From d00e1a216f0fec297acf52fbe2b00b516b476f58 Mon Sep 17 00:00:00 2001 From: Dietmar Maurer Date: Mon, 27 Apr 2020 07:13:06 +0200 Subject: [PATCH] src/config/acl.rs: introduce more/better datastore privileges --- src/api2/admin/datastore.rs | 17 +++++++++++------ src/api2/backup.rs | 6 +++--- src/api2/pull.rs | 8 ++++---- src/api2/reader.rs | 6 +++--- src/config/acl.rs | 19 ++++++++++++------- 5 files changed, 33 insertions(+), 23 deletions(-) diff --git a/src/api2/admin/datastore.rs b/src/api2/admin/datastore.rs index 1109521a..ddf35564 100644 --- a/src/api2/admin/datastore.rs +++ b/src/api2/admin/datastore.rs @@ -22,7 +22,12 @@ use crate::backup::*; use crate::config::datastore; use crate::server::WorkerTask; use crate::tools; -use crate::config::acl::{PRIV_DATASTORE_AUDIT, PRIV_DATASTORE_ALLOCATE_SPACE}; +use crate::config::acl::{ + PRIV_DATASTORE_AUDIT, + PRIV_DATASTORE_READ, + PRIV_DATASTORE_PRUNE, + PRIV_DATASTORE_CREATE_BACKUP, +}; fn read_backup_index(store: &DataStore, backup_dir: &BackupDir) -> Result, Error> { @@ -193,7 +198,7 @@ pub fn list_snapshot_files( }, }, access: { - permission: &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_ALLOCATE_SPACE, false), + permission: &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_PRUNE, false), }, )] /// Delete backup snapshot. @@ -406,7 +411,7 @@ const API_METHOD_PRUNE: ApiMethod = ApiMethod::new( ("store", false, &DATASTORE_SCHEMA), ]) ) -).access(None, &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_ALLOCATE_SPACE, false)); +).access(None, &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_PRUNE, false)); fn prune( param: Value, @@ -530,7 +535,7 @@ fn prune( schema: UPID_SCHEMA, }, access: { - permission: &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_ALLOCATE_SPACE, false), + permission: &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_PRUNE, false), }, )] /// Start garbage collection. @@ -615,7 +620,7 @@ pub const API_METHOD_DOWNLOAD_FILE: ApiMethod = ApiMethod::new( ("file-name", false, &BACKUP_ARCHIVE_NAME_SCHEMA), ]), ) -).access(None, &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_ALLOCATE_SPACE, false)); +).access(None, &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_READ, false)); fn download_file( _parts: Parts, @@ -674,7 +679,7 @@ pub const API_METHOD_UPLOAD_BACKUP_LOG: ApiMethod = ApiMethod::new( ("backup-time", false, &BACKUP_TIME_SCHEMA), ]), ) -).access(None, &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_ALLOCATE_SPACE, false)); +).access(None, &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_CREATE_BACKUP, false)); fn upload_backup_log( _parts: Parts, diff --git a/src/api2/backup.rs b/src/api2/backup.rs index 76d08438..b3e594eb 100644 --- a/src/api2/backup.rs +++ b/src/api2/backup.rs @@ -14,7 +14,7 @@ use crate::tools::{self, WrappedReaderStream}; use crate::server::{WorkerTask, H2Service}; use crate::backup::*; use crate::api2::types::*; -use crate::config::acl::PRIV_DATASTORE_ALLOCATE_SPACE; +use crate::config::acl::PRIV_DATASTORE_CREATE_BACKUP; use crate::config::cached_user_info::CachedUserInfo; mod environment; @@ -41,7 +41,7 @@ pub const API_METHOD_UPGRADE_BACKUP: ApiMethod = ApiMethod::new( ) ).access( // Note: parameter 'store' is no uri parameter, so we need to test inside function body - Some("The user needs Datastore.AllocateSpace privilege on /datastore/{store}."), + Some("The user needs Datastore.CreateBackup privilege on /datastore/{store}."), &Permission::Anybody ); @@ -61,7 +61,7 @@ fn upgrade_to_backup_protocol( let store = tools::required_string_param(¶m, "store")?.to_owned(); let user_info = CachedUserInfo::new()?; - user_info.check_privs(&username, &["datastore", &store], PRIV_DATASTORE_ALLOCATE_SPACE, false)?; + user_info.check_privs(&username, &["datastore", &store], PRIV_DATASTORE_CREATE_BACKUP, false)?; let datastore = DataStore::lookup_datastore(&store)?; diff --git a/src/api2/pull.rs b/src/api2/pull.rs index