[Android] Remote access: send a 403 error for long polling when playback control is disabled
Nicolas Pomepuy
git at videolan.org
Tue Aug 13 16:56:02 UTC 2024
vlc-android | branch: master | Nicolas Pomepuy <nicolas at videolabs.io> | Mon Aug 5 09:19:47 2024 +0200| [a0730ac6bb34a50e4bb9a44d98d82e1fa89b6246] | committer: Duncan McNamara
Remote access: send a 403 error for long polling when playback control is disabled
> https://code.videolan.org/videolan/vlc-android/commit/a0730ac6bb34a50e4bb9a44d98d82e1fa89b6246
---
.../videolan/vlc/webserver/RemoteAccessRouting.kt | 8 +++-
.../webserver/websockets/RemoteAccessWebSockets.kt | 53 ++++++++++++++--------
2 files changed, 39 insertions(+), 22 deletions(-)
diff --git a/application/webserver/src/main/java/org/videolan/vlc/webserver/RemoteAccessRouting.kt b/application/webserver/src/main/java/org/videolan/vlc/webserver/RemoteAccessRouting.kt
index de85cbc2c5..d345637507 100644
--- a/application/webserver/src/main/java/org/videolan/vlc/webserver/RemoteAccessRouting.kt
+++ b/application/webserver/src/main/java/org/videolan/vlc/webserver/RemoteAccessRouting.kt
@@ -442,7 +442,8 @@ fun Route.setupRouting(appContext: Context, scope: CoroutineScope) {
get("/longpolling") {
//Empty the queue if needed
if (RemoteAccessWebSockets.messageQueue.isNotEmpty()) {
- call.respondText(Gson().toJson(RemoteAccessWebSockets.messageQueue))
+ val queue = RemoteAccessWebSockets.messageQueue.toArray()
+ call.respondText(Gson().toJson(queue))
RemoteAccessWebSockets.messageQueue.clear()
return at get
}
@@ -465,7 +466,10 @@ fun Route.setupRouting(appContext: Context, scope: CoroutineScope) {
call.request.queryParameters["message"]?.let { message ->
val id = call.request.queryParameters["id"]?.toInt()
val authTicket = call.request.queryParameters["authTicket"]
- RemoteAccessWebSockets.manageIncomingMessages(WSIncomingMessage(message, id, authTicket), settings, RemoteAccessServer.getInstance(appContext).service, appContext)
+ if (!RemoteAccessWebSockets.manageIncomingMessages(WSIncomingMessage(message, id, authTicket), settings, RemoteAccessServer.getInstance(appContext).service, appContext)) {
+ call.respond(HttpStatusCode.Forbidden)
+ return at get
+ }
}
call.respond(HttpStatusCode.OK)
}
diff --git a/application/webserver/src/main/java/org/videolan/vlc/webserver/websockets/RemoteAccessWebSockets.kt b/application/webserver/src/main/java/org/videolan/vlc/webserver/websockets/RemoteAccessWebSockets.kt
index bc0dbf7336..5a57c9232d 100644
--- a/application/webserver/src/main/java/org/videolan/vlc/webserver/websockets/RemoteAccessWebSockets.kt
+++ b/application/webserver/src/main/java/org/videolan/vlc/webserver/websockets/RemoteAccessWebSockets.kt
@@ -80,25 +80,34 @@ object RemoteAccessWebSockets {
}
}
+ /**
+ * Manage incoming messages from the client, either from websockets or long polling
+ *
+ * @param incomingMessage the incoming message
+ * @param settings the shared preferences
+ * @param service the playback service
+ * @param context the context
+ * @return true if the message has been handled, false if playback control is not allowed
+ */
fun manageIncomingMessages(
incomingMessage: WSIncomingMessage,
settings: SharedPreferences,
service: PlaybackService?,
context: Context,
- ) {
+ ):Boolean {
when (incomingMessage.message) {
"hello" -> {}
- "play" -> if (playbackControlAllowedOrSend(settings)) service?.play()
- "pause" -> if (playbackControlAllowedOrSend(settings)) service?.pause()
- "previous" -> if (playbackControlAllowedOrSend(settings)) service?.previous(false)
- "next" -> if (playbackControlAllowedOrSend(settings)) service?.next()
+ "play" -> if (playbackControlAllowedOrSend(settings)) service?.play() else return false
+ "pause" -> if (playbackControlAllowedOrSend(settings)) service?.pause() else return false
+ "previous" -> if (playbackControlAllowedOrSend(settings)) service?.previous(false) else return false
+ "next" -> if (playbackControlAllowedOrSend(settings)) service?.next() else return false
"previous10" -> if (playbackControlAllowedOrSend(settings)) service?.let {
it.seek(
(it.getTime() - 10000).coerceAtLeast(
0
), fromUser = true
)
- }
+ } else return false
"next10" -> if (playbackControlAllowedOrSend(settings)) service?.let {
it.seek(
@@ -106,9 +115,9 @@ object RemoteAccessWebSockets {
it.length
), fromUser = true
)
- }
+ } else return false
- "shuffle" -> if (playbackControlAllowedOrSend(settings)) service?.shuffle()
+ "shuffle" -> if (playbackControlAllowedOrSend(settings)) service?.shuffle() else return false
"repeat" -> if (playbackControlAllowedOrSend(settings)) service?.let {
when (it.repeatType) {
PlaybackStateCompat.REPEAT_MODE_NONE -> {
@@ -125,7 +134,7 @@ object RemoteAccessWebSockets {
it.repeatType = PlaybackStateCompat.REPEAT_MODE_NONE
}
}
- }
+ } else return false
"get-volume" -> {
AppScope.launch {
@@ -151,23 +160,23 @@ object RemoteAccessWebSockets {
AudioManager.FLAG_SHOW_UI
)
- }
+ } else return false
}
"set-progress" -> {
if (playbackControlAllowedOrSend(settings)) incomingMessage.id?.let {
service?.setTime(it.toLong())
- }
+ } else return false
}
"play-media" -> {
- if (playbackControlAllowedOrSend(settings)) service?.playIndex(incomingMessage.id!!)
+ if (playbackControlAllowedOrSend(settings)) service?.playIndex(incomingMessage.id!!) else return false
}
"delete-media" -> {
- if (playbackControlAllowedOrSend(settings)) service?.remove(incomingMessage.id!!)
+ if (playbackControlAllowedOrSend(settings)) service?.remove(incomingMessage.id!!) else return false
}
@@ -178,7 +187,7 @@ object RemoteAccessWebSockets {
?: 0) - 1
)
service?.moveItem(index, index + 2)
- }
+ } else return false
}
@@ -187,16 +196,20 @@ object RemoteAccessWebSockets {
val index = incomingMessage.id!!
if (index > 0)
service?.moveItem(index, index - 1)
- }
+ } else return false
}
- else -> Log.w(
- TAG,
- "Unrecognized message",
- IllegalStateException("Unrecognized message: $incomingMessage")
- )
+ else -> {
+ Log.w(
+ TAG,
+ "Unrecognized message",
+ IllegalStateException("Unrecognized message: $incomingMessage")
+ )
+ return false
+ }
}
+ return true
}
/**
More information about the Android
mailing list