Commit 09bec812 authored by Leigh Stoller's avatar Leigh Stoller

Changes to permission checks for nodes, experiments, and images.

In addition to the usual checks, project_root and group_root (in the
project) get the same permission as if they were in the subgroups with
group_root permission. This means they can swap/terminate/reboot etc
in subgroups even though they are not members of the subgroups.
There is still some copy problems with files, but leaving that till
later to deal with.
parent 86c05ab2
......@@ -684,20 +684,20 @@ sub TBExptAccessCheck($$$$)
# An experiment may be destroyed by the experiment creator or the
# project/group leader.
#
if ($access_type == TB_EXPT_DESTROY) {
if ($uid eq $creator) {
return 1;
}
$mintrust = PROJMEMBERTRUST_GROUPROOT;
}
elsif ($access_type == TB_EXPT_READINFO) {
if ($access_type == TB_EXPT_READINFO) {
$mintrust = PROJMEMBERTRUST_USER;
}
else {
$mintrust = PROJMEMBERTRUST_LOCALROOT;
}
return TBMinTrust(TBGrpTrust($uid, $pid, $gid), $mintrust);
#
# Either proper permission in the group, or group_root in the project.
# This lets group_roots muck with other people's experiments, including
# those in groups they do not belong to.
#
return TBMinTrust(TBGrpTrust($uid, $pid, $gid), $mintrust) ||
TBMinTrust(TBGrpTrust($uid, $pid, $pid), PROJMEMBERTRUST_GROUPROOT);
}
#
......@@ -735,19 +735,26 @@ sub TBNodeAccessCheck($$@)
foreach my $node (@nodelist) {
my $query_result =
DBQueryFatal("select trust from reserved as n ".
DBQueryFatal("select e.pid,e.gid from reserved as r ".
"left join experiments as e on ".
" e.pid=n.pid and e.eid=n.eid ".
"left join group_membership as g on ".
" g.pid=e.pid and g.gid=e.gid ".
"where g.uid='$uid' and n.node_id='$node'");
" e.pid=r.pid and e.eid=r.eid ".
"where r.node_id='$node'");
if ($query_result->numrows == 0) {
return 0;
}
my @row = $query_result->fetchrow_array();
my $pid = $row[0];
my $gid = $row[1];
if (! TBMinTrust($row[0], $mintrust)) {
#
# Either proper permission in the group, or group_root in the
# project. This lets group_roots muck with other people's
# nodes, including those in groups they do not belong to.
#
if (! TBMinTrust(TBGrpTrust($uid, $pid, $gid), $mintrust) &&
! TBMinTrust(TBGrpTrust($uid, $pid, $pid),
PROJMEMBERTRUST_GROUPROOT)) {
return 0;
}
}
......@@ -792,7 +799,7 @@ sub TBOSIDAccessCheck($$$)
my $shared = $row[1];
#
# Global OSIDs can be read by anyone.
# Global OSIDs can be read by anyone, but must be admin to read.
#
if ($shared) {
if ($access_type == TB_OSID_READINFO) {
......@@ -865,7 +872,7 @@ sub TBImageIDAccessCheck($$$)
}
#
# Otherwise must have proper trust in the project.
# Otherwise must have proper trust in the pid/gid
#
if ($access_type == TB_IMAGEID_READINFO) {
$mintrust = PROJMEMBERTRUST_USER;
......@@ -880,7 +887,13 @@ sub TBImageIDAccessCheck($$$)
$mintrust = PROJMEMBERTRUST_LOCALROOT;
}
return TBMinTrust(TBGrpTrust($uid, $pid, $gid), $mintrust);
#
# Either proper permission in the group, or group_root in the project.
# This lets group_roots muck with other people's experiments, including
# those in groups they do not belong to.
#
return TBMinTrust(TBGrpTrust($uid, $pid, $gid), $mintrust) ||
TBMinTrust(TBGrpTrust($uid, $pid, $pid), PROJMEMBERTRUST_GROUPROOT);
}
#
......@@ -2060,9 +2073,9 @@ sub TBExptCreateLogFile($$$)
" Bad data in logfile name: $logname");
}
chmod(0640, $logname) or
chmod(0664, $logname) or
die("*** $0:\n".
