dev-bl/config-ip: Add dataset to token hash.

Author: benloh

build/app/unisys/common-session.js

@@ -29,8 +29,12 @@ var m_current_groupid = null;
     containing as many decoded values as possible. Check isValid for
     complete decode succes. groupId is also set if successful
 /*/
-SESUTIL.DecodeToken = function(token) {
+SESUTIL.DecodeToken = function(token, dataset) {
   if (token === undefined) return {};
+  if (dataset === undefined) {
+    console.error('SESUTIL.DecodeToken called without "dataset" parameter.');
+    return {};
+  }
   let tokenBits = token.split("-");
   let classId, projId, hashedId, groupId, subId, isValid;
   // optimistically set valid flag to be negated on failure
@@ -46,7 +50,7 @@ SESUTIL.DecodeToken = function(token) {
   if (tokenBits[2]) hashedId = tokenBits[2].toUpperCase();
   if (tokenBits[3]) subId = tokenBits[3].toUpperCase();
   // initialize hashid structure
-  let salt = `${classId}${projId}`;
+  let salt = `${classId}${projId}${dataset}`;
   let hashids = new HashIds(salt, HASH_MINLEN, HASH_ABET);
   // try to decode the groupId
   groupId = hashids.decode(hashedId)[0];
@@ -88,16 +92,16 @@ SESUTIL.DecodeToken = function(token) {
 /// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 /*/ Return TRUE if the token decodes into an expected range of values
 /*/
-SESUTIL.IsValidToken = function(token) {
-  let decoded = SESUTIL.DecodeToken(token);
+SESUTIL.IsValidToken = function(token, dataset) {
+  let decoded = SESUTIL.DecodeToken(token, dataset);
   return decoded && Number.isInteger(decoded.groupId);
 };
 /// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 /*/ Returns a token string of form CLASS-PROJECT-HASHEDID
     classId and projId should be short and are case-insensitive.
     groupId must be a non-negative integer
 /*/
-SESUTIL.MakeToken = function(classId, projId, groupId) {
+SESUTIL.MakeToken = function(classId, projId, groupId, dataset) {
   // type checking
   if (typeof classId !== "string")
     throw Error(`classId arg1 '${classId}' must be string`);
@@ -114,7 +118,7 @@ SESUTIL.MakeToken = function(classId, projId, groupId) {
   // initialize hashid structure
   classId = classId.toUpperCase();
   projId = projId.toUpperCase();
-  let salt = `${classId}${projId}`;
+  let salt = `${classId}${projId}${dataset}`;
   let hashids = new HashIds(salt, HASH_MINLEN, HASH_ABET);
   let hashedId = hashids.encode(groupId);
   return `${classId}-${projId}-${hashedId}`;
@@ -124,7 +128,12 @@ SESUTIL.MakeToken = function(classId, projId, groupId) {
 /*/ Set the global GROUPID, which is included in all NetMessage
     packets that are sent to server.
 /*/
-SESUTIL.SetGroupID = function(token) {
+// REVIEW/FIXME
+// `SetGroupID` isn't being called by anyone?
+// If it is, the DecodeToken call needs to add a 'dataset' parameter or it will
+// fail.
+SESUTIL.SetGroupID = function (token) {
+  console.error('SetGroupID calling decodeToken NC_CONFIG IS', window.NC_CONFIG);
   let good = SESUTIL.DecodeToken(token).isValid;
   if (good) m_current_groupid = token;
   return good;

build/app/unisys/component/SessionShell.jsx

@@ -174,7 +174,7 @@ class SessionShell extends UNISYS.Component {
     // login after a ForceReload. This is a bit hacky and the app would benefit
     // from not relying on forced reloads. See handleChange().
     let token = this.props.match.params.token;
-    let decoded = SESSION.DecodeToken(token) || {};
+    let decoded = SESSION.DecodeToken(token, window.NC_CONFIG.dataset) || {};
     this.SetAppState("SESSION", decoded);
   }
   /// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
@@ -203,7 +203,7 @@ class SessionShell extends UNISYS.Component {
     let token = this.props.match.params.token;
     if (!token) return this.renderLogin();
     // try to decode token
-    let decoded = SESSION.DecodeToken(token);
+    let decoded = SESSION.DecodeToken(token, window.NC_CONFIG.dataset);
     if (decoded.isValid) {
       return this.renderLoggedIn(decoded);
     } else {
@@ -215,7 +215,7 @@ class SessionShell extends UNISYS.Component {
   /// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
   handleChange(event) {
     let token = event.target.value;
-    let decoded = SESSION.DecodeToken(token);
+    let decoded = SESSION.DecodeToken(token, window.NC_CONFIG.dataset);
     let { classId, projId, hashedId, subId, groupId } = decoded;
     this.setState(decoded);
   }

build/app/view/netcreate/nc-logic.js

@@ -1105,12 +1105,14 @@ JSCLI.AddFunction(
 /// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 /*/ Command: Token Generator
 /*/
-JSCLI.AddFunction(function ncMakeTokens(clsId, projId, numGroups) {
+JSCLI.AddFunction(function ncMakeTokens(clsId, projId, dataset, numGroups) {
   // type checking
   if (typeof clsId !== "string")
-    return "args: str classId, str projId, int numGroups";
+    return "args: str classId, str projId, str dataset, int numGroups";
   if (typeof projId !== "string")
-    return "args: str classId, str projId, int numGroups";
+    return "args: str classId, str projId, str dataset, int numGroups";
+  if (typeof dataset !== "string")
+    return "args: str classId, str projId, str dataset, int numGroups";
   if (clsId.length > 12) return "classId arg1 should be 12 chars or less";
   if (projId.length > 12) return "classId arg1 should be 12 chars or less";
   if (!Number.isInteger(numGroups)) return "numGroups arg3 must be integer";
@@ -1121,7 +1123,7 @@ JSCLI.AddFunction(function ncMakeTokens(clsId, projId, numGroups) {
   for (let i = 1; i <= numGroups; i++) {
     let id = String(i);
     id = id.padStart(pad, "0");
-    out += `group ${id}\t${SESSION.MakeToken(clsId, projId, i)}\n`;
+    out += `group ${id}\t${SESSION.MakeToken(clsId, projId, i, dataset)}\n`;
   }
   if (window && window.location) {
     let ubits = new URL(window.location);