Makes config() function be available to Core Library only
config() function returns information from murano.conf. But since it contains sensitive information like passwords it creates a security issue for Murano because any app can get access to that information. However the function is used by the core library to get RabbitMQ credentials. This commit makes the function available to Core Library only which currently identified by the name (io.murano) but in the future will be identified by the package signature. Change-Id: I3fe5c153f931decc59bc8bf9eb87c78d459a64fa Closes-Bug: #1506807
This commit is contained in:
parent
74d6d2207c
commit
dafd569775
@ -94,6 +94,14 @@ class ContextManager(context_manager.ContextManager):
|
||||
return helpers.link_contexts(
|
||||
root_context, yaql_functions.get_context(runtime_version))
|
||||
|
||||
def create_package_context(self, package):
|
||||
context = super(ContextManager, self).create_package_context(
|
||||
package)
|
||||
if package.name == 'io.murano':
|
||||
context = helpers.link_contexts(
|
||||
context, yaql_functions.get_restricted_context())
|
||||
return context
|
||||
|
||||
|
||||
class TaskProcessingEndpoint(object):
|
||||
@classmethod
|
||||
|
@ -202,8 +202,6 @@ def get_context(runtime_version):
|
||||
context.register_function(bind)
|
||||
context.register_function(random_name)
|
||||
context.register_function(patch_)
|
||||
context.register_function(config)
|
||||
context.register_function(config_default)
|
||||
context.register_function(logger)
|
||||
|
||||
if runtime_version <= constants.RUNTIME_VERSION_1_1:
|
||||
@ -217,3 +215,11 @@ def get_context(runtime_version):
|
||||
for spec in utils.to_extension_method(t, root_context):
|
||||
context.register_function(spec)
|
||||
return context
|
||||
|
||||
|
||||
@helpers.memoize
|
||||
def get_restricted_context():
|
||||
context = yaql_integration.create_empty_context()
|
||||
context.register_function(config)
|
||||
context.register_function(config_default)
|
||||
return context
|
||||
|
Loading…
Reference in New Issue
Block a user