[Fix-12916] Add permission check when query or download log #12917
Conversation
Codecov Report
@@ Coverage Diff @@
## dev #12917 +/- ##
============================================
+ Coverage 39.35% 39.36% +0.01%
Complexity 4271 4271
============================================
Files 1067 1067
Lines 40121 40125 +4
Branches 4601 4605 +4
============================================
+ Hits 15791 15797 +6
Misses 22551 22551
+ Partials 1779 1777 -2
📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
rickchengx
force-pushed
the
Fix-12916
branch
from
d2d5f80
to
ce915a8
Compare
There was a problem hiding this comment.
I dont't think it's a bug. It need to be disscussed. cc @ruanwenjun @caishunfeng @EricGao888 @zhongjiajie
Hi, @SbloodyS , thanks for your comment. Here is an example to illustrate why I think this is a bug:
In more serious cases, the logs may contain sensitive information
|
I agree with @rickchengx, users may make bad log decisions which will lead to security issue, so there's a strong need to for this permission check. In addition, i suggest to add request to apply for temporary permission to query and download logs for users who don't have permission, and this application can be approved by administrator. |
Hi, @Radeity Thanks for your comment. I agree that permission check is required when user query or download task logs. Can admin authorize the log permission to the user in this PR?Currently, admin can authorize users for the following resources: (E.g., project / resource / ....)
And in the design of this PR: Because I think the log of the task can be viewed only if the user can view the task. So in this PR, admin can authorize the log permission to the user by authorize users for the As for what you said, whether the administrator can individually add the log permission of a certain task instance to the user, I think it can be discussed and done after solving this security problem. WDYT cc @SbloodyS @EricGao888 @ruanwenjun @caishunfeng @zhongjiajie |
I think we keep permission within the project level is acceptable. we already supported it and it is simple enough |
| return false; | ||
| } | ||
| Map<String, Object> result = | ||
| projectService.checkProjectAndAuth(loginUser, project, project.getCode(), permissionKey); |
There was a problem hiding this comment.
could you use checkProjectAndAuthThrowException instead of checkProjectAndAuth to make our code more clear? It is may ask to change our UT as well
There was a problem hiding this comment.
Hi, @zhongjiajie Thanks for your suggestion. I've changed to checkProjectAndAuthThrowException.
rickchengx
force-pushed
the
Fix-12916
branch
2 times, most recently
from
047ee37
to
2e2844d
Compare
EricGao888
added
improvement
rickchengx
force-pushed
the
Fix-12916
branch
from
2e2844d
to
54014d2
Compare
|
Kudos, SonarCloud Quality Gate passed! |
|
PTAL when available, if no more comments, will proceed to merge. |
Purpose of the pull request
Currently, there is no permission check when user query or download log by task instance id.
Brief change log
Add permission check when query or download log
Who can query or download log ?
All users who have the permission of the project to which the task instance belongs can query or download the log.
Query the project to which the task instance belongs from the database.
Check the permission of project by
projectService.checkProjectAndAuth()Verify this pull request
covered by UT and manually tested as below
Note that the task instance id 1 is not created by current login user.