tapiron/coller
1
0
Fork 0
forked from jriou/coller
Code Pull requests Activity

feat: Disable levels of encryptions by default

Browse source 
- Add `allow_client_encryption_key` option to allow encryption key provided by
  the client on the web UI (false by default)
- Add `allow_no_encryption` option to allow notes without encryption (disabled
  by default)

Signed-off-by: Julien Riou <julien@riou.xyz>
This commit is contained in:
Julien Riou 2025-09-24 17:44:50 +02:00
commit 61ca30690b
Signed by: jriou
GPG key ID: 9A099EDA51316854
6 changed files with 105 additions and 47 deletions
Download patch file Download diff file Expand all files Collapse all files

18
src/server/handlers_api.go
View file

@ -16,9 +16,11 @@ func HealthHandler(w http.ResponseWriter, r *http.Request) {
}
type CreateNoteHandler struct {
logger *slog.Logger
db *Database
maxUploadSize int64
logger *slog.Logger
db *Database
maxUploadSize int64
allowClientEncryptionKey bool
allowNoEncryption bool
}
type CreateNotePayload struct {
@ -47,6 +49,16 @@ func (h *CreateNoteHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
return
}
if !h.allowNoEncryption && !body.Encrypted {
WriteError(w, "could not create note", fmt.Errorf("encryption is mandatory"))
return
}
if !h.allowClientEncryptionKey && body.EncryptionKey != "" {
WriteError(w, "could not create note", fmt.Errorf("client encryption key is not allowed"))
return
}
content, err := internal.Decode(body.Content)
if err != nil {