[checkmk-commits] 6551 FIX Fixed missing permission checking during "Discard changes"

Module: check_mk Branch: master Commit: d83e2ed04df3bc37cca7b84f02ccb59b386fb241 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=d83e2ed04df3bc… Author: Lars Michelsen <lm(a)mathias-kettner.de> Date: Fri Sep 7 13:55:05 2018 +0200 6551 FIX Fixed missing permission checking during "Discard changes" Users with reduced privileges that have access to WATO e.g. for managing their own hosts in specific folders have access to the "Activate changes" page for activating their config changes. On that page there is a button "discard changes" which can be used to undo the configuration changes that have been made since the last activation. A limitation of this feature is that it can only revert the whole configuration at all, not only the configuration made by this user. A permitted user would discard all changes, even the ones made by others in the moment he clicks on discard changes. The activation mechanism is aware of the situation where others have made changes. Users that are not permitted to activate foreign changes are not able to activate their changes in this situation and get a warning message about this. However, the discard changes action was missing such a check which allowed those users to discard the changes of others while they should not be allowed to do so. The discard changes action is now using the same logic as the activate changes action for checking whether or not a user is allowed to do this. Change-Id: I09433119f02bc3b4149f431430d7271f542da610 --- .werks/6551 | 32 ++++++++++++++++++++++++++++++++ cmk/gui/wato/__init__.py | 24 ++++++++++++++++++++++-- cmk/gui/watolib.py | 2 +- 3 files changed, 55 insertions(+), 3 deletions(-) diff --git a/.werks/6551 b/.werks/6551 new file mode 100644 index 0000000..5c54c02 --- /dev/null +++ b/.werks/6551 @@ -0,0 +1,32 @@ +Title: Fixed missing permission checking during "Discard changes" +Level: 2 +Component: wato +Class: fix +Compatible: compat +Edition: cre +State: unknown +Version: 1.6.0i1 +Date: 1536237858 + +Users with reduced privileges that have access to WATO e.g. for managing their +own hosts in specific folders have access to the "Activate changes" page for +activating their config changes. On that page there is a button "discard +changes" which can be used to undo the configuration changes that have been +made since the last activation. + +A limitation of this feature is that it can only revert the whole configuration +at all, not only the configuration made by this user. A permitted user would +discard all changes, even the ones made by others in the moment he clicks on +discard changes. + +The activation mechanism is aware of the situation where others have made +changes. Users that are not permitted to activate foreign changes are not +able to activate their changes in this situation and get a warning message +about this. + +However, the discard changes action was missing such a check which allowed +those users to discard the changes of others while they should not be allowed +to do so. + +The discard changes action is now using the same logic as the activate changes +action for checking whether or not a user is allowed to do this. diff --git a/cmk/gui/wato/__init__.py b/cmk/gui/wato/__init__.py index 6a222f1..0d57e58 100644 --- a/cmk/gui/wato/__init__.py +++ b/cmk/gui/wato/__init__.py @@ -5475,7 +5475,7 @@ class ModeActivateChanges(WatoMode, watolib.ActivateChanges): home_button() # TODO: Remove once new changes mechanism has been implemented - if config.user.may("wato.activate") and self.has_changes() and self._get_last_wato_snapshot_file(): + if self._may_discard_changes(): html.context_button(_("Discard Changes!"), html.makeactionuri([("_action", "discard")]), "discard", id="discard_changes_button") @@ -5487,6 +5487,23 @@ class ModeActivateChanges(WatoMode, watolib.ActivateChanges): html.context_button(_("Audit Log"), watolib.folder_preserving_link([("mode", "auditlog")]), "auditlog") + + def _may_discard_changes(self): + if not config.user.may("wato.activate"): + return False + + if not self.has_changes(): + return False + + if not config.user.may("wato.activateforeign") and self._has_foreign_changes_on_any_site(): + return False + + if not self._get_last_wato_snapshot_file(): + return False + + return True + + def action(self): if html.var("_action") != "discard": return @@ -5494,6 +5511,9 @@ class ModeActivateChanges(WatoMode, watolib.ActivateChanges): if not html.check_transaction(): return + if not self._may_discard_changes(): + return + # TODO: Remove once new changes mechanism has been implemented # Now remove all currently pending changes by simply restoring the last automatically # taken snapshot. Then activate the configuration. This should revert all pending changes. @@ -5593,7 +5613,7 @@ class ModeActivateChanges(WatoMode, watolib.ActivateChanges): return if not config.user.may("wato.activateforeign") \ - and self._has_foreign_changes_on_all_sites(): + and self._has_foreign_changes_on_any_site(): html.show_warning(_("Sorry, you are not allowed to activate changes of other users.")) return diff --git a/cmk/gui/watolib.py b/cmk/gui/watolib.py index 689d0f1..9022916 100644 --- a/cmk/gui/watolib.py +++ b/cmk/gui/watolib.py @@ -5080,7 +5080,7 @@ class ActivateChanges(object): if self._is_foreign(change)) - def _has_foreign_changes_on_all_sites(self): + def _has_foreign_changes_on_any_site(self): return any(change for _change_id, change in self._changes if self._is_foreign(change) and self._affects_all_sites(change))