mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-05-12 14:30:19 -05:00
Code Issues Packages Projects Releases Wiki Activity

enforce permissions

Browse Source 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
This commit is contained in:
Jörn Friedrich Dreyer
2020-10-30 17:09:55 +01:00
parent bb0878a3eb
commit 494f9aca88
1 changed files with 1 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
accounts/pkg/service/v0/accounts.go
+1 -6
View File
@@ -65,12 +65,7 @@ func (s Service) hasAccountManagementPermissions(ctx context.Context) bool {
// get roles from context
roleIDs, ok := roles.ReadRoleIDsFromContext(ctx)
if !ok {
/**
* FIXME: with this we are skipping permission checks on all requests that are coming in without roleIDs in the
* metadata context. This is a huge security impairment, as that's the case not only for grpc requests but also
* for unauthenticated http requests and http requests coming in without hitting the ocis-proxy first.
*/
return true
return false
}
// check if permission is present in roles of the authenticated account