access key can join unlisted maps

client/src/server/server.ts

@@ -117,12 +117,14 @@ export class WebSocketServer extends EventDispatcher<Recv> implements Server {
     this.errorListener = fn
   }
 
-  fetch(path: string, init: RequestInit = {}) {
+  async fetch(path: string, init: RequestInit = {}) {
     init.headers = {
       ...init.headers,
       ...(this.token && { 'Authorization': 'Bearer ' + this.token })
     }
-    return fetch(`${this.httpUrl}/${path}`, init)
+    const resp = await fetch(`${this.httpUrl}/${path}`, init)
+    if (!resp.ok) throw await resp.text()
+    return resp
   }
 
   query<K extends SendKey>(type: K, content: Send[K], options: Partial<Options> = {}): Promise<Resp[K]> {

client/src/ui/index.svelte

@@ -6,7 +6,6 @@
   import storage from '../storage'
   import { WebSocketServer } from '../server/server'
   import { server, serverCfg } from './global'
-  import { queryConfig } from './lib/util'
 
   export let url = ''
 
@@ -26,7 +25,6 @@
     })
     await connected
 
-    // let config = await queryConfig($serverCfg, params.mapName)
     let config = await $server.query('config', params.mapName)
     console.log('joining map', config)
 

client/src/ui/lib/util.ts

@@ -27,6 +27,7 @@ export async function download(path: string, name: string) {
   const id = showInfo(`Downloading '${name}'…`, 'none')
   try {
     const resp = await fetch(path)
+    if (!resp.ok) throw await resp.text()
     const data = await resp.blob()
     const url = URL.createObjectURL(data)
 
@@ -48,7 +49,6 @@ export async function uploadMap(url: string, name: string, file: Blob) {
     method: 'PUT',
     body: file,
   })
-
   if (!resp.ok) throw await resp.text()
 }
 
@@ -58,7 +58,6 @@ export async function createMap(url: string, name: string, create: MapCreation)
     headers: { 'Content-Type': 'application/json' },
     body: JSON.stringify(create),
   })
-
   if (!resp.ok) throw await resp.text()
 }
 
@@ -96,13 +95,15 @@ export async function queryMaps(url: string): Promise<MapDetail[]> {
   }
 
   const resp = await fetch(`${url}/maps`)
+  if (!resp.ok) throw await resp.text()
+
   const maps: MapDetail[] = await resp.json()
   sortMaps(maps)
   return maps
 }
 
-export async function queryConfig(server: WebSocketServer, mapName: string): Promise<Config> {
-  const resp = await server.fetch(`maps/${mapName}/config`)
+export async function queryConfig(url: string, mapName: string): Promise<Config> {
+  const resp = await fetch(`${url}/maps/${mapName}/config`)
   const config: Config = await resp.json()
   return config
 }

client/src/ui/routes/lobby.svelte

@@ -1,6 +1,6 @@
 <script lang="ts">
   import { navigate } from 'svelte-routing'
-  import { showInfo, showWarning, showError, clearDialog } from '../lib/dialog'
+  import { showInfo, showWarning, showError, clearDialog, showDialog } from '../lib/dialog'
   import {
     Column,
     Row,
@@ -36,7 +36,7 @@
     TrashCan as DeleteIcon,
     Password as KeyIcon,
   } from 'carbon-icons-svelte'
-  import { createMap, download, queryMaps, uploadMap } from '../lib/util'
+  import { createMap, download, queryConfig, queryMaps, uploadMap } from '../lib/util'
   import type { ComboBoxItem } from 'carbon-components-svelte/src/ComboBox/ComboBox.svelte'
   import type { MapDetail } from '../../server/protocol'
   import { onMount } from 'svelte'
@@ -163,22 +163,36 @@
 
   async function onJoinBridge(key: string) {
     modalAccessKey.open = false
+    let id = showInfo(`joining ${key}…`, 'none')
 
-    const cfg: ServerConfig = {
-      ...serverCfg,
-      name: 'remote: ' + key,
-      path: (serverCfg.path ?? '') + '/bridge/' + key,
-    }
-    serverCfgs.push(cfg)
-
-    const httpUrl = serverHttpUrl(cfg)
-    let maps = await queryMaps(httpUrl)
-    let name = maps[0].name
+    try {
+      // first, see if the key points at an unlisted map.
+      const httpUrl = serverHttpUrl(serverCfg)
+      const config = await queryConfig(httpUrl, key)
+      onJoinMap(config.name)
+    } catch (_) {
+      // second, if it's not a unlisted map, it's a bridge map
+      try {
+        const cfg: ServerConfig = {
+          ...serverCfg,
+          name: 'remote: ' + key,
+          path: (serverCfg.path ?? '') + '/bridge/' + key,
+        }
+        serverCfgs.push(cfg)
 
-    storage.save('servers', serverCfgs, { persistent: false })
-    storage.save('currentServer', serverCfgs.length - 1, { persistent: false })
+        const httpUrl = serverHttpUrl(cfg)
+        let maps = await queryMaps(httpUrl)
+        let name = maps[0].name
 
