From 820ba906f0409cd884d8a8378a2d3261305e75f6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adolfo=20G=C3=B3mez=20Garc=C3=ADa?= <dkmaster@dkmon.com>
Date: Tue, 28 Jan 2020 13:05:50 +0100
Subject: [PATCH] Fixing tickets for v3 actors && changing path for "join"
 registry key for join domain on 2 steps

---
 actor/src/udsactor/windows/store.py     |  2 +-
 server/src/uds/REST/methods/actor_v3.py | 13 ++++++++++---
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/actor/src/udsactor/windows/store.py b/actor/src/udsactor/windows/store.py
index 0154ae7d..1bf50f95 100644
--- a/actor/src/udsactor/windows/store.py
+++ b/actor/src/udsactor/windows/store.py
@@ -84,7 +84,7 @@ def writeConfig(config: types.ActorConfigurationType) -> None:
 
 def useOldJoinSystem() -> bool:
     try:
-        key = wreg.OpenKey(BASEKEY, 'Software\\UDSEnterpriseActor', 0, wreg.KEY_QUERY_VALUE)
+        key = wreg.OpenKey(BASEKEY, PATH, 0, wreg.KEY_QUERY_VALUE)
         try:
             data, _ = wreg.QueryValueEx(key, 'join')
         except Exception:
diff --git a/server/src/uds/REST/methods/actor_v3.py b/server/src/uds/REST/methods/actor_v3.py
index 6ea2ebd5..0f715cf5 100644
--- a/server/src/uds/REST/methods/actor_v3.py
+++ b/server/src/uds/REST/methods/actor_v3.py
@@ -379,10 +379,16 @@ class Ticket(ActorV3Action):
         logger.debug('Args: %s,  Params: %s', self._args, self._params)
 
         try:
-            return ActorV3Action.actorResult(TicketStore.get(self._params['ticket'], invalidate=True))
-        except TicketStore.DoesNotExist:
+            # Simple check that token exists
+            ActorToken.objects.get(token=self._params['token'])  # Not assigned, because only needs check
+        except ActorToken.DoesNotExist:
             raise BlockAccess()  # If too many blocks...
 
+        try:
+            return ActorV3Action.actorResult(TicketStore.get(self._params['ticket'], invalidate=True))
+        except TicketStore.DoesNotExists:
+            return ActorV3Action.actorResult(error='Invalid ticket')
+
 class Notify(ActorV3Action):
     name = 'notify'
 
@@ -400,7 +406,8 @@ class Notify(ActorV3Action):
             # Check block manually
             checkBlockedIp(self._request.ip)  # pylint: disable=protected-access
             userService = UserService.objects.get(uuid=self._params['token'])
-            # TODO: finish this
+            # TODO: finish this when needed :)
+
             return ActorV3Action.actorResult('ok')
         except UserService.DoesNotExist:
             # For blocking attacks