b8d47901..8e989275 100644 --- a/src/api2/pull.rs +++ b/src/api2/pull.rs @@ -16,7 +16,7 @@ use crate::backup::*; use crate::client::*; use crate::config::remote; use crate::api2::types::*; -use crate::config::acl::PRIV_DATASTORE_ALLOCATE_SPACE; +use crate::config::acl::{PRIV_DATASTORE_CREATE_BACKUP, PRIV_DATASTORE_READ}; use crate::config::cached_user_info::CachedUserInfo; // fixme: implement filters @@ -391,7 +391,7 @@ pub async fn pull_store( }, access: { // Note: used parameters are no uri parameters, so we need to test inside function body - description: "The user needs Datastore.AllocateSpace privilege on '/datastore/{store}' and '/remote/{remote}/{remote-store}'.", + description: "The user needs Datastore.CreateBackup privilege on '/datastore/{store}' and Datastore.Read on '/remote/{remote}/{remote-store}'.", permission: &Permission::Anybody, }, )] @@ -408,8 +408,8 @@ async fn pull ( let user_info = CachedUserInfo::new()?; let username = rpcenv.get_user().unwrap(); - user_info.check_privs(&username, &["datastore", &store], PRIV_DATASTORE_ALLOCATE_SPACE, false)?; - user_info.check_privs(&username, &["remote", &remote, &remote_store], PRIV_DATASTORE_ALLOCATE_SPACE, false)?; + user_info.check_privs(&username, &["datastore", &store], PRIV_DATASTORE_CREATE_BACKUP, false)?; + user_info.check_privs(&username, &["remote", &remote, &remote_store], PRIV_DATASTORE_READ, false)?; let delete = delete.unwrap_or(true); diff --git a/src/api2/reader.rs b/src/api2/reader.rs index 72e32cc5..88206bd9 100644 --- a/src/api2/reader.rs +++ b/src/api2/reader.rs @@ -15,7 +15,7 @@ use crate::api2::types::*; use crate::backup::*; use crate::server::{WorkerTask, H2Service}; use crate::tools; -use crate::config::acl::PRIV_DATASTORE_ALLOCATE_SPACE; +use crate::config::acl::PRIV_DATASTORE_READ; use crate::config::cached_user_info::CachedUserInfo; mod environment; @@ -45,7 +45,7 @@ pub const API_METHOD_UPGRADE_BACKUP: ApiMethod = ApiMethod::new( ) ).access( // Note: parameter 'store' is no uri parameter, so we need to test inside function body - Some("The user needs Datastore.AllocateSpace privilege on /datastore/{store}."), + Some("The user needs Datastore.Read privilege on /datastore/{store}."), &Permission::Anybody ); @@ -64,7 +64,7 @@ fn upgrade_to_backup_reader_protocol( let store = tools::required_string_param(¶m, "store")?.to_owned(); let user_info = CachedUserInfo::new()?; - user_info.check_privs(&username, &["datastore", &store], PRIV_DATASTORE_ALLOCATE_SPACE, false)?; + user_info.check_privs(&username, &["datastore", &store], PRIV_DATASTORE_READ, false)?; let datastore = DataStore::lookup_datastore(&store)?; diff --git a/src/config/acl.rs b/src/config/acl.rs index b1a66989..2cae1c74 100644 --- a/src/config/acl.rs +++ b/src/config/acl.rs @@ -16,10 +16,12 @@ pub const PRIV_SYS_MODIFY: u64 = 1 << 1; pub const PRIV_SYS_POWER_MANAGEMENT: u64 = 1 << 2; pub const PRIV_DATASTORE_AUDIT: u64 = 1 << 3; -pub const PRIV_DATASTORE_MODIFY: u64 = 1 << 4; -pub const PRIV_DATASTORE_ALLOCATE_SPACE: u64 = 1 << 5; +pub const PRIV_DATASTORE_MODIFY: u64 = 1 << 4; +pub const PRIV_DATASTORE_CREATE_BACKUP: u64 = 1 << 5; +pub const PRIV_DATASTORE_READ: u64 = 1 << 6; +pub const PRIV_DATASTORE_PRUNE: u64 = 1 << 7; -pub const PRIV_PERMISSIONS_MODIFY: u64 = 1 << 6; +pub const PRIV_PERMISSIONS_MODIFY: u64 = 1 << 8; pub const ROLE_ADMIN: u64 = std::u64::MAX; pub const ROLE_NO_ACCESS: u64 = 0; @@ -31,13 +33,16 @@ PRIV_DATASTORE_AUDIT; pub const ROLE_DATASTORE_ADMIN: u64 = PRIV_DATASTORE_AUDIT | PRIV_DATASTORE_MODIFY | -PRIV_DATASTORE_ALLOCATE_SPACE; +PRIV_DATASTORE_CREATE_BACKUP | +PRIV_DATASTORE_READ | +PRIV_DATASTORE_PRUNE; pub const ROLE_DATASTORE_USER: u64 = -PRIV_DATASTORE_AUDIT | -PRIV_DATASTORE_ALLOCATE_SPACE; +PRIV_DATASTORE_CREATE_BACKUP; + +pub const ROLE_DATASTORE_AUDIT: u64 = +PRIV_DATASTORE_AUDIT; -pub const ROLE_DATASTORE_AUDIT: u64 = PRIV_DATASTORE_AUDIT; pub const ROLE_NAME_NO_ACCESS: &str ="NoAccess"; lazy_static! {