Chromium Code Reviews Chromium Code Reviews
Issue 2974263002:
[milo] better ACL system for masters. (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2016 The LUCI Authors. All rights reserved. | 1 // Copyright 2016 The LUCI Authors. All rights reserved. |
| 2 // Use of this source code is governed under the Apache License, Version 2.0 | 2 // Use of this source code is governed under the Apache License, Version 2.0 |
| 3 // that can be found in the LICENSE file. | 3 // that can be found in the LICENSE file. |
| 4 | 4 |
| 5 package buildbot | 5 package buildbot |
| 6 | 6 |
| 7 import ( | 7 import ( |
| 8 "bytes" | 8 "bytes" |
| 9 "compress/gzip" | 9 "compress/gzip" |
| 10 "encoding/json" | 10 "encoding/json" |
| (...skipping 18 matching lines...) Expand all Loading... | |
| 29 if err != nil { | 29 if err != nil { |
| 30 return err | 30 return err |
| 31 } | 31 } |
| 32 defer reader.Close() | 32 defer reader.Close() |
| 33 if err = json.NewDecoder(reader).Decode(master); err != nil { | 33 if err = json.NewDecoder(reader).Decode(master); err != nil { |
| 34 return err | 34 return err |
| 35 } | 35 } |
| 36 return nil | 36 return nil |
| 37 } | 37 } |
| 38 | 38 |
| 39 // User not logged in, master found, master public: nil | 39 func canAccessMaster(c context.Context, name string) error { |
| 40 // User not logged in, master not found: 401 | |
| 41 // User not logged in, master internal: 401 | |
| 42 // User logged in, master found, master internal: nil | |
| 43 // User logged in, master not found: 404 | |
| 44 // User logged in, master found, master internal: 404 | |
| 45 // Other error: 500 | |
| 46 func checkAccess(c context.Context, err error, internal bool) error { | |
| 47 cu := auth.CurrentUser(c) | 40 cu := auth.CurrentUser(c) |
| 48 » switch { | 41 » if cu.Identity != identity.AnonymousIdentity { |
|
Ryan Tseng
2017/07/11 18:37:16
This should go after L51, otherwise a logged in us
iannucci
2017/07/11 21:01:39
chatted, we think this logic is actually correct (
| |
| 49 » case err == ds.ErrNoSuchEntity: | 42 » » // if we're logged in, and we can internal stuff, return nil. ge tMasterEntry |
|
dnj
2017/07/11 18:46:33
nit: "we can see internal stuff"
iannucci
2017/07/11 21:01:39
Done.
| |
| 50 » » if cu.Identity == identity.AnonymousIdentity { | 43 » » // will maybe return 404 later. |
| 51 » » » return errNotAuth | 44 » » if allowed, err := common.IsAllowedInternal(c); err != nil || al lowed { |
| 52 » » } | |
| 53 » » return errMasterNotFound | |
| 54 » case err != nil: | |
| 55 » » return err | |
| 56 » } | |
| 57 | |
| 58 » // Do the ACL check if the entry is internal. | |
| 59 » if internal { | |
| 60 » » allowed, err := common.IsAllowedInternal(c) | |
| 61 » » if err != nil { | |
| 62 return err | 45 return err |
| 63 } | 46 } |
| 64 if !allowed { | |
| 65 if cu.Identity == identity.AnonymousIdentity { | |
| 66 return errNotAuth | |
| 67 } | |
| 68 return errMasterNotFound | |
| 69 } | |
| 70 } | 47 } |
| 71 | 48 |
| 72 » return nil | 49 » // We're not logged in, or we can only see public stuff, so see if the m aster |
| 50 » // is public. | |
| 51 » if err := ds.Get(c, &buildbotMasterPublic{name}); err == nil { | |
| 52 » » // it exists and is public | |
| 53 » » return nil | |
| 54 » } | |
| 55 | |
| 56 » // They need to log in before we can tell them more stuff. | |
| 57 » return errNotAuth | |
| 73 } | 58 } |
| 74 | 59 |
| 75 // getMasterEntry feches the named master and does an ACL check on the | 60 // getMasterEntry feches the named master and does an ACL check on the |
| 76 // current user. | 61 // current user. |
| 77 // It returns: | 62 // It returns: |
| 78 func getMasterEntry(c context.Context, name string) (*buildbotMasterEntry, error ) { | 63 func getMasterEntry(c context.Context, name string) (*buildbotMasterEntry, error ) { |
| 64 if err := canAccessMaster(c, name); err != nil { | |
| 65 return nil, err | |
| 66 } | |
| 67 | |
| 79 entry := buildbotMasterEntry{Name: name} | 68 entry := buildbotMasterEntry{Name: name} |
| 80 err := ds.Get(c, &entry) | 69 err := ds.Get(c, &entry) |
| 81 » err = checkAccess(c, err, entry.Internal) | 70 » if err == ds.ErrNoSuchEntity { |
| 71 » » err = errMasterNotFound | |
| 72 » } | |
| 82 return &entry, err | 73 return &entry, err |
| 83 } | 74 } |
| 84 | 75 |
| 85 // getMasterJSON fetches the latest known buildbot master data and returns | 76 // getMasterJSON fetches the latest known buildbot master data and returns |
| 86 // the buildbotMaster struct (if found), whether or not it is internal, | 77 // the buildbotMaster struct (if found), whether or not it is internal, |
| 87 // the last modified time, and an error if not found. | 78 // the last modified time, and an error if not found. |
| 88 func getMasterJSON(c context.Context, name string) ( | 79 func getMasterJSON(c context.Context, name string) ( |
| 89 master *buildbotMaster, internal bool, t time.Time, err error) { | 80 master *buildbotMaster, internal bool, t time.Time, err error) { |
| 90 master = &buildbotMaster{} | 81 master = &buildbotMaster{} |
| 91 entry, err := getMasterEntry(c, name) | 82 entry, err := getMasterEntry(c, name) |
| (...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 142 for _, bn := range sb { | 133 for _, bn := range sb { |
| 143 // Go templates escapes this for us, and also | 134 // Go templates escapes this for us, and also |
| 144 // slashes are not allowed in builder names. | 135 // slashes are not allowed in builder names. |
| 145 ml.Builders = append(ml.Builders, *resp.NewLink( | 136 ml.Builders = append(ml.Builders, *resp.NewLink( |
| 146 bn, fmt.Sprintf("/buildbot/%s/%s", entry.Name, b n))) | 137 bn, fmt.Sprintf("/buildbot/%s/%s", entry.Name, b n))) |
| 147 } | 138 } |
| 148 result.BuilderGroups = append(result.BuilderGroups, ml) | 139 result.BuilderGroups = append(result.BuilderGroups, ml) |
| 149 } | 140 } |
| 150 return result, nil | 141 return result, nil |
| 151 } | 142 } |
| OLD | NEW |
