# HG changeset patch # User Aurelien Campeas # Date 1381405604 -7200 # Node ID 02a491f6fa9200dbeb1609c093120ddfee92da9b # Parent e7c94121ce9d5cbb792c881e3690d19f2f9fec9d [querier/security] instrument a bit the querier read security checks Related to #2920304 diff -r e7c94121ce9d -r 02a491f6fa92 server/querier.py --- a/server/querier.py Mon Sep 30 14:48:59 2013 +0200 +++ b/server/querier.py Thu Oct 10 13:46:44 2013 +0200 @@ -85,6 +85,7 @@ # use `term_etype` since we've to deal with rewritten constants here, # when used as an external source by another repository. # XXX what about local read security w/ those rewritten constants... + DBG = (server.DEBUG & server.DBG_SEC) and 'read' in server._SECURITY_CAPS schema = session.repo.schema if rqlst.where is not None: for rel in rqlst.where.iget_nodes(Relation): @@ -102,8 +103,14 @@ term_etype(session, rel.children[1].children[0], solution, args)) if not session.user.matching_groups(rdef.get_groups('read')): + if DBG: + print ('check_read_access: %s %s does not match %s' % + (rdef, session.user.groups, rdef.get_groups('read'))) # XXX rqlexpr not allowed raise Unauthorized('read', rel.r_type) + if DBG: + print ('check_read_access: %s %s matches %s' % + (rdef, session.user.groups, rdef.get_groups('read'))) localchecks = {} # iterate on defined_vars and not on solutions to ignore column aliases for varname in rqlst.defined_vars: @@ -115,6 +122,9 @@ if not erqlexprs: ex = Unauthorized('read', solution[varname]) ex.var = varname + if DBG: + print ('check_read_access: %s %s %s %s' % + (varname, eschema, session.user.groups, eschema.get_groups('read'))) raise ex # don't insert security on variable only referenced by 'NOT X relation Y' or # 'NOT EXISTS(X relation Y)'