" Could not chmod $logname to 0640: $!\n");
" Could not chmod $logname to 0644: $!\n");
return $logname;
}
......
......@@ -324,16 +324,17 @@ function TBProjAccessCheck($uid, $pid, $gid, $access_type)
if (strcmp($gid, $pid) == 0) {
#
# Only project_root can bestow group_root in default group, and
# we already established that they're not project_root, so fail.
# we already established that they are not project_root, so fail.
#
return 0;
}
}
else {
#
# Non-default group.
# group_root in default group may bestow group_root.
#
if (TBMinTrust(TBGrpTrust($uid, $pid, $pid), $TBDB_TRUST_GROUPROOT)) {
if (TBMinTrust(TBGrpTrust($uid, $pid, $pid),
$TBDB_TRUST_GROUPROOT)) {
return 1;
}
......@@ -455,7 +456,6 @@ function TBCheckGroupTrustConsistency($user, $pid, $gid, $newtrust, $fail)
}
}
}
return 1;
}
......@@ -523,17 +523,18 @@ function TBExptAccessCheck($uid, $pid, $eid, $access_type)
if ($access_type == $TB_EXPT_READINFO) {
$mintrust = $TBDB_TRUST_USER;
}
elseif ($access_type == $TB_EXPT_UPDATEACCOUNTS) {
if (strcmp($uid, $head))
$mintrust = $TBDB_TRUST_GROUPROOT;
else
return 1;
}
else {
$mintrust = $TBDB_TRUST_LOCALROOT;
}
return TBMinTrust(TBGrpTrust($uid, $pid, $gid), $mintrust);
#
# Either proper permission in the group, or group_root in the project.
# This lets group_roots muck with other peoples experiments, including
# those in groups they do not belong to.
#
return TBMinTrust(TBGrpTrust($uid, $pid, $gid), $mintrust) ||
TBMinTrust(TBGrpTrust($uid, $pid, $pid), $TBDB_TRUST_GROUPROOT);
}
#
......@@ -562,18 +563,17 @@ function TBNodeAccessCheck($uid, $node_id, $access_type)
}
$query_result =
DBQueryFatal("select node_id,trust from reserved as n ".
DBQueryFatal("select e.pid,e.gid from reserved as r ".
"left join experiments as e on ".
" e.pid=n.pid and e.eid=n.eid ".
"left join group_membership as g on ".
" g.pid=e.pid and g.gid=e.gid ".
"where g.uid='$uid' and n.node_id='$node_id'");
" e.pid=r.pid and e.eid=r.eid ".
"where r.node_id='$node_id'");
if (mysql_num_rows($query_result) == 0) {
return 0;
}
$foorow = mysql_fetch_array($query_result);
$trust = $foorow[trust];
$row = mysql_fetch_array($query_result);
$pid = $row[pid];
$gid = $row[gid];
if ($access_type == $TB_NODEACCESS_READINFO) {
$mintrust = $TBDB_TRUST_USER;
......@@ -581,8 +581,8 @@ function TBNodeAccessCheck($uid, $node_id, $access_type)
else {
$mintrust = $TBDB_TRUST_LOCALROOT;
}
return TBMinTrust($trust, $mintrust);
return TBMinTrust(TBGrpTrust($uid, $pid, $gid), $mintrust) ||
TBMinTrust(TBGrpTrust($uid, $pid, $pid), $TBDB_TRUST_GROUPROOT);
}
#
......@@ -607,6 +607,13 @@ function TBUserInfoAccessCheck($uid, $target_uid, $access_type)
return 1;
}
#
# Admins do whatever they want!
#
if (ISADMIN($uid)) {
return 1;
}
#
# This join will allow the operation if the current user is in the same
# group (any group) as the target user, but with root permissions.
......@@ -759,7 +766,8 @@ function TBImageIDAccessCheck($uid, $imageid, $access_type)
$mintrust = $TBDB_TRUST_LOCALROOT;
}
return TBMinTrust(TBGrpTrust($uid, $pid, $gid), $mintrust);
return TBMinTrust(TBGrpTrust($uid, $pid, $gid), $mintrust) ||
TBMinTrust(TBGrpTrust($uid, $pid, $pid), $TBDB_TRUST_GROUPROOT);
}
#
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment