From 477c21864590fc5c1670f05858b5449a47738e8e Mon Sep 17 00:00:00 2001
From: Famouse <famouse_ru@mail.ru>
Date: Sat, 17 Dec 2022 11:19:54 +0300
Subject: [PATCH] chore: adding whitelist system

---
 src/core/utils/access-validator.ts | 60 +++++++++++++++++++++++-------
 1 file changed, 46 insertions(+), 14 deletions(-)

diff --git a/src/core/utils/access-validator.ts b/src/core/utils/access-validator.ts
index 4c085af..74f711e 100644
--- a/src/core/utils/access-validator.ts
+++ b/src/core/utils/access-validator.ts
@@ -2,26 +2,32 @@ import CryptoJS from "crypto-js";
 
 export class AccessValidator {
     public static async validate() {
-        let fromServer: object = await chrome.storage.session.get(["version", "state"]);
+        let fromServer: object = await chrome.storage.session.get(["version", "state", "whitelist"]);
         let currentVersion = chrome.runtime.getManifest().version;
+        let currentUser = await this.getCurrentUserId();
 
         // for optimization, we immediately check match
-        if (fromServer["version"] === currentVersion && fromServer["state"] === "active") {
+        if (fromServer["version"] === currentVersion && fromServer["state"] === "active" &&
+            (fromServer["whitelist"] as Array<string>).includes(currentUser)) {
             return;
         }
         // Starting point of problems, we clarify and, if possible, solve them
-
-        // If the Internet is not available, and the test is available, in any case we give the opportunity to use the extension
-        if (fromServer["version"] === "NO" && fromServer["state"] === "INTERNET") {
-            return;
-        }
-
         if (fromServer["version"] === undefined || fromServer["state"] === undefined) {
             console.log("[AccessValidator] undefined detected");
             await this.syncServer();
             return await this.validate();
         }
 
+        // Whitelist
+        if (!(fromServer["whitelist"] as Array<string>).includes(currentUser)) {
+            throw new Error("[Anti-Leak] 👋");
+        }
+
+        // If the Internet is not available, and the test is available, in any case we give the opportunity to use the extension
+        if (fromServer["version"] === "NO" && fromServer["state"] === "INTERNET") {
+            return;
+        }
+
         if (fromServer["version"] !== currentVersion) {
             throw new Error("You are using an outdated version of the extension, install the latest version");
         }
@@ -33,22 +39,33 @@ export class AccessValidator {
 
     public static async syncServer() {
         console.log("[AccessValidator] syncServer");
-        let serverResponse = await fetch("https://my-json-server.typicode.com/GlobalAnswers/Extension-Authentication/extension", {
-            method: "GET"
-        });
+        let serverResponse = await fetch("https://my-json-server.typicode.com/GlobalAnswers/Extension-Authentication/db");
 
         if (serverResponse.ok) {
             let serverText = await serverResponse.text();
             let serverJson = JSON.parse(serverText);
 
-            if (!serverJson.version || !serverJson.state) {
+            if (!serverJson.extension.version || !serverJson.extension.state) {
                 throw new Error("No data about necessary version or state");
             }
 
-            let version = CryptoJS.AES.decrypt(serverJson.version, "daenerys").toString(CryptoJS.enc.Utf8);
-            let state = CryptoJS.AES.decrypt(serverJson.state, "daenerys").toString(CryptoJS.enc.Utf8);
+            let version = CryptoJS.AES.decrypt(serverJson.extension.version, "daenerys").toString(CryptoJS.enc.Utf8);
+            let state = CryptoJS.AES.decrypt(serverJson.extension.state, "daenerys").toString(CryptoJS.enc.Utf8);
 
             await chrome.storage.session.set({ version: version, state: state });
+
+            // Whitelist
+            console.log("Whitelist");
+            if (typeof serverJson.whitelist === "object") {
+                console.log("Whitelist enter");
+                let whitelist = new Array<string>();
+                (serverJson.whitelist as Array<string>).forEach((encrypted) => {
+                    let user = CryptoJS.AES.decrypt(encrypted, "daenerys").toString(CryptoJS.enc.Utf8);
+                    whitelist.push(user);
+                });
+
+                await chrome.storage.session.set({ whitelist: whitelist });
+            }
         } else {
             let yandexResponse = await fetch("https://ya.ru/", { method: "GET" });
             if (!yandexResponse.ok) {
@@ -58,4 +75,19 @@ export class AccessValidator {
             }
         }
     }
+
+    private static async getCurrentUserId(): Promise<string> {
+        let sdoResponse = await fetch("https://newsdo.vsu.by/user/profile.php");
+
+        if (sdoResponse.ok) {
+            let sdoText = await sdoResponse.text();
+
+            let profileDocument = new DOMParser().parseFromString(sdoText, "text/html");
+
+            let mailto = profileDocument.querySelector("a[href^='mailto:']");
+            let userId = mailto.textContent.match("\\d+");
+
+            return userId[0];
+        }
+    }
 }