func (c *Controller) RevokeChannelAccess(rca *models.RevokeChannelAccess) error {
channel := models.Channel{
Token: rca.ChannelToken,
}
pmc := models.NewPrivateMessageChannel(channel)
for _, token := range rca.Tokens {
a := &models.Authenticate{
Account: &socialapimodels.Account{Token: token},
}
if err := c.Pubnub.RevokeAccess(a, pmc); err != nil {
return err
}
}
return nil
}
func (mwc *Controller) GrantChannelAccess() {
mwc.log.Notice("Granting public access for channels")
c := models.NewChannel()
query := bongo.B.DB.
Model(c).
Table(c.BongoName()).
Select("api.channel.token").
Where(
`api.channel.type_constant IN (?)`,
[]string{
models.Channel_TYPE_GROUP,
models.Channel_TYPE_TOPIC,
models.Channel_TYPE_ANNOUNCEMENT,
},
)
rows, err := query.Rows()
defer rows.Close()
if err != nil {
panic(err)
}
if rows == nil {
return
}
var token string
for rows.Next() {
rows.Scan(&token)
channel := realtimemodels.Channel{
Token: token,
}
err := mwc.pubnub.GrantPublicAccess(realtimemodels.NewPrivateMessageChannel(channel))
if err != nil {
mwc.log.Error("Could not grant public access to token %s: %s", token, err)
}
}
}
// SubscribeChannel checks users channel accessability and regarding to that
// grants channel access for them
func (h *Handler) SubscribeChannel(u *url.URL, header http.Header, req *models.Channel, context *socialapimodels.Context) (int, http.Header, interface{}, error) {
if !context.IsLoggedIn() {
return response.NewBadRequest(socialapimodels.ErrNotLoggedIn)
}
req.Group = context.GroupName // override group name
res, err := h.checkParticipation(u, header, req)
if err != nil {
return response.NewAccessDenied(err)
}
// user has access permission, now authenticate user to channel via pubnub
a := new(models.Authenticate)
a.Channel = models.NewPrivateMessageChannel(*res.Channel)
a.Account = res.Account
a.Account.Token = res.AccountToken
err = h.pubnub.Authenticate(a)
if err != nil {
return response.NewBadRequest(err)
}
return responseWithCookie(req, a.Account.Token)
}