Prevent leaking target info into subsequent policy.check() calls
Due to mutable dictionary being used as the default `target` argument
value the first target calculated from scratch in POLICY_CHECK
function will be used for all subsequent calls to POLICY_CHECK with 2
arguments. The wrong `target` can either lead to a reduced set of
operations on an entity for a given user, or to enlarged one. Due to
independent policy checks at each service's side this doesn't pose a
serious security breach, but can lead to weird UX behaviour.
Change-Id: I744fac28de0fb7060b50c5db689e74631a628c88
Closes-Bug: #1396544
(cherry picked from commit dab964d781)
This commit is contained in:
Timur Sufiev
parent
31fc0f5d74
commit
13b0c0e5d7
@ -56,7 +56,7 @@ def reset():
|
||||
_ENFORCER = None
|
||||
|
||||
|
||||
def check(actions, request, target={}):
|
||||
def check(actions, request, target=None):
|
||||
"""Check user permission.
|
||||
|
||||
Check if the user has permission to the action according
|
||||
@ -93,6 +93,8 @@ def check(actions, request, target={}):
|
||||
{'tenant_id': object.tenant_id}
|
||||
:returns: boolean if the user has permission or not for the actions.
|
||||
"""
|
||||
if target is None:
|
||||
target = {}
|
||||
user = auth_utils.get_user(request)
|
||||
|
||||
# Several service policy engines default to a project id check for
|
||||
|
||||
Loading…
Reference in New Issue
Block a user