feat: Security
This commit is contained in:
@@ -14,6 +14,8 @@ chat/
|
||||
├── domain/
|
||||
│ └── rules/
|
||||
│ ├── message.rules.ts canEditMessage, normaliseDeletedMessage, getMessageTimestamp
|
||||
│ ├── message-integrity.rules.ts headHash, inventory refresh, revision merge predicates
|
||||
│ ├── message-revision.builder.rules.ts buildMessageRevision, materializeMessageFromRevision
|
||||
│ ├── message-sync.rules.ts Inventory-based sync: chunkArray, findMissingIds, limits
|
||||
│ └── auto-scroll.rules.ts resolveAutoScrollBehavior (instant on channel switch, smooth for live msgs) + isStuckToBottom predicate
|
||||
│
|
||||
@@ -95,6 +97,10 @@ sequenceDiagram
|
||||
User->>DC: broadcastMessage(delete-message)
|
||||
```
|
||||
|
||||
## Message integrity
|
||||
|
||||
Outgoing creates/edits/deletes also emit signed `message-revision` events and persist revision audit rows locally. Sync inventories include `revision` and `headHash`; merge prefers a verified higher revision over legacy timestamp comparison. See `agents-docs/features/message-integrity.md` and `MessageRevisionService`.
|
||||
|
||||
## Text channel scoping
|
||||
|
||||
`ChatMessagesComponent` renders only the active text channel selected in `store/rooms`. Legacy messages without an explicit `channelId` are treated as `general` for backward compatibility, while new sends and typing events attach the active `channelId` so one text channel does not leak state into the rest of the server. Voice channels live in the same server-owned channel list, but they do not participate in chat-message routing.
|
||||
|
||||
Reference in New Issue
Block a user