From 2326b2da65624e921ee79b56324c59de4a885fde Mon Sep 17 00:00:00 2001 From: dec05eba Date: Wed, 16 May 2018 08:21:51 +0200 Subject: Remove duplicate permission checking for ADD_DATA operation --- src/Database.cpp | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/src/Database.cpp b/src/Database.cpp index 8529811..fff74f4 100644 --- a/src/Database.cpp +++ b/src/Database.cpp @@ -434,19 +434,6 @@ namespace odhtdb void Database::addData(const DatabaseNode &nodeInfo, const Signature::KeyPair &userToPerformActionWith, DataView dataToAdd) { - if(!databaseStorage.isUserAllowedToAddDataInNode(*nodeInfo.getRequestHash(), userToPerformActionWith.getPublicKey())) - { - // TODO: User might have permission to perform operation, but we haven't got the packet that adds user to the group with the permission, - // or we haven't received the packet that modifies group with the permission to perform the operation. - // This also means that an user can be in a group that has permission to perform the operation and then later be removed from it, - // and remote peers would accept our request to perform operation if they haven't received the operation that removes the user from the group. - // How to handle this? - string errMsg = "User "; - errMsg += userToPerformActionWith.getPublicKey().toString(); - errMsg += " is not allowed to perform the operation: ADD_USER"; - throw PermissionDeniedException(errMsg); - } - sibs::SafeSerializer serializer; serializer.add(DATABASE_ADD_PACKET_STRUCTURE_VERSION); u64 timestampCombined = getSyncedTimestampUtc().getCombined(); -- cgit v1.2.3