Stop granting NODE_USER full RPC permissions (#2098)

2024-12-21 22:07:55 +00:00 · 2017-12-08 18:03:57 +00:00 · 2017-12-08 18:03:57 +00:00 · 991c59e753
commit 991c59e753
parent 92efd82fab
2 changed files with 5 additions and 14 deletions
--- a/node/src/main/kotlin/net/corda/node/services/messaging/ArtemisMessagingServer.kt
+++ b/node/src/main/kotlin/net/corda/node/services/messaging/ArtemisMessagingServer.kt
@ -239,8 +239,6 @@ class ArtemisMessagingServer(private val config: NodeConfiguration,
        securityRoles["$INTERNAL_PREFIX#"] = setOf(nodeInternalRole)  // Do not add any other roles here as it's only for the node
        securityRoles[P2P_QUEUE] = setOf(nodeInternalRole, restrictedRole(PEER_ROLE, send = true))
        securityRoles[RPCApi.RPC_SERVER_QUEUE_NAME] = setOf(nodeInternalRole, restrictedRole(RPC_ROLE, send = true))
-        // TODO: remove the NODE_USER role below once the webserver doesn't need it anymore.
-        securityRoles["${RPCApi.RPC_CLIENT_QUEUE_NAME_PREFIX}.$NODE_USER.#"] = setOf(nodeInternalRole)
        // Each RPC user must have its own role and its own queue. This prevents users accessing each other's queues
        // and stealing RPC responses.
        val rolesAdderOnLogin = RolesAdderOnLogin { username ->
--- a/node/src/main/kotlin/net/corda/node/services/messaging/RPCServer.kt
+++ b/node/src/main/kotlin/net/corda/node/services/messaging/RPCServer.kt
@ -357,9 +357,6 @@ class RPCServer(
        observableMap.cleanUp()
    }

-    // TODO remove this User once webserver doesn't need it
-    private val nodeUser = User(NODE_USER, NODE_USER, setOf())
-
    private fun ClientMessage.context(sessionId: Trace.SessionId): RpcAuthContext {
        val trace = Trace.newInstance(sessionId = sessionId)
        val externalTrace = externalTrace()
@ -372,15 +369,11 @@ class RPCServer(
        val validatedUser = message.getStringProperty(Message.HDR_VALIDATED_USER) ?: throw IllegalArgumentException("Missing validated user from the Artemis message")
        val targetLegalIdentity = message.getStringProperty(RPCApi.RPC_TARGET_LEGAL_IDENTITY)?.let(CordaX500Name.Companion::parse) ?: nodeLegalName
        // TODO switch userService based on targetLegalIdentity
-        val rpcUser = userService.getUser(validatedUser)
-        return if (rpcUser != null) {
-            Actor(Id(rpcUser.username), userService.id, targetLegalIdentity) to RpcPermissions(rpcUser.permissions)
-        } else if (CordaX500Name.parse(validatedUser) == nodeLegalName) {
-            // TODO remove this after Shell and WebServer will no longer need it
-            Actor(Id(nodeUser.username), userService.id, targetLegalIdentity) to RpcPermissions(nodeUser.permissions)
-        } else {
-            throw IllegalArgumentException("Validated user '$validatedUser' is not an RPC user nor the NODE user")
-        }
+        val rpcUser = userService.getUser(validatedUser) ?:
+                throw IllegalArgumentException("Validated user '$validatedUser' is not an RPC user")
+        return Pair(
+            Actor(Id(rpcUser.username), userService.id, targetLegalIdentity),
+            RpcPermissions(rpcUser.permissions))
    }
 }