-    navigate('/edit/' + name)
+        storage.save('servers', serverCfgs, { persistent: false })
+        storage.save('currentServer', serverCfgs.length - 1, { persistent: false })
+        navigate('/edit/' + name)
+      } catch (e) {
+        showError(e)
+      }
+    } finally {
+      clearDialog(id)
+    }
   }
 
   function onDeleteMap(mapName: string) {

desktop/gen/schemas/desktop-schema.json

@@ -37,7 +37,7 @@
   ],
   "definitions": {
     "Capability": {
-      "description": "A grouping and boundary mechanism developers can use to isolate access to the IPC layer.\n\nIt controls application windows fine grained access to the Tauri core, application, or plugin commands. If a window is not matching any capability then it has no access to the IPC layer at all.\n\nThis can be done to create groups of windows, based on their required system access, which can reduce impact of frontend vulnerabilities in less privileged windows. Windows can be added to a capability by exact name (e.g. `main-window`) or glob patterns like `*` or `admin-*`. A Window can have none, one, or multiple associated capabilities.\n\n## Example\n\n```json { \"identifier\": \"main-user-files-write\", \"description\": \"This capability allows the `main` window on macOS and Windows access to `filesystem` write related commands and `dialog` commands to enable programatic access to files selected by the user.\", \"windows\": [ \"main\" ], \"permissions\": [ \"core:default\", \"dialog:open\", { \"identifier\": \"fs:allow-write-text-file\", \"allow\": [{ \"path\": \"$HOME/test.txt\" }] }, \"platforms\": [\"macOS\",\"windows\"] } ```",
+      "description": "A grouping and boundary mechanism developers can use to isolate access to the IPC layer.\n\nIt controls application windows fine grained access to the Tauri core, application, or plugin commands. If a window is not matching any capability then it has no access to the IPC layer at all.\n\nThis can be done to create groups of windows, based on their required system access, which can reduce impact of frontend vulnerabilities in less privileged windows. Windows can be added to a capability by exact name (e.g. `main-window`) or glob patterns like `*` or `admin-*`. A Window can have none, one, or multiple associated capabilities.\n\n## Example\n\n```json { \"identifier\": \"main-user-files-write\", \"description\": \"This capability allows the `main` window on macOS and Windows access to `filesystem` write related commands and `dialog` commands to enable programatic access to files selected by the user.\", \"windows\": [ \"main\" ], \"permissions\": [ \"core:default\", \"dialog:open\", { \"identifier\": \"fs:allow-write-text-file\", \"allow\": [{ \"path\": \"$HOME/test.txt\" }] }, ], \"platforms\": [\"macOS\",\"windows\"] } ```",
       "type": "object",
       "required": [
         "identifier",

desktop/gen/schemas/linux-schema.json

@@ -37,7 +37,7 @@
   ],
   "definitions": {
     "Capability": {
-      "description": "A grouping and boundary mechanism developers can use to isolate access to the IPC layer.\n\nIt controls application windows fine grained access to the Tauri core, application, or plugin commands. If a window is not matching any capability then it has no access to the IPC layer at all.\n\nThis can be done to create groups of windows, based on their required system access, which can reduce impact of frontend vulnerabilities in less privileged windows. Windows can be added to a capability by exact name (e.g. `main-window`) or glob patterns like `*` or `admin-*`. A Window can have none, one, or multiple associated capabilities.\n\n## Example\n\n```json { \"identifier\": \"main-user-files-write\", \"description\": \"This capability allows the `main` window on macOS and Windows access to `filesystem` write related commands and `dialog` commands to enable programatic access to files selected by the user.\", \"windows\": [ \"main\" ], \"permissions\": [ \"core:default\", \"dialog:open\", { \"identifier\": \"fs:allow-write-text-file\", \"allow\": [{ \"path\": \"$HOME/test.txt\" }] }, \"platforms\": [\"macOS\",\"windows\"] } ```",
+      "description": "A grouping and boundary mechanism developers can use to isolate access to the IPC layer.\n\nIt controls application windows fine grained access to the Tauri core, application, or plugin commands. If a window is not matching any capability then it has no access to the IPC layer at all.\n\nThis can be done to create groups of windows, based on their required system access, which can reduce impact of frontend vulnerabilities in less privileged windows. Windows can be added to a capability by exact name (e.g. `main-window`) or glob patterns like `*` or `admin-*`. A Window can have none, one, or multiple associated capabilities.\n\n## Example\n\n```json { \"identifier\": \"main-user-files-write\", \"description\": \"This capability allows the `main` window on macOS and Windows access to `filesystem` write related commands and `dialog` commands to enable programatic access to files selected by the user.\", \"windows\": [ \"main\" ], \"permissions\": [ \"core:default\", \"dialog:open\", { \"identifier\": \"fs:allow-write-text-file\", \"allow\": [{ \"path\": \"$HOME/test.txt\" }] }, ], \"platforms\": [\"macOS\",\"windows\"] } ```",
       "type": "object",
       "required": [
         "identifier",