privetd: Compare user scope with minimalRole for local commands
Prived passes current auth scope corresponding to the current
/privet/v3/commands/execute requests to buffet.
Buffet compare scope with minimalRole of requested command and denies
request if scope is not enough.
BUG=brillo:808
TEST=`FEATURES=test emerge-gizmo buffet privetd`
Change-Id: Ib691184460fcd9d099e0688eaeadf831229672aa
Reviewed-on: https://chromium-review.googlesource.com/274234
Tested-by: Vitaly Buka <vitalybuka@chromium.org>
Reviewed-by: Alex Vakulenko <avakulenko@chromium.org>
Commit-Queue: Vitaly Buka <vitalybuka@chromium.org>
diff --git a/buffet/manager.cc b/buffet/manager.cc
index 23e4fca..40ef9c0 100644
--- a/buffet/manager.cc
+++ b/buffet/manager.cc
@@ -162,7 +162,8 @@
}
void Manager::AddCommand(DBusMethodResponse<std::string> response,
- const std::string& json_command) {
+ const std::string& json_command,
+ const std::string& in_user_role) {
static int next_id = 0;
std::string error_message;
std::unique_ptr<base::Value> value(base::JSONReader::ReadAndReturnError(
@@ -181,6 +182,24 @@
response->ReplyWithError(error.get());
return;
}
+
+ UserRole role;
+ if (!FromString(in_user_role, &role, &error)) {
+ response->ReplyWithError(error.get());
+ return;
+ }
+
+ UserRole minimal_role =
+ command_instance->GetCommandDefinition()->GetMinimalRole();
+ if (role < minimal_role) {
+ chromeos::Error::AddToPrintf(
+ &error, FROM_HERE, kErrorDomainGCD, "access_denied",
+ "User role '%s' less than minimal: '%s'", ToString(role).c_str(),
+ ToString(minimal_role).c_str());
+ response->ReplyWithError(error.get());
+ return;
+ }
+
std::string id = std::to_string(++next_id);
command_instance->SetID(id);
command_manager_->AddCommand(std::move(command_instance));
