diff --git a/common/commonspace/diffservice/diffsyncer.go b/common/commonspace/diffservice/diffsyncer.go index d5cb1c3a..49947c0a 100644 --- a/common/commonspace/diffservice/diffsyncer.go +++ b/common/commonspace/diffservice/diffsyncer.go @@ -129,9 +129,7 @@ func (d *diffSyncer) pingTreesInCache(ctx context.Context, trees []string) { // it may be already there (i.e. loaded) // and build func will not be called, thus we won't sync the tree // therefore we just do it manually - syncTree.Lock() syncTree.Ping() - syncTree.Unlock() } } diff --git a/common/commonspace/synctree/synctree.go b/common/commonspace/synctree/synctree.go index 76da81b0..4524cd6a 100644 --- a/common/commonspace/synctree/synctree.go +++ b/common/commonspace/synctree/synctree.go @@ -313,7 +313,9 @@ func (s *syncTree) checkAlive() (err error) { } func (s *syncTree) Ping() (err error) { + s.Lock() headUpdate := s.syncClient.CreateHeadUpdate(s, nil) + s.Unlock() return s.syncClient.BroadcastAsyncOrSendResponsible(headUpdate) } diff --git a/common/commonspace/synctree/synctreehandler.go b/common/commonspace/synctree/synctreehandler.go index becf5779..8d97d5d2 100644 --- a/common/commonspace/synctree/synctreehandler.go +++ b/common/commonspace/synctree/synctreehandler.go @@ -42,7 +42,7 @@ func (s *syncTreeHandler) HandleMessage(ctx context.Context, senderId string, ms if err != nil { return } - + s.handlerLock.Lock() queue := s.handlerMap[senderId] queueFull := len(queue) >= maxQueueSize diff --git a/common/pkg/acl/list/aclstate.go b/common/pkg/acl/list/aclstate.go index 94754aba..90a33c5c 100644 --- a/common/pkg/acl/list/aclstate.go +++ b/common/pkg/acl/list/aclstate.go @@ -246,7 +246,7 @@ func (st *ACLState) applyChangeData(changeData *aclrecordproto.ACLData, hash uin return } - if !st.hasPermission(identity, aclrecordproto.ACLUserPermissions_Admin) { + if !st.HasPermission(identity, aclrecordproto.ACLUserPermissions_Admin) { err = fmt.Errorf("user %s must have admin permissions", identity) return } @@ -413,7 +413,7 @@ func (st *ACLState) decryptReadKeyAndHash(msg []byte) (*symmetric.Key, uint64, e return key, hasher.Sum64(), nil } -func (st *ACLState) hasPermission(identity []byte, permission aclrecordproto.ACLUserPermissions) bool { +func (st *ACLState) HasPermission(identity []byte, permission aclrecordproto.ACLUserPermissions) bool { state, exists := st.userStates[string(identity)] if !exists { return false diff --git a/common/pkg/acl/tree/objecttree.go b/common/pkg/acl/tree/objecttree.go index 8c4e0907..772a7f1e 100644 --- a/common/pkg/acl/tree/objecttree.go +++ b/common/pkg/acl/tree/objecttree.go @@ -4,6 +4,7 @@ package tree import ( "context" "errors" + "github.com/anytypeio/go-anytype-infrastructure-experiments/common/pkg/acl/aclrecordproto" "github.com/anytypeio/go-anytype-infrastructure-experiments/common/pkg/acl/common" list "github.com/anytypeio/go-anytype-infrastructure-experiments/common/pkg/acl/list" "github.com/anytypeio/go-anytype-infrastructure-experiments/common/pkg/acl/storage" @@ -197,6 +198,13 @@ func (ot *objectTree) prepareBuilderContent(content SignableChangeContent) (cnt readKey *symmetric.Key readKeyHash uint64 ) + canWrite := state.HasPermission(content.Identity, aclrecordproto.ACLUserPermissions_Writer) || + state.HasPermission(content.Identity, aclrecordproto.ACLUserPermissions_Admin) + if !canWrite { + err = list.ErrInsufficientPermissions + return + } + if content.IsEncrypted { readKeyHash = state.CurrentReadKeyHash() readKey, err = state.CurrentReadKey() diff --git a/util/cmd/debug/commands/scripts.go b/util/cmd/debug/commands/scripts.go index 6431912c..02fb6c55 100644 --- a/util/cmd/debug/commands/scripts.go +++ b/util/cmd/debug/commands/scripts.go @@ -58,7 +58,7 @@ func (s *service) registerScripts() { } for _, p := range addresses { wg.Add(1) - createMany(p) + go createMany(p) } wg.Wait() if mError.Err() != nil {