opendev/gerrit
Code Issues Proposed changes

Remove PermissionBackend#user(Provider<CurrentUser>)

Browse Source 
Checking permissions of users that aren't the caller on the current request
can have implications on the security of the system. The most prominent
one is creating a group-oracle.

To limit the cases where we could potentially expose Gerrit to these
threats, PermissionBackend removes the method that was operating solely
on the provider of the current user.

Change-Id: I601ea1200a15a5f262ca0770b23cc1c7bee126b1
This commit is contained in:
Patrick Hiesel
2018-02-20 12:19:33 +01:00
parent 659ea71969
commit 4bdef6c030
78 changed files with 124 additions and 245 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
java/com/google/gerrit/metrics/dropwizard/MetricsCollection.java
View File

@@ -21,7 +21,6 @@ import com.google.gerrit.extensions.restapi.ChildCollection;
import com.google.gerrit.extensions.restapi.IdString;
import com.google.gerrit.extensions.restapi.ResourceNotFoundException;
import com.google.gerrit.extensions.restapi.RestView;
import com.google.gerrit.server.CurrentUser;
import com.google.gerrit.server.config.ConfigResource;
import com.google.gerrit.server.permissions.GlobalPermission;
import com.google.gerrit.server.permissions.PermissionBackend;
@@ -35,7 +34,6 @@ class MetricsCollection implements ChildCollection<ConfigResource, MetricResourc
private final DynamicMap<RestView<MetricResource>> views;
private final Provider<ListMetrics> list;
private final PermissionBackend permissionBackend;
private final Provider<CurrentUser> user;
private final DropWizardMetricMaker metrics;
@Inject
@@ -43,12 +41,10 @@ class MetricsCollection implements ChildCollection<ConfigResource, MetricResourc
DynamicMap<RestView<MetricResource>> views,
Provider<ListMetrics> list,
PermissionBackend permissionBackend,
Provider<CurrentUser> user,
DropWizardMetricMaker metrics) {
this.views = views;
this.list = list;
this.permissionBackend = permissionBackend;
this.user = user;
this.metrics = metrics;
}
@@ -65,7 +61,7 @@ class MetricsCollection implements ChildCollection<ConfigResource, MetricResourc
@Override
public MetricResource parse(ConfigResource parent, IdString id)
throws ResourceNotFoundException, AuthException, PermissionBackendException {
permissionBackend.user(user).check(GlobalPermission.VIEW_CACHES);
permissionBackend.currentUser().check(GlobalPermission.VIEW_CACHES);
Metric metric = metrics.getMetric(id.get());
if (metric == null) {