implemnt backup ownership, improve datastore access permissions

2020-04-28 10:11:15 +02:00
parent 21690bfaef
commit 54552dda59
5 changed files with 235 additions and 54 deletions
--- a/src/api2/backup.rs
+++ b/src/api2/backup.rs
@ -14,7 +14,7 @@ use crate::tools::{self, WrappedReaderStream};
 use crate::server::{WorkerTask, H2Service};
 use crate::backup::*;
 use crate::api2::types::*;
-use crate::config::acl::PRIV_DATASTORE_CREATE_BACKUP;
+use crate::config::acl::PRIV_DATASTORE_BACKUP;
 use crate::config::cached_user_info::CachedUserInfo;

 mod environment;
@ -41,7 +41,7 @@ pub const API_METHOD_UPGRADE_BACKUP: ApiMethod = ApiMethod::new(
    )
 ).access(
    // Note: parameter 'store' is no uri parameter, so we need to test inside function body
-    Some("The user needs Datastore.CreateBackup privilege on /datastore/{store}."),
+    Some("The user needs Datastore.Backup privilege on /datastore/{store} and needs to own the backup group."),
    &Permission::Anybody
 );

@ -53,7 +53,7 @@ fn upgrade_to_backup_protocol(
    rpcenv: Box<dyn RpcEnvironment>,
 ) -> ApiResponseFuture {

-    async move {
+async move {
    let debug = param["debug"].as_bool().unwrap_or(false);

    let username = rpcenv.get_user().unwrap();
@ -61,7 +61,7 @@ fn upgrade_to_backup_protocol(
    let store = tools::required_string_param(&param, "store")?.to_owned();

    let user_info = CachedUserInfo::new()?;
-    user_info.check_privs(&username, &["datastore", &store], PRIV_DATASTORE_CREATE_BACKUP, false)?;
+    user_info.check_privs(&username, &["datastore", &store], PRIV_DATASTORE_BACKUP, false)?;

    let datastore = DataStore::lookup_datastore(&store)?;

@ -88,6 +88,12 @@ fn upgrade_to_backup_protocol(
    let env_type = rpcenv.env_type();

    let backup_group = BackupGroup::new(backup_type, backup_id);
+    let owner = datastore.create_backup_group(&backup_group, &username)?;
+    // permission check
+    if owner != username { // only the owner is allowed to create additional snapshots
+        bail!("backup owner check failed ({} != {})", username, owner);
+    }
+
    let last_backup = BackupInfo::last_backup(&datastore.base_path(), &backup_group).unwrap_or(None);
    let backup_dir = BackupDir::new_with_group(backup_group, backup_time);