if password changed, other users cannot continue to send message

srcs/requirements/nestjs/api_back/src/chat/chat.controller.ts

@@ -53,17 +53,19 @@ export class ChatController {
 		let fields = ["name", "type", "users", "protection", "allowed_users"];
 		const rooms = await this.chatService.getMyRooms(req.user.username, fields);
 
-		rooms.forEach(room => {
+		const ret_rooms = rooms.map(room =>
+		{
+			let new_room = this.format_room(room);
 			if (room.protection)
 			{
 				if (room.allowed_users.includes(req.user.username))
-					room.allowed = true;
+					new_room.allowed = true;
 				else
-					room.allowed = false;
+					new_room.allowed = false;
 			}
+			return new_room;
 		});
 
-		const ret_rooms = rooms.map(room => this.format_room(room));
 		res.status(HttpStatus.OK).json({ rooms: ret_rooms });
 		printCaller("- out ");
 	}
@@ -266,6 +268,7 @@ export class ChatController {
 		// inform other connected users
 		let socket: socketDto = this.chatGateway.sockets.get(req.user.username);
 		await socket.to(socket.room).emit('message', "SERVER", message);
+		await socket.to(socket.room).emit('new_password');
 
 		const ret_room = this.format_room(room);
 		res.status(HttpStatus.OK).json({ room: ret_room });

srcs/requirements/nestjs/api_back/src/chat/chat.service.ts

@@ -216,14 +216,20 @@ export class ChatService {
 			throw new HttpException({ error: true, code: 'DIRECT_PASSWORD_FORBIDDEN', message: `you cannot set a password in a direct message room` }, HttpStatus.FORBIDDEN);
 		}
 
-		const current_room = await this.getRoomByName(room.name);
+		const room_db = await this.getRoomByName(room.name);
+
+		if (!room_db.admins.includes(username))
+		{
+			console.log("throw error: error: true, code: 'NO_ADMIN', message: 'only admins are allowed to set or modify password'");
+			throw new HttpException({ error: true, code: 'NO_ADMIN', message: `only admins are allowed to set or modify password` }, HttpStatus.FORBIDDEN);
+		}
 
 		if (!room.password)
 		{
 			console.log("throw error: error: true, code: 'NO_PASSWORD', message: 'this room has no password protection'");
 			throw new HttpException({ error: true, code: 'NO_PASSWORD', message: `this room has no password protection` }, HttpStatus.FORBIDDEN);
 		}
-		if (current_room.protection)
+		if (room_db.protection)
 		{
 			if (room.protection && !old_password)
 			{
@@ -232,7 +238,13 @@ export class ChatService {
 			}
 			if (old_password)
 			{
-				const is_match = await bcrypt.compare(old_password, current_room.hash);
+				const is_old_match = await bcrypt.compare(room.password, room_db.hash);
+				if (is_old_match)
+				{
+					printCaller(`throw error: error: true, code: 'SAME_PASSWORD', message: 'you provided the same password'`);
+					throw new HttpException({ error: true, code: 'SAME_PASSWORD', message: `you provided the same password` }, HttpStatus.BAD_REQUEST);
+				}
+				const is_match = await bcrypt.compare(old_password, room_db.hash);
 				if (!is_match)
 				{
 					printCaller(`throw error: error: true, code: 'BAD_PASSWORD', message: 'you provided a bad password'`);
@@ -248,14 +260,14 @@ export class ChatService {
 			hash = await bcrypt.hash(password, saltOrRounds);
 
 		// add password to chatroom
-		current_room.allowed_users = room.allowed_users;
+		room_db.allowed_users = room.allowed_users;
-		current_room.protection = room.protection;
+		room_db.protection = room.protection;
 		if (room.protection)
-			current_room.hash = hash;
+			room_db.hash = hash;
 		else
-			delete current_room.hash;
+			delete room_db.hash;
-		current_room.messages.push({ name: "SERVER", message: message });
+		room_db.messages.push({ name: "SERVER", message: message });
-		await this.chatroomRepository.save(current_room);
+		await this.chatroomRepository.save(room_db);
 
 		printCaller("-- out ");
 	}
@@ -280,6 +292,7 @@ export class ChatService {
 		newChatroom.name = room.name;
 		newChatroom.type = room.type;
 		newChatroom.owner = username;
+		newChatroom.admins = [username];
 		newChatroom.users = room.users;
 		newChatroom.allowed_users = [];
 		newChatroom.protection = false;
@@ -416,8 +429,19 @@ export class ChatService {
 	{
 		printCaller("-- in ");
 
-		socket.to(socket.room).emit('message', socket.username, message);
 		let room_name = await this.getCurrentRoomName(socket.username);
+		const current_room = await this.getRoomByName(room_name);
+
+		if (current_room.protection)
+		{
+			if (!current_room.allowed_users.includes(socket.username))
+			{
+				socket.emit('message', "SERVER", "your message was not sent because you need to validate the password");
+				return;
+			}
+		}
+
+		socket.to(socket.room).emit('message', socket.username, message);
 		await this.addMessageToRoom(room_name, socket.username, message);
 
 		printCaller("-- out ");

srcs/requirements/nestjs/api_back/src/chat/dto/room.dto.ts

@@ -31,6 +31,11 @@ export class roomDto
 	@IsOptional()
 	owner?: string;
 
+	@IsArray()
+	@IsString({ each: true })
+	@IsOptional()
+	admins?: string[];
+
 	@IsString()
 	@IsOptional()
 	client_name?: string;

srcs/requirements/nestjs/api_back/src/chat/dto/socket.dto.ts

@@ -8,6 +8,10 @@ export class socketDto extends Socket
 
 	@IsString()
 	room: string;
+
+	@IsBoolean()
+	@IsOptional()
+	new_password?: boolean;
 }
 
