Superminaren/kvm - kvm - Gitea: Git with a cup of tea

Commit Graph

Author	SHA1	Message	Date
Alex P	a1548fe5b1	feat: improve session approval workflow with re-request and rejection limits Backend improvements: - Keep denied sessions alive in pending mode instead of removing them - Add requestSessionApproval RPC method for re-requesting access - Fix security issue: preserve pending mode on reconnection for denied sessions - Add MaxRejectionAttempts field to SessionSettings (default: 3, configurable 1-10) Frontend improvements: - Change "Try Again" button to "Request Access Again" that re-requests approval - Add rejection counter with configurable maximum attempts - Hide modal after max rejections; session stays pending in SessionPopover - Add "Dismiss" button for primary to hide approval requests without deciding - Add MaxRejectionAttempts control in multi-session settings page - Reset rejection count when session is approved This improves the user experience by allowing denied users to retry without page reloads, while preventing spam with configurable rejection limits.	2025-10-08 21:37:02 +03:00
Alex P	cd70efb83f	feat: multi-session support with role-based permissions Implements concurrent WebRTC session management with granular permission control, enabling multiple users to connect simultaneously with different access levels. Features: - Session modes: Primary (full control), Observer (view-only), Queued, Pending - Role-based permissions (31 permissions across video, input, settings, system) - Session approval workflow with configurable access control - Primary control transfer, request, and approval mechanisms - Grace period reconnection (prevents interruption on network issues) - Automatic session timeout and cleanup - Nickname system with browser-based auto-generation - Trust-based emergency promotion (deadlock prevention) - Session blacklisting (prevents transfer abuse) Technical Implementation: - Centralized permission system (internal/session package) - Broadcast throttling (100ms global, 50ms per-session) for DoS protection - Defense-in-depth permission validation - Pre-allocated event maps for hot-path performance - Lock-free session iteration with snapshot pattern - Comprehensive session management UI with real-time updates New Files: - session_manager.go (1628 lines) - Core session lifecycle - internal/session/permissions.go (306 lines) - Permission rules - session_permissions.go (77 lines) - Package integration - datachannel_helpers.go (11 lines) - Permission denied handler - errors.go (10 lines) - Error definitions - 14 new UI components (session management, approval dialogs, overlays) 50 files changed, 5836 insertions(+), 442 deletions(-)	2025-10-08 18:52:45 +03:00

Author

SHA1

Message

Date

Alex P

a1548fe5b1

feat: improve session approval workflow with re-request and rejection limits

Backend improvements:
- Keep denied sessions alive in pending mode instead of removing them
- Add requestSessionApproval RPC method for re-requesting access
- Fix security issue: preserve pending mode on reconnection for denied sessions
- Add MaxRejectionAttempts field to SessionSettings (default: 3, configurable 1-10)

Frontend improvements:
- Change "Try Again" button to "Request Access Again" that re-requests approval
- Add rejection counter with configurable maximum attempts
- Hide modal after max rejections; session stays pending in SessionPopover
- Add "Dismiss" button for primary to hide approval requests without deciding
- Add MaxRejectionAttempts control in multi-session settings page
- Reset rejection count when session is approved

This improves the user experience by allowing denied users to retry without
page reloads, while preventing spam with configurable rejection limits.

2025-10-08 21:37:02 +03:00

Alex P

cd70efb83f

feat: multi-session support with role-based permissions

Implements concurrent WebRTC session management with granular permission control, enabling multiple users to connect simultaneously with different access levels.

Features:
- Session modes: Primary (full control), Observer (view-only), Queued, Pending
- Role-based permissions (31 permissions across video, input, settings, system)
- Session approval workflow with configurable access control
- Primary control transfer, request, and approval mechanisms
- Grace period reconnection (prevents interruption on network issues)
- Automatic session timeout and cleanup
- Nickname system with browser-based auto-generation
- Trust-based emergency promotion (deadlock prevention)
- Session blacklisting (prevents transfer abuse)

Technical Implementation:
- Centralized permission system (internal/session package)
- Broadcast throttling (100ms global, 50ms per-session) for DoS protection
- Defense-in-depth permission validation
- Pre-allocated event maps for hot-path performance
- Lock-free session iteration with snapshot pattern
- Comprehensive session management UI with real-time updates

New Files:
- session_manager.go (1628 lines) - Core session lifecycle
- internal/session/permissions.go (306 lines) - Permission rules
- session_permissions.go (77 lines) - Package integration
- datachannel_helpers.go (11 lines) - Permission denied handler
- errors.go (10 lines) - Error definitions
- 14 new UI components (session management, approval dialogs, overlays)

50 files changed, 5836 insertions(+), 442 deletions(-)

2025-10-08 18:52:45 +03:00

2 Commits