ExternalVendorCode/corda
1
0
Fork 0
mirror of https://github.com/corda/corda.git synced 2025-01-03 03:36:48 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Stop granting NODE_USER full RPC permissions (#2098)

Browse Source
This commit is contained in:
igor nitto 2017-12-08 18:03:57 +00:00 committed by GitHub
parent 92efd82fab
commit 991c59e753
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 5 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
node/src/main/kotlin/net/corda/node/services/messaging/ArtemisMessagingServer.kt
View File

@ -239,8 +239,6 @@ class ArtemisMessagingServer(private val config: NodeConfiguration,
securityRoles["$INTERNAL_PREFIX#"] = setOf(nodeInternalRole) // Do not add any other roles here as it's only for the node securityRoles["$INTERNAL_PREFIX#"] = setOf(nodeInternalRole) // Do not add any other roles here as it's only for the node
securityRoles[P2P_QUEUE] = setOf(nodeInternalRole, restrictedRole(PEER_ROLE, send = true)) securityRoles[P2P_QUEUE] = setOf(nodeInternalRole, restrictedRole(PEER_ROLE, send = true))
securityRoles[RPCApi.RPC_SERVER_QUEUE_NAME] = setOf(nodeInternalRole, restrictedRole(RPC_ROLE, send = true)) securityRoles[RPCApi.RPC_SERVER_QUEUE_NAME] = setOf(nodeInternalRole, restrictedRole(RPC_ROLE, send = true))
// TODO: remove the NODE_USER role below once the webserver doesn't need it anymore.
securityRoles["${RPCApi.RPC_CLIENT_QUEUE_NAME_PREFIX}.$NODE_USER.#"] = setOf(nodeInternalRole)
// Each RPC user must have its own role and its own queue. This prevents users accessing each other's queues // Each RPC user must have its own role and its own queue. This prevents users accessing each other's queues
// and stealing RPC responses. // and stealing RPC responses.
val rolesAdderOnLogin = RolesAdderOnLogin { username -> val rolesAdderOnLogin = RolesAdderOnLogin { username ->

17
node/src/main/kotlin/net/corda/node/services/messaging/RPCServer.kt
View File

@ -357,9 +357,6 @@ class RPCServer(
observableMap.cleanUp() observableMap.cleanUp()
} }
// TODO remove this User once webserver doesn't need it
private val nodeUser = User(NODE_USER, NODE_USER, setOf())
private fun ClientMessage.context(sessionId: Trace.SessionId): RpcAuthContext { private fun ClientMessage.context(sessionId: Trace.SessionId): RpcAuthContext {
val trace = Trace.newInstance(sessionId = sessionId) val trace = Trace.newInstance(sessionId = sessionId)
val externalTrace = externalTrace() val externalTrace = externalTrace()
@ -372,15 +369,11 @@ class RPCServer(
val validatedUser = message.getStringProperty(Message.HDR_VALIDATED_USER) ?: throw IllegalArgumentException("Missing validated user from the Artemis message") val validatedUser = message.getStringProperty(Message.HDR_VALIDATED_USER) ?: throw IllegalArgumentException("Missing validated user from the Artemis message")
val targetLegalIdentity = message.getStringProperty(RPCApi.RPC_TARGET_LEGAL_IDENTITY)?.let(CordaX500Name.Companion::parse) ?: nodeLegalName val targetLegalIdentity = message.getStringProperty(RPCApi.RPC_TARGET_LEGAL_IDENTITY)?.let(CordaX500Name.Companion::parse) ?: nodeLegalName
// TODO switch userService based on targetLegalIdentity // TODO switch userService based on targetLegalIdentity
val rpcUser = userService.getUser(validatedUser) val rpcUser = userService.getUser(validatedUser) ?:
return if (rpcUser != null) { throw IllegalArgumentException("Validated user '$validatedUser' is not an RPC user")
Actor(Id(rpcUser.username), userService.id, targetLegalIdentity) to RpcPermissions(rpcUser.permissions) return Pair(
} else if (CordaX500Name.parse(validatedUser) == nodeLegalName) { Actor(Id(rpcUser.username), userService.id, targetLegalIdentity),
// TODO remove this after Shell and WebServer will no longer need it RpcPermissions(rpcUser.permissions))
Actor(Id(nodeUser.username), userService.id, targetLegalIdentity) to RpcPermissions(nodeUser.permissions)
} else {
throw IllegalArgumentException("Validated user '$validatedUser' is not an RPC user nor the NODE user")
}
} }
} }