, td_->dialog_manager_->check_dialog_access(owner_dialog_id, false, AccessRights::Read, "get_story"));
}
if (!td_->dialog_manager_->have_input_peer(owner_dialog_id, false, AccessRights::Read)) {
return promise.set_error(Status::Error(400, "Can't access the story sender"));
}
if (!story_id.is_valid()) { if (!story_id.is_valid()) {
return promise.set_error(Status::Error(400, "Invalid story identifier specified")); return promise.set_error(Status::Error(400, "Invalid story identifier specified"));
} }