Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Fixed permission checks for not-groupable domains #3678

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 13, 2023
Merged

Fixed permission checks for not-groupable domains #3678

merged 1 commit into from
Jan 13, 2023

Conversation

@Coduz
Copy link
Contributor

@Coduz Coduz commented Dec 21, 2022

This PR fixes the permission checking when a permission is assigned to a group in a not-groupable Domain.

Is not possible to assign a "direct" permission on a group which is not groupable (e.g. tag:read:1:{groupId}) but it is possible to assign a wildcard permission that then is checked againgst a not groupable domain (e.g. *:read:1:{groupId}.

Related Issue
None

Description of the solution adopted
Added a check on the target permission Domain. If it is not groupable, this means that the user permission (e.g. *:read:1:{groupId}) should be extended to all groups (e.g. *:read:1:*) only for not groupable domains.

Screenshots
None

Any side note on the changes made
None

@Coduz Coduz added the Bug This is a bug or an unexpected behaviour. Fix it! label Dec 21, 2022
@Coduz Coduz requested a review from stefanomorson December 21, 2022 13:17
@codecov
Copy link

codecov bot commented Dec 21, 2022
edited
Loading

Codecov Report

Merging #3678 (9aefef2) into develop (4bf18fa) will decrease coverage by 41.30%.
The diff coverage is 58.82%.

❗ Current head 9aefef2 differs from pull request most recent head c9a36a6. Consider uploading reports for the commit c9a36a6 to get more accurate results

Impacted file tree graph

@@              Coverage Diff               @@
##             develop    #3678       +/-   ##
==============================================
- Coverage      54.72%   13.42%   -41.31%     
==============================================
  Files           1821     1821               
  Lines          33766    33772        +6     
  Branches        2657     2657               
==============================================
- Hits           18480     4534    -13946     
- Misses         14312    28854    +14542     
+ Partials         974      384      -590
Impacted Files Coverage Δ
...authorization/permission/shiro/PermissionImpl.java 53.33% <58.82%> (-31.52%) ⬇️
.../java/org/eclipse/kapua/commons/util/Payloads.java 0.00% <0.00%> (-100.00%) ⬇️
...in/java/org/eclipse/kapua/broker/BrokerDomain.java 0.00% <0.00%> (-100.00%) ⬇️
...java/org/eclipse/kapua/commons/util/ClassUtil.java 0.00% <0.00%> (-100.00%) ⬇️
...n/java/org/eclipse/kapua/broker/BrokerDomains.java 0.00% <0.00%> (-100.00%) ⬇️
...va/org/eclipse/kapua/commons/util/SystemUtils.java 0.00% <0.00%> (-100.00%) ⬇️
.../java/org/eclipse/kapua/message/KapuaPosition.java 0.00% <0.00%> (-100.00%) ⬇️
.../java/org/eclipse/kapua/KapuaRuntimeException.java 0.00% <0.00%> (-100.00%) ⬇️
...java/org/eclipse/kapua/broker/core/plugin/Acl.java 0.00% <0.00%> (-100.00%) ⬇️
.../org/eclipse/kapua/commons/event/ServiceEntry.java 0.00% <0.00%> (-100.00%) ⬇️
... and 1042 more

@Coduz Coduz force-pushed the fix-checkPermissionWithGroups-new branch 4 times, most recently from 42a0e63 to b028e53 Compare December 23, 2022 16:17
@Coduz Coduz force-pushed the fix-checkPermissionWithGroups-new branch 2 times, most recently from 6bdfeed to 9348b88 Compare January 9, 2023 11:53
@Coduz Coduz force-pushed the fix-checkPermissionWithGroups-new branch from 9348b88 to c9a36a6 Compare January 9, 2023 11:53
@Coduz Coduz merged commit 20c34a9 into eclipse-kapua:develop Jan 13, 2023
@Coduz Coduz deleted the fix-checkPermissionWithGroups-new branch January 13, 2023 15:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@stefanomorson stefanomorson Awaiting requested review from stefanomorson

Assignees

No one assigned

Labels

Bug This is a bug or an unexpected behaviour. Fix it!

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Coduz