diff --git a/lib/action_cable/channel/base.rb b/lib/action_cable/channel/base.rb index 9cfeb4b73a8aabe82b0ed736fc97a79f1b58af31..8ee99649f40a4741b2a20e28912fbec2e7095e14 100644 --- a/lib/action_cable/channel/base.rb +++ b/lib/action_cable/channel/base.rb @@ -35,8 +35,16 @@ def initialize(connection, channel_identifier, params = {}) subscribe end - def receive(data) - raise "Not implemented" + def receive_data(data) + if authorized? + if respond_to?(:receive) + receive(data) + else + logger.error "[ActionCable] #{self.class.name} received data (#{data}) but #{self.class.name}#receive callback is not defined" + end + else + unauthorized + end end def subscribe @@ -52,6 +60,15 @@ def unsubscribe end protected + # Override in subclasses + def authorized? + true + end + + def unauthorized + logger.error "[ActionCable] Unauthorized access to #{self.class.name}" + end + def connect # Override in subclasses end @@ -61,7 +78,11 @@ def disconnect end def broadcast(data) - connection.broadcast({ identifier: @channel_identifier, message: data }.to_json) + if authorized? + connection.broadcast({ identifier: @channel_identifier, message: data }.to_json) + else + unauthorized + end end def start_periodic_timers @@ -80,6 +101,10 @@ def worker_pool connection.worker_pool end + def logger + connection.logger + end + end end diff --git a/lib/action_cable/server.rb b/lib/action_cable/server.rb index 244983710562c7a02fbff2bb913c62997b5a0e4b..3c78ad52393764118fe32a7c661fce3654b6d930 100644 --- a/lib/action_cable/server.rb +++ b/lib/action_cable/server.rb @@ -106,7 +106,7 @@ def subscribe_channel(data) def process_message(message) if @subscriptions[message['identifier']] - @subscriptions[message['identifier']].receive(ActiveSupport::JSON.decode message['data']) + @subscriptions[message['identifier']].receive_data(ActiveSupport::JSON.decode message['data']) else logger.error "Unable to process message: #{message}" end