HGKeeper

grim/hgkeeper

Wire up permissions still need to handle readonly

2019-07-23, Gary Kramlich

76eb73c033fc

Parents eb233ca9b428
Children 68855a21fd28

Wire up permissions still need to handle readonly

5 files changed, 27 insertions(+), 14 deletions(-)

+1 -1

+2 -1

+5 -1

+5 -1

+14 -10

~~--- a/access/users.go Tue Jul 23 16:08:13 2019 -0500~~

+++ b/access/users.go Tue Jul 23 16:52:18 2019 -0500

@@ -45,7 +45,7 @@

// and returns the username if found, or err if not found.

func (a *Access) UsernameFromFingerprint(fingerprint string) (string, error) {

a.lock.Lock()

~~- defer a.lock.Lock()~~

+ defer a.lock.Unlock()

username, found := a.fingerprintIndex[fingerprint]

if !found {

~~--- a/commands/commands.go Tue Jul 23 16:08:13 2019 -0500~~

+++ b/commands/commands.go Tue Jul 23 16:52:18 2019 -0500

@@ -24,7 +24,8 @@

type Command interface {

Run(conn ssh.Channel, serverConn *ssh.ServerConn, req *ssh.Request) error

~~- CheckAccess(access access.Access, username string) bool~~

+ CheckAccess(access *access.Access, username string) bool

+ String() string

}

func parse(cmd string) (cli, string, error) {

~~--- a/commands/init.go Tue Jul 23 16:08:13 2019 -0500~~

+++ b/commands/init.go Tue Jul 23 16:52:18 2019 -0500

@@ -24,6 +24,10 @@

return run(hg.Init(i.repoPath), conn, serverConn, req)

}

~~-func (i *Init) CheckAccess(access access.Access, username string) bool {~~

+func (i *Init) CheckAccess(access *access.Access, username string) bool {

return access.Global.CanInit(username)

}

+func (i *Init) String() string {

+ return "hg init"

~~--- a/commands/serve.go Tue Jul 23 16:08:13 2019 -0500~~

+++ b/commands/serve.go Tue Jul 23 16:52:18 2019 -0500

@@ -25,6 +25,10 @@

return run(hg.Serve(s.repoPath), conn, serverConn, req)

}

~~-func (s *Serve) CheckAccess(access access.Access, username string) bool {~~

+func (s *Serve) CheckAccess(access *access.Access, username string) bool {

return access.Global.CanRead(username)

}

+func (s *Serve) String() string {

+ return "hg serve"

~~--- a/ssh/server.go Tue Jul 23 16:08:13 2019 -0500~~

+++ b/ssh/server.go Tue Jul 23 16:52:18 2019 -0500

@@ -9,6 +9,7 @@

"golang.org/x/crypto/ssh"

"bitbucket.org/rw_grim/hgkeeper/access"

+ "bitbucket.org/rw_grim/hgkeeper/commands"

)

type Server struct {

@@ -74,6 +75,7 @@

func (s *Server) publicKeyCallback(meta ssh.ConnMetadata, key ssh.PublicKey) (*ssh.Permissions, error) {

username, err := s.a.UsernameFromPubkey(key)

+ log.Infof("username: %q; err %v", username, err)

if err != nil {

if s.a.Global.CanRead(access.Public) {

username = access.Public

@@ -82,6 +84,8 @@

}

+ log.Infof("returning username: %q", username)

return &ssh.Permissions{

Extensions: map[string]string{"username": username},

}, nil

@@ -120,7 +124,7 @@

log.Infof("%s requested command %q", serverConn.RemoteAddr(), rawCmd)

~~- cmd, err := findCommand(rawCmd, s.reposPath)~~

+ cmd, err := commands.Find(rawCmd, s.reposPath)

if err != nil {

log.Warnf("failed to find command for %q, %v", rawCmd, err)

req.Reply(false, nil)

@@ -128,17 +132,17 @@

continue

}

~~- // username := serverConn.Permissions.Extensions["username"]~~

+ username := serverConn.Permissions.Extensions["username"]

+ log.Infof("username in exec: %q", username)

~~- // now check permissions~~

~~- // r, _, _ := s.a.GetPermissions(username, cmd.path)~~

~~- // if !r {~~

~~- // log.Warnf("user %q does not have read access to %s", username, cmd.path)~~

~~- // req.Reply(false, nil)~~

~~- // }~~

+ if !cmd.CheckAccess(s.a, username) {

+ log.Warnf("User %s is not allowed to run %s", username, cmd)

+ req.Reply(false, nil)

~~- log.Warnf("running %#v\n", cmd)~~

~~- if err := cmd.run(conn, serverConn, req); err != nil {~~

+ continue

+ }

+ if err := cmd.Run(conn, serverConn, req); err != nil {

log.Warnf("%s command %q failed: %v", serverConn.RemoteAddr(), rawCmd, err)

req.Reply(false, nil)

}