From 84daeb481d852d6531df11e842df1a70672d938c Mon Sep 17 00:00:00 2001 From: Tom Barron Date: Sun, 1 Mar 2020 13:12:08 +0100 Subject: [PATCH] Enforce policy checks for share export locations Closes-bug: #1654598 Change-Id: I5f358266739f1c42343d5a0c5ec8109c8fcaac4d --- manila/api/v2/share_export_locations.py | 5 ++++- manila/api/v2/share_instance_export_locations.py | 8 +++++++- ...hecks-for-share-export-locations-a5cea1ec123b1469.yaml | 6 ++++++ 3 files changed, 17 insertions(+), 2 deletions(-) create mode 100644 releasenotes/notes/bug-1654598-enforce-policy-checks-for-share-export-locations-a5cea1ec123b1469.yaml diff --git a/manila/api/v2/share_export_locations.py b/manila/api/v2/share_export_locations.py index 9fddab6df2..d5b01ebdba 100644 --- a/manila/api/v2/share_export_locations.py +++ b/manila/api/v2/share_export_locations.py @@ -20,6 +20,7 @@ from manila.api.views import export_locations as export_locations_views from manila.db import api as db_api from manila import exception from manila.i18n import _ +from manila import policy class ShareExportLocationController(wsgi.Controller): @@ -32,7 +33,9 @@ class ShareExportLocationController(wsgi.Controller): def _verify_share(self, context, share_id): try: - db_api.share_get(context, share_id) + share = db_api.share_get(context, share_id) + if not share['is_public']: + policy.check_policy(context, 'share', 'get', share) except exception.NotFound: msg = _("Share '%s' not found.") % share_id raise exc.HTTPNotFound(explanation=msg) diff --git a/manila/api/v2/share_instance_export_locations.py b/manila/api/v2/share_instance_export_locations.py index 38af170670..be9c9c35b4 100644 --- a/manila/api/v2/share_instance_export_locations.py +++ b/manila/api/v2/share_instance_export_locations.py @@ -21,6 +21,7 @@ from manila.api.views import export_locations as export_locations_views from manila.db import api as db_api from manila import exception from manila.i18n import _ +from manila import policy class ShareInstanceExportLocationController(wsgi.Controller): @@ -33,7 +34,12 @@ class ShareInstanceExportLocationController(wsgi.Controller): def _verify_share_instance(self, context, share_instance_id): try: - db_api.share_instance_get(context, share_instance_id) + share_instance = db_api.share_instance_get(context, + share_instance_id, + with_share_data=True) + if not share_instance['is_public']: + policy.check_policy(context, 'share_instance', 'show', + share_instance) except exception.NotFound: msg = _("Share instance '%s' not found.") % share_instance_id raise exc.HTTPNotFound(explanation=msg) diff --git a/releasenotes/notes/bug-1654598-enforce-policy-checks-for-share-export-locations-a5cea1ec123b1469.yaml b/releasenotes/notes/bug-1654598-enforce-policy-checks-for-share-export-locations-a5cea1ec123b1469.yaml new file mode 100644 index 0000000000..5af1028717 --- /dev/null +++ b/releasenotes/notes/bug-1654598-enforce-policy-checks-for-share-export-locations-a5cea1ec123b1469.yaml @@ -0,0 +1,6 @@ +--- +security: + - | + Closes a gap where a user can see the export locations for another user's + share if the uuid of the other share is leaked, stolen, or (improbably) + guessed.