Skip to content

Commit

Permalink
Merge branch 'sprint-1.10' into fix/challenge
Browse files Browse the repository at this point in the history
  • Loading branch information
Jayashsatolia403 authored Aug 28, 2023
2 parents 7f8edd6 + b7df47b commit b972453
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 17 deletions.
5 changes: 0 additions & 5 deletions code/go/0chain.net/blobbercore/handler/file_command_upload.go
Original file line number Diff line number Diff line change
Expand Up @@ -78,11 +78,6 @@ func (cmd *UploadFileCommand) IsValidated(ctx context.Context, req *http.Request
return common.NewError("duplicate_file", msg)
}

if allocationObj.OwnerID != clientID &&
allocationObj.RepairerID != clientID {
return common.NewError("invalid_operation", "Operation needs to be performed by the owner or the payer of the allocation")
}

_, thumbHeader, _ := req.FormFile(UploadThumbnailFile)
if thumbHeader != nil {
if thumbHeader.Size > MaxThumbnailSize {
Expand Down
20 changes: 8 additions & 12 deletions code/go/0chain.net/blobbercore/handler/object_operation_handler.go
Original file line number Diff line number Diff line change
Expand Up @@ -427,22 +427,22 @@ func (fsh *StorageHandler) CreateConnection(ctx context.Context, r *http.Request
return nil, common.NewError("invalid_parameters", "Invalid allocation id passed."+err.Error())
}

if !allocationObj.CanRename() {
return nil, common.NewError("prohibited_allocation_file_options", "Cannot rename data in this allocation.")
}

clientID := ctx.Value(constants.ContextKeyClient).(string)
_ = ctx.Value(constants.ContextKeyClientKey).(string)

if clientID == "" {
return nil, common.NewError("invalid_operation", "Invalid client")
}

if allocationObj.OwnerID != clientID && allocationObj.RepairerID != clientID {
return nil, common.NewError("invalid_operation", "Operation needs to be performed by the owner or the payer of the allocation")
}

valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), allocationObj.OwnerPublicKey)
if !valid || err != nil {
return nil, common.NewError("invalid_signature", "Invalid signature")
}

if clientID == "" {
return nil, common.NewError("invalid_operation", "Invalid client")
}

connectionID := r.FormValue("connection_id")
if connectionID == "" {
return nil, common.NewError("invalid_parameters", "Invalid connection id passed")
Expand Down Expand Up @@ -1199,10 +1199,6 @@ func (fsh *StorageHandler) WriteFile(ctx context.Context, r *http.Request) (*blo
return nil, common.NewError("invalid_signature", "Invalid signature")
}

if clientID == "" {
return nil, common.NewError("invalid_operation", "Operation needs to be performed by the owner or the payer of the allocation")
}

connectionID, ok := common.GetField(r, "connection_id")
if !ok {
return nil, common.NewError("invalid_parameters", "Invalid connection id passed")
Expand Down

0 comments on commit b972453

Please sign in to comment.