inactive cursors access control.

internal/api/members/controler.go

@@ -57,12 +57,14 @@ func (h *MembersHandler) membersCreate(w http.ResponseWriter, r *http.Request) e
 	data := &MemberCreatePayload{
 		// default values
 		Profile: types.MemberProfile{
-			IsAdmin:            false,
-			CanLogin:           true,
-			CanConnect:         true,
-			CanWatch:           true,
-			CanHost:            true,
-			CanAccessClipboard: true,
+			IsAdmin:               false,
+			CanLogin:              true,
+			CanConnect:            true,
+			CanWatch:              true,
+			CanHost:               true,
+			CanAccessClipboard:    true,
+			SendsInactiveCursor:   true,
+			CanSeeInactiveCursors: true,
 		},
 	}
 

internal/member/dummy/provider.go

@@ -9,12 +9,14 @@ import (
 func New() types.MemberProvider {
 	return &MemberProviderCtx{
 		profile: types.MemberProfile{
-			IsAdmin:            true,
-			CanLogin:           true,
-			CanConnect:         true,
-			CanWatch:           true,
-			CanHost:            true,
-			CanAccessClipboard: true,
+			IsAdmin:               true,
+			CanLogin:              true,
+			CanConnect:            true,
+			CanWatch:              true,
+			CanHost:               true,
+			CanAccessClipboard:    true,
+			SendsInactiveCursor:   true,
+			CanSeeInactiveCursors: true,
 		},
 	}
 }

internal/member/object/provider.go

@@ -22,26 +22,30 @@ func (provider *MemberProviderCtx) Connect() error {
 	if provider.config.AdminPassword != "" {
 		// create default admin account at startup
 		_, err = provider.Insert("admin", provider.config.AdminPassword, types.MemberProfile{
-			Name:               "Administrator",
-			IsAdmin:            true,
-			CanLogin:           true,
-			CanConnect:         true,
-			CanWatch:           true,
-			CanHost:            true,
-			CanAccessClipboard: true,
+			Name:                  "Administrator",
+			IsAdmin:               true,
+			CanLogin:              true,
+			CanConnect:            true,
+			CanWatch:              true,
+			CanHost:               true,
+			CanAccessClipboard:    true,
+			SendsInactiveCursor:   true,
+			CanSeeInactiveCursors: true,
 		})
 	}
 
 	if provider.config.UserPassword != "" {
 		// create default user account at startup
 		_, err = provider.Insert("user", provider.config.UserPassword, types.MemberProfile{
-			Name:               "User",
-			IsAdmin:            false,
-			CanLogin:           true,
-			CanConnect:         true,
-			CanWatch:           true,
-			CanHost:            true,
-			CanAccessClipboard: true,
+			Name:                  "User",
+			IsAdmin:               false,
+			CanLogin:              true,
+			CanConnect:            true,
+			CanWatch:              true,
+			CanHost:               true,
+			CanAccessClipboard:    true,
+			SendsInactiveCursor:   true,
+			CanSeeInactiveCursors: false,
 		})
 	}
 

internal/session/manager.go

@@ -254,6 +254,22 @@ func (manager *SessionManagerCtx) AdminBroadcast(event string, payload interface
 	}
 }
 
+func (manager *SessionManagerCtx) InactiveCursorsBroadcast(event string, payload interface{}, exclude interface{}) {
+	for _, session := range manager.List() {
+		if !session.State().IsConnected || !session.Profile().CanSeeInactiveCursors {
+			continue
+		}
+
+		if exclude != nil {
+			if in, _ := utils.ArrayIn(session.ID(), exclude); in {
+				continue
+			}
+		}
+
+		session.Send(event, payload)
+	}
+}
+
 // ---
 // events
 // ---

internal/session/session.go

@@ -54,7 +54,7 @@ func (session *SessionCtx) IsHost() bool {
 }
 
 func (session *SessionCtx) SetCursor(cursor types.Cursor) {
-	if session.manager.InactiveCursors() {
+	if session.manager.InactiveCursors() && session.profile.SendsInactiveCursor {
 		session.manager.SetCursor(cursor, session)
 	}
 }

internal/types/member.go

@@ -9,13 +9,15 @@ var (
 )
 
 type MemberProfile struct {
-	Name               string `json:"name"`
-	IsAdmin            bool   `json:"is_admin"`
-	CanLogin           bool   `json:"can_login"`
-	CanConnect         bool   `json:"can_connect"`
-	CanWatch           bool   `json:"can_watch"`
-	CanHost            bool   `json:"can_host"`
-	CanAccessClipboard bool   `json:"can_access_clipboard"`
+	Name                  string `json:"name"`
+	IsAdmin               bool   `json:"is_admin"`
+	CanLogin              bool   `json:"can_login"`
+	CanConnect            bool   `json:"can_connect"`
+	CanWatch              bool   `json:"can_watch"`
+	CanHost               bool   `json:"can_host"`
+	CanAccessClipboard    bool   `json:"can_access_clipboard"`
+	SendsInactiveCursor   bool   `json:"sends_inactive_cursor"`
+	CanSeeInactiveCursors bool   `json:"can_see_inactive_cursors"`
 }
 
 type MemberProvider interface {

internal/types/session.go

@@ -60,6 +60,7 @@ type SessionManager interface {
 
 	Broadcast(event string, payload interface{}, exclude interface{})
 	AdminBroadcast(event string, payload interface{}, exclude interface{})
+	InactiveCursorsBroadcast(event string, payload interface{}, exclude interface{})
 
 	OnCreated(listener func(session Session))
 	OnDeleted(listener func(session Session))

internal/websocket/manager.go

@@ -173,8 +173,7 @@ func (manager *WebSocketManagerCtx) Start() {
 						)
 					}
 
-					// TODO: Send to subscribers only.
-					manager.sessions.AdminBroadcast(event.SESSION_CURSORS, cursors, nil)
+					manager.sessions.InactiveCursorsBroadcast(event.SESSION_CURSORS, cursors, nil)
 				}
 			}
 		}()