privetd: Compare user scope with minimalRole for local commands Prived passes current auth scope corresponding to the current /privet/v3/commands/execute requests to buffet. Buffet compare scope with minimalRole of requested command and denies request if scope is not enough. BUG=brillo:808 TEST=`FEATURES=test emerge-gizmo buffet privetd` Change-Id: Ib691184460fcd9d099e0688eaeadf831229672aa Reviewed-on: https://chromium-review.googlesource.com/274234 Tested-by: Vitaly Buka <vitalybuka@chromium.org> Reviewed-by: Alex Vakulenko <avakulenko@chromium.org> Commit-Queue: Vitaly Buka <vitalybuka@chromium.org>

commit: b2098425911ff2be1543c3fbae3174beddbcb471 [log] [tgz]
author: Vitaly Buka <vitalybuka@chromium.org> Sun May 31 23:32:46 2015 -0700
committer: ChromeOS Commit Bot <chromeos-commit-bot@chromium.org> Mon Jun 01 18:12:17 2015 +0000
tree: ed9c97a01404e3e1f4494e95573c2bc9fb12ecce
parent: be7ccb959d1795f5e3be9a0f9ff82ef56bd828aa [diff] [blame]
diff --git a/buffet/manager.h b/buffet/manager.h
index 2acb73e..35e6e25 100644
--- a/buffet/manager.h
+++ b/buffet/manager.h

@@ -77,7 +77,8 @@
                    const chromeos::VariantDictionary& property_set) override;
   bool GetState(chromeos::ErrorPtr* error, std::string* state) override;
   void AddCommand(DBusMethodResponse<std::string> response,
-                  const std::string& json_command) override;
+                  const std::string& json_command,
+                  const std::string& in_user_role) override;
   void GetCommand(DBusMethodResponse<std::string> response,
                   const std::string& id) override;
   void SetCommandVisibility(
commit	b2098425911ff2be1543c3fbae3174beddbcb471	[log] [tgz]
author	Vitaly Buka <vitalybuka@chromium.org>	Sun May 31 23:32:46 2015 -0700
committer	ChromeOS Commit Bot <chromeos-commit-bot@chromium.org>	Mon Jun 01 18:12:17 2015 +0000
tree	ed9c97a01404e3e1f4494e95573c2bc9fb12ecce
parent	be7ccb959d1795f5e3be9a0f9ff82ef56bd828aa [diff] [blame]