From 5178dff1086ef255a82de8616603f868a45b3a6c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20N=C3=A9grier?= Date: Fri, 5 Mar 2021 16:50:54 +0100 Subject: [PATCH] Adding strong checks on messages exchanged using generic-type-guard --- deeployer.libsonnet | 2 -- front/src/Api/Events/ChatEvent.ts | 8 ++++++++ front/src/Api/Events/IframeEvent.ts | 7 +++++++ front/src/Api/IframeListener.ts | 17 +++++++++-------- front/src/iframe_api.ts | 19 +++++++++++++++---- 5 files changed, 39 insertions(+), 14 deletions(-) create mode 100644 front/src/Api/Events/ChatEvent.ts create mode 100644 front/src/Api/Events/IframeEvent.ts diff --git a/deeployer.libsonnet b/deeployer.libsonnet index 5093c86a..4b606218 100644 --- a/deeployer.libsonnet +++ b/deeployer.libsonnet @@ -79,8 +79,6 @@ "JITSI_URL": env.JITSI_URL, "SECRET_JITSI_KEY": env.SECRET_JITSI_KEY, "TURN_SERVER": "turn:coturn.workadventu.re:443,turns:coturn.workadventu.re:443", - "TURN_USER": "workadventure", - "TURN_PASSWORD": "WorkAdventure123", "JITSI_PRIVATE_MODE": if env.SECRET_JITSI_KEY != '' then "true" else "false", "START_ROOM_URL": "/_/global/maps."+url+"/Floor0/floor0.json" //"GA_TRACKING_ID": "UA-10196481-11" diff --git a/front/src/Api/Events/ChatEvent.ts b/front/src/Api/Events/ChatEvent.ts new file mode 100644 index 00000000..6242b871 --- /dev/null +++ b/front/src/Api/Events/ChatEvent.ts @@ -0,0 +1,8 @@ +import * as tg from "generic-type-guard"; + +export const isChatEvent = + new tg.IsInterface().withProperties({ + message: tg.isString, + author: tg.isString, + }).get(); +export type ChatEvent = tg.GuardedType; diff --git a/front/src/Api/Events/IframeEvent.ts b/front/src/Api/Events/IframeEvent.ts new file mode 100644 index 00000000..fb63e7cf --- /dev/null +++ b/front/src/Api/Events/IframeEvent.ts @@ -0,0 +1,7 @@ +interface IframeEvent { + type: string; + data: unknown; +} + +// eslint-disable-next-line @typescript-eslint/no-explicit-any +export const isIframeEventWrapper = (event: any): event is IframeEvent => typeof event.type === 'string' && typeof event.data === 'object'; diff --git a/front/src/Api/IframeListener.ts b/front/src/Api/IframeListener.ts index 2cc1134f..0e67433c 100644 --- a/front/src/Api/IframeListener.ts +++ b/front/src/Api/IframeListener.ts @@ -1,9 +1,8 @@ import {Subject} from "rxjs"; +import {ChatEvent, isChatEvent} from "./Events/ChatEvent"; +import {isIframeEventWrapper} from "./Events/IframeEvent"; + -interface ChatEvent { - message: string, - author: string -} /** * Listens to messages from iframes and turn those messages into easy to use observables. @@ -21,12 +20,14 @@ class IframeListener { // event.source is window.opener // event.data is the data sent by the iframe - // FIXME: this is WAAAAAAAY too sloppy as "any" let's us put anything in the message. - - if (event.data.type === 'chat') { - this._chatStream.next(event.data.data); + const payload = event.data; + if (isIframeEventWrapper(payload)) { + if (payload.type === 'chat' && isChatEvent(payload.data)) { + this._chatStream.next(payload.data); + } } + }, false); } } diff --git a/front/src/iframe_api.ts b/front/src/iframe_api.ts index 8810a92a..9f981d3a 100644 --- a/front/src/iframe_api.ts +++ b/front/src/iframe_api.ts @@ -1,13 +1,18 @@ +import {ChatEvent} from "./Api/Events/ChatEvent"; + interface WorkAdventureApi { sendChatMessage(message: string, author: string): void; + onChatMessage(callback: (message: string) => void): void; } -// eslint-disable-next-line no-var -declare var WA: WorkAdventureApi; +declare global { + // eslint-disable-next-line no-var + var WA: WorkAdventureApi +} window.WA = { /** - * Sends a message in the chat. + * Send a message in the chat. * Only the local user will receive this message. */ sendChatMessage(message: string, author: string) { @@ -16,7 +21,13 @@ window.WA = { 'data': { 'message': message, 'author': author - } + } as ChatEvent }, '*'); + }, + /** + * Listen to messages sent by the local user, in the chat. + */ + onChatMessage(callback: (message: string) => void): void { + } }