Mercurial > p > roundup > code
comparison roundup/admin.py @ 5232:462b0f76fce8
issue2550864 - Potential information leakage via journal/history
Fix this by making the hyperdb::Class::history function check for view
permissions on the journaled properties. So a user that sees [hidden]
for a property in the web interface doesn;t see the property changes
in the history.
While doing this, relocated the filter for quiet properties
from the templating class to the hyperdb.
Also added the skipquiet option to the history command in
roundup-admin.py to enable filtering of quiet params.
Also changed calls to history() in the backend databases to report all
items.
Changed inline documentation for all history calls that document the
actions. The create action (before nov 6 2002) used to record all
parameters. After that point the create call uses an empty dictionary.
The filtering code depends on the create dictionary being empty.
It may not operate properly on very old roundup databases.
Changed calls to logging.getLogger to roundup.hyperdb.backends to
allow filtering the back end while keeping hyperdb logging.
In cgi/templating.py, changed history() function consolidating
handiling of link and unlink actions
Added tests for quiet property filtering and permission filtering
of history.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Fri, 14 Apr 2017 23:24:18 -0400 |
| parents | 62a88d69ac52 |
| children | bc16d91b7a50 |
comparison
equal
deleted
inserted
replaced
| 5231:8743b7226dc7 | 5232:462b0f76fce8 |
|---|---|
| 1010 l.append(f%value[:width]) | 1010 l.append(f%value[:width]) |
| 1011 print ' '.join(l) | 1011 print ' '.join(l) |
| 1012 return 0 | 1012 return 0 |
| 1013 | 1013 |
| 1014 def do_history(self, args): | 1014 def do_history(self, args): |
| 1015 ''"""Usage: history designator | 1015 ''"""Usage: history designator [skipquiet] |
| 1016 Show the history entries of a designator. | 1016 Show the history entries of a designator. |
| 1017 | 1017 |
| 1018 A designator is a classname and a nodeid concatenated, | 1018 A designator is a classname and a nodeid concatenated, |
| 1019 eg. bug1, user10, ... | 1019 eg. bug1, user10, ... |
| 1020 | 1020 |
| 1021 Lists the journal entries for the node identified by the designator. | 1021 Lists the journal entries viewable by the user for the |
| 1022 """ | 1022 node identified by the designator. If skipquiet is the |
| 1023 second argument, journal entries for quiet properties | |
| 1024 are not shown. | |
| 1025 """ | |
| 1026 | |
| 1023 if len(args) < 1: | 1027 if len(args) < 1: |
| 1024 raise UsageError(_('Not enough arguments supplied')) | 1028 raise UsageError(_('Not enough arguments supplied')) |
| 1025 try: | 1029 try: |
| 1026 classname, nodeid = hyperdb.splitDesignator(args[0]) | 1030 classname, nodeid = hyperdb.splitDesignator(args[0]) |
| 1027 except hyperdb.DesignatorError, message: | 1031 except hyperdb.DesignatorError, message: |
| 1028 raise UsageError(message) | 1032 raise UsageError(message) |
| 1029 | 1033 |
| 1034 skipquiet = False | |
| 1035 if len(args) == 2: | |
| 1036 if args[1] != 'skipquiet': | |
| 1037 raise UsageError("Second argument is not skipquiet") | |
| 1038 skipquiet = True | |
| 1039 | |
| 1030 try: | 1040 try: |
| 1031 print self.db.getclass(classname).history(nodeid) | 1041 print self.db.getclass(classname).history(nodeid, |
| 1042 skipquiet=skipquiet) | |
| 1032 except KeyError: | 1043 except KeyError: |
| 1033 raise UsageError(_('no such class "%(classname)s"')%locals()) | 1044 raise UsageError(_('no such class "%(classname)s"')%locals()) |
| 1034 except IndexError: | 1045 except IndexError: |
| 1035 raise UsageError(_('no such %(classname)s node ' | 1046 raise UsageError(_('no such %(classname)s node ' |
| 1036 '"%(nodeid)s"')%locals()) | 1047 '"%(nodeid)s"')%locals()) |