diff options
author | Timur Sufiev <tsufiev@mirantis.com> | 2014-11-26 13:11:27 +0300 |
---|---|---|
committer | Timur Sufiev <tsufiev@mirantis.com> | 2014-12-02 13:49:29 +0300 |
commit | 13b0c0e5d7b1ccf311e09d6f2c35ed9127814a0c (patch) | |
tree | dea8a2c513a203745616e20432fa4a98282bfa3b | |
parent | 31fc0f5d74532276bd8fe32ebdd0ee61fdf923fe (diff) | |
download | horizon-13b0c0e5d7b1ccf311e09d6f2c35ed9127814a0c.tar.gz |
Prevent leaking `target` info into subsequent `policy.check()` calls
Due to mutable dictionary being used as the default `target` argument
value the first target calculated from scratch in POLICY_CHECK
function will be used for all subsequent calls to POLICY_CHECK with 2
arguments. The wrong `target` can either lead to a reduced set of
operations on an entity for a given user, or to enlarged one. Due to
independent policy checks at each service's side this doesn't pose a
serious security breach, but can lead to weird UX behaviour.
Change-Id: I744fac28de0fb7060b50c5db689e74631a628c88
Closes-Bug: #1396544
(cherry picked from commit dab964d781699d07883a659750c6913b649fed38)
-rw-r--r-- | openstack_dashboard/policy.py | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/openstack_dashboard/policy.py b/openstack_dashboard/policy.py index c396426c2..0a10d9e2a 100644 --- a/openstack_dashboard/policy.py +++ b/openstack_dashboard/policy.py @@ -56,7 +56,7 @@ def reset(): _ENFORCER = None -def check(actions, request, target={}): +def check(actions, request, target=None): """Check user permission. Check if the user has permission to the action according @@ -93,6 +93,8 @@ def check(actions, request, target={}): {'tenant_id': object.tenant_id} :returns: boolean if the user has permission or not for the actions. """ + if target is None: + target = {} user = auth_utils.get_user(request) # Several service policy engines default to a project id check for |