Skip to content

Commit

Permalink
prevent normal users from listing deleted spaces
Browse files Browse the repository at this point in the history
  • Loading branch information
David Christofas committed Jan 17, 2022
1 parent 38fe318 commit d9c2baf
Show file tree
Hide file tree
Showing 4 changed files with 14 additions and 8 deletions.
3 changes: 3 additions & 0 deletions pkg/storage/utils/decomposedfs/node/node.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,9 @@ const (
QuotaUncalculated = "-1"
QuotaUnknown = "-2"
QuotaUnlimited = "-3"

// TrashIDDelimiter represents the characters used to separate the nodeid and the deletion time.
TrashIDDelimiter = ".T."
)

// Node represents a node in the tree and provides methods to get a Parent or Child instance
Expand Down
4 changes: 2 additions & 2 deletions pkg/storage/utils/decomposedfs/recycle.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -122,7 +122,7 @@ func (fs *Decomposedfs) createTrashItem(ctx context.Context, parentNode, interme
log.Error().Err(err).Msg("error reading trash link, skipping")
return nil, err
}
parts := strings.SplitN(filepath.Base(parentNode), ".T.", 2)
parts := strings.SplitN(filepath.Base(parentNode), node.TrashIDDelimiter, 2)
if len(parts) != 2 {
log.Error().Str("trashnode", trashnode).Interface("parts", parts).Msg("malformed trash link, skipping")
return nil, errors.New("malformed trash link")
Expand Down Expand Up @@ -191,7 +191,7 @@ func (fs *Decomposedfs) listTrashRoot(ctx context.Context, spaceID string) ([]*p
log.Error().Err(err).Str("trashRoot", trashRoot).Str("name", names[i]).Msg("error reading trash link, skipping")
continue
}
parts := strings.SplitN(filepath.Base(trashnode), ".T.", 2)
parts := strings.SplitN(filepath.Base(trashnode), node.TrashIDDelimiter, 2)
if len(parts) != 2 {
log.Error().Err(err).Str("trashRoot", trashRoot).Str("name", names[i]).Str("trashnode", trashnode).Interface("parts", parts).Msg("malformed trash link, skipping")
continue
Expand Down
9 changes: 6 additions & 3 deletions pkg/storage/utils/decomposedfs/spaces.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -391,12 +391,12 @@ func (fs *Decomposedfs) DeleteStorageSpace(ctx context.Context, req *provider.De
appctx.GetLogger(ctx).Error().Err(err).Str("match", matches[0]).Msg("could not read link, skipping")
}

node, err := node.ReadNode(ctx, fs.lu, filepath.Base(target))
n, err := node.ReadNode(ctx, fs.lu, filepath.Base(target))
if err != nil {
return err
}

err = fs.tp.Delete(ctx, node)
err = fs.tp.Delete(ctx, n)
if err != nil {
return err
}
Expand All @@ -406,7 +406,7 @@ func (fs *Decomposedfs) DeleteStorageSpace(ctx context.Context, req *provider.De
return err
}

trashPathMatches, err := filepath.Glob(node.InternalPath() + ".T.*")
trashPathMatches, err := filepath.Glob(n.InternalPath() + node.TrashIDDelimiter)
if err != nil {
return err
}
Expand Down Expand Up @@ -499,6 +499,9 @@ func (fs *Decomposedfs) storageSpaceFromNode(ctx context.Context, n *node.Node,
if err != nil || !ok {
return nil, errtypes.PermissionDenied(fmt.Sprintf("user %s is not allowed to Stat the space %+v", user.Username, space))
}
if strings.Contains(space.Root.OpaqueId, node.TrashIDDelimiter) {
return nil, errtypes.PermissionDenied(fmt.Sprintf("user %s is not allowed to list deleted spaces %+v", user.Username, space))
}
}

space.Owner = &userv1beta1.User{ // FIXME only return a UserID, not a full blown user object
Expand Down
6 changes: 3 additions & 3 deletions pkg/storage/utils/decomposedfs/tree/tree.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -420,7 +420,7 @@ func (t *Tree) Delete(ctx context.Context, n *node.Node) (err error) {
// first make node appear in the space trash
// parent id and name are stored as extended attributes in the node itself
trashLink := filepath.Join(t.root, "trash", n.SpaceRoot.ID, n.ID)
err = os.Symlink("../../nodes/"+n.ID+".T."+deletionTime, trashLink)
err = os.Symlink("../../nodes/"+n.ID+node.TrashIDDelimiter+deletionTime, trashLink)
if err != nil {
// To roll back changes
// TODO unset trashOriginAttr
Expand All @@ -430,7 +430,7 @@ func (t *Tree) Delete(ctx context.Context, n *node.Node) (err error) {
// at this point we have a symlink pointing to a non existing destination, which is fine

// rename the trashed node so it is not picked up when traversing up the tree and matches the symlink
trashPath := nodePath + ".T." + deletionTime
trashPath := nodePath + node.TrashIDDelimiter + deletionTime
err = os.Rename(nodePath, trashPath)
if err != nil {
// To roll back changes
Expand Down Expand Up @@ -840,7 +840,7 @@ func (t *Tree) readRecycleItem(ctx context.Context, spaceid, key, path string) (
err = recycleNode.FindStorageSpaceRoot()

if path == "" || path == "/" {
parts := strings.SplitN(filepath.Base(link), ".T.", 2)
parts := strings.SplitN(filepath.Base(link), node.TrashIDDelimiter, 2)
if len(parts) != 2 {
appctx.GetLogger(ctx).Error().Err(err).Str("trashItem", trashItem).Interface("parts", parts).Msg("malformed trash link")
return
Expand Down

0 comments on commit d9c2baf

Please sign in to comment.