 

srcs/requirements/nestjs/api_back/src/chat/entities/chatroom.entity.ts

@@ -25,11 +25,6 @@ export class Chatroom
 	@IsBoolean()
 	protection: boolean = false;
 
-	@Column({ nullable: true })
-	@IsBoolean()
-	@IsOptional()
-	allowed?: boolean;
-
 	@Column({ nullable: true })
 	@IsString()
 	@IsOptional()
@@ -38,6 +33,11 @@ export class Chatroom
   @Column()
   owner: string; // username
 
+  @Column("simple-array")
+	@IsArray()
+	@IsString({ each: true })
+  admins: string[]; // username
+
   @Column("simple-array")
 	@IsArray()
 	@IsString({ each: true })

srcs/requirements/svelte/api_front/src/pieces/chat/Layout_create.svelte

@@ -3,7 +3,7 @@
 	import { msgs, layout, allowed_chars } from './Store_chat';
 	import { change_room, create_room } from './Request_rooms';
 	import { onMount } from 'svelte';
-	import { FetchResponse } from './Types_chat';
+	import type { FetchResponse } from './Types_chat';
 	import Button from './Element_button.svelte';
 	import Warning from './Element_warning.svelte';
 

srcs/requirements/svelte/api_front/src/pieces/chat/Layout_password.svelte

@@ -2,7 +2,7 @@
 
 	import { layout, current_room } from './Store_chat';
 	import { change_room, validate_password, change_password, add_password, remove_password } from './Request_rooms';
-	import { FetchResponse } from './Types_chat';
+	import type { FetchResponse } from './Types_chat';
 	import Button from './Element_button.svelte';
 	import Warning from './Element_warning.svelte';
 

srcs/requirements/svelte/api_front/src/pieces/chat/Layout_room.svelte

@@ -15,7 +15,6 @@
 		if (msg.length > 0) {
 			socket.emit('message', msg);
 			add_msg("me", msg);
-			console.log(msgs);
 		}
 
 		msg = "";

srcs/requirements/svelte/api_front/src/pieces/chat/Request_rooms.ts

@@ -1,5 +1,6 @@
 import { msgs, user, layout, socket, current_room } from './Store_chat';
-import { Room, FetchResponse, FetchMethod } from './Types_chat';
+import type { Room, FetchResponse } from './Types_chat';
+import { FetchMethod } from './Utils_chat';
 import { fetch_chat_request, set_client_name_on_room, fill_fetch_response } from './Request_utils';
 
 export async function get_room_messages()
@@ -9,7 +10,6 @@ export async function get_room_messages()
 	let response: FetchResponse = await fetch_chat_request('messages', FetchMethod.GET);
 
 	const messages = response.messages;
-
 	if (messages === null)
 		return;
 

srcs/requirements/svelte/api_front/src/pieces/chat/Request_utils.ts

@@ -1,5 +1,6 @@
 import { user } from './Store_chat';
-import { Room, FetchResponse, FetchInit, FetchMethod } from './Types_chat';
+import type { Room, FetchResponse, FetchInit } from './Types_chat';
+import type { FetchMethod } from './Utils_chat';
 
 export async function fetch_chat_request(route: string, fetchMethod: FetchMethod, param?: any)
 {

srcs/requirements/svelte/api_front/src/pieces/chat/Socket_chat.ts

@@ -1,6 +1,6 @@
 import io from 'socket.io-client';
 import { set_socket, set_user } from './Store_chat';
-import { user, msgs } from './Store_chat';
+import { user, msgs, layout } from './Store_chat';
 
 const address = `http://${process.env.WEBSITE_HOST}:${process.env.WEBSITE_PORT}`;
 
@@ -34,6 +34,12 @@ function socket_events(socket)
 			from = "me";
 		msgs.update(msgs => [...msgs, { name: from, message: message }]);
 	});
+
+	socket.on('new_password', function()
+	{
+		console.log("notification new password:");
+		layout.set("password");
+	});
 }
 
 function socket_states(socket)

srcs/requirements/svelte/api_front/src/pieces/chat/Store_chat.ts

@@ -1,9 +1,9 @@
 import { writable } from 'svelte/store';
-import { Room } from './Types_chat';
+import type { Room, Message } from './Types_chat';
 
 export let msgs = writable([]);
 export let layout = writable("close");
-export let current_room: Room = writable({
+export let current_room = writable({
 	name: "",
 	type: "",
 	protection: false,

srcs/requirements/svelte/api_front/src/pieces/chat/Types_chat.ts

@@ -8,13 +8,22 @@ export interface Room
 	allowed?: boolean;
 }
 
+export interface Message
+{
+	name: string;
+	type: string;
+}
+
 export interface FetchResponse
 {
 	status: number;
 	error?: boolean;
 	code?: string;
 	message?: string;
+	messages?: Message[];
+	users?: string[];
 	room?: Room;
+	rooms?: Room[];
 }
 
 export interface FetchInit
@@ -24,10 +33,3 @@ export interface FetchInit
 	body?: string;
 }
 
-export enum FetchMethod
-{
-	POST = 'POST',
-	GET = 'GET',
-	DELETE = 'DELETE',
-}
-

srcs/requirements/svelte/api_front/src/pieces/chat/Utils_chat.ts

@@ -0,0 +1,7 @@
+export enum FetchMethod
+{
+	POST = 'POST',
+	GET = 'GET',
+	DELETE = 'DELETE',
+}
+