Merge branch 'dev' into msg-delivery

2026-03-02 08:46:38 +00:00 · 2026-01-12 21:17:38 -08:00
parent eba25fcc4d 552adf3200
commit eb0cdda0f9
105 changed files with 3217 additions and 545 deletions
--- a/server/routers/olm/handleOlmPingMessage.ts
+++ b/server/routers/olm/handleOlmPingMessage.ts
@@ -1,7 +1,7 @@
 import { db } from "@server/db";
 import { disconnectClient } from "#dynamic/routers/ws";
 import { getClientConfigVersion, MessageHandler } from "@server/routers/ws";
-import { clients, Olm } from "@server/db";
+import { clients, olms, Olm } from "@server/db";
 import { eq, lt, isNull, and, or } from "drizzle-orm";
 import logger from "@server/logger";
 import { validateSessionToken } from "@server/auth/sessions/app";
@@ -109,29 +109,17 @@ export const handleOlmPingMessage: MessageHandler = async (context) => {
        return;
    }

-    if (olm.userId) {
-        // we need to check a user token to make sure its still valid
-        const { session: userSession, user } =
-            await validateSessionToken(userToken);
-        if (!userSession || !user) {
-            logger.warn("Invalid user session for olm ping");
-            return; // by returning here we just ignore the ping and the setInterval will force it to disconnect
-        }
-        if (user.userId !== olm.userId) {
-            logger.warn("User ID mismatch for olm ping");
-            return;
-        }
+    if (!olm.clientId) {
+        logger.warn("Olm has no client ID!");
+        return;
+    }

+    try {
        // get the client
        const [client] = await db
            .select()
            .from(clients)
-            .where(
-                and(
-                    eq(clients.olmId, olm.olmId),
-                    eq(clients.userId, olm.userId)
-                )
-            )
+            .where(eq(clients.clientId, olm.clientId))
            .limit(1);

        if (!client) {
@@ -139,39 +127,48 @@ export const handleOlmPingMessage: MessageHandler = async (context) => {
            return;
        }

-        const sessionId = encodeHexLowerCase(
-            sha256(new TextEncoder().encode(userToken))
-        );
-
-        const policyCheck = await checkOrgAccessPolicy({
-            orgId: client.orgId,
-            userId: olm.userId,
-            sessionId // this is the user token passed in the message
-        });
-
-        if (!policyCheck.allowed) {
-            logger.warn(
-                `Olm user ${olm.userId} does not pass access policies for org ${client.orgId}: ${policyCheck.error}`
+        if (client.blocked) {
+            // NOTE: by returning we dont update the lastPing, so the offline checker will eventually disconnect them
+            logger.debug(
+                `Blocked client ${client.clientId} attempted olm ping`
            );
            return;
        }
-    }

-    if (!olm.clientId) {
-        logger.warn("Olm has no client ID!");
-        return;
-    }
+        if (olm.userId) {
+            // we need to check a user token to make sure its still valid
+            const { session: userSession, user } =
+                await validateSessionToken(userToken);
+            if (!userSession || !user) {
+                logger.warn("Invalid user session for olm ping");
+                return; // by returning here we just ignore the ping and the setInterval will force it to disconnect
+            }
+            if (user.userId !== olm.userId) {
+                logger.warn("User ID mismatch for olm ping");
+                return;
+            }
+            if (user.userId !== client.userId) {
+                logger.warn("Client user ID mismatch for olm ping");
+                return;
+            }

-    try {
-        // Update the client's last ping timestamp
-        const [client] = await db
-            .update(clients)
-            .set({
-                lastPing: Math.floor(Date.now() / 1000),
-                online: true
-            })
-            .where(eq(clients.clientId, olm.clientId))
-            .returning();
+            const sessionId = encodeHexLowerCase(
+                sha256(new TextEncoder().encode(userToken))
+            );
+
+            const policyCheck = await checkOrgAccessPolicy({
+                orgId: client.orgId,
+                userId: olm.userId,
+                sessionId // this is the user token passed in the message
+            });
+
+            if (!policyCheck.allowed) {
+                logger.warn(
+                    `Olm user ${olm.userId} does not pass access policies for org ${client.orgId}: ${policyCheck.error}`
+                );
+                return;
+            }
+        }

        // get the version
        const configVersion = await getClientConfigVersion(olm.olmId);
@@ -182,6 +179,23 @@ export const handleOlmPingMessage: MessageHandler = async (context) => {
            );
            await sendOlmSyncMessage(olm, client);
        }
+
+        // Update the client's last ping timestamp
+        await db
+            .update(clients)
+            .set({
+                lastPing: Math.floor(Date.now() / 1000),
+                online: true,
+                archived: false
+            })
+            .where(eq(clients.clientId, olm.clientId));
+
+        if (olm.archived) {
+            await db
+                .update(olms)
+                .set({ archived: false })
+                .where(eq(olms.olmId, olm.olmId));
+        }
    } catch (error) {
        logger.error("Error handling ping message", { error });
    }