improve sudo, not fixing existing bugs yet ref T68510 #242
Conversation
satang500
commented
May 16, 2017
satang500
commented
- only show sudo button to users who have access
- sudo should not require logging in again, but should still require confirmation
| } | ||
| if( inner != null && inner.isAdmin(user)) { | ||
| return true; | ||
| } else if (outer != null && outer.isAdmin(user)) { |
There was a problem hiding this comment.
There's no need for an "else if" since you are returning from the "if" above.
| @@ -111,6 +111,10 @@ public User authenticate(String username, String secret) { | |||
| return authentication.authenticate(username, secret); | |||
| } | |||
|
|
|||
| public boolean isamdin(User user) { | |||
There was a problem hiding this comment.
What @tedpearson meant is camel case isAdmin is the convention
There was a problem hiding this comment.
What i meant is that "amdin" is not a word.
hydra-web/src/js/app.js
Outdated
| } else { | ||
| alertify.error("Unknown token name " + tokenName); | ||
| return; | ||
| } | ||
| var username = $.trim(usernameInput.value); | ||
| var password = passwordInput.value; | ||
| passwordCache = passwordInput.value; |
There was a problem hiding this comment.
I would HIGHLY DISCOURAGE any attempt to save ldap passwords on the browser side. I recommend that we completely change our approach to something that does not involve the caching of passwords on the browser.
There was a problem hiding this comment.
You should be using a secure https only cookie that cannot be accessed by js and that gets refreshed on every request so that it doesn't expire unless there is a period of inactivity greater than the ttl.
There was a problem hiding this comment.
Ah, i see what this does. Yeah, caching in memory isn't great. It's visible in the call stack of anything in this require block.
There was a problem hiding this comment.
Thanks. This is a good PR. Most comments are related to coding styles and possible simplification. End user functionality appears to be working properly.
The only thing that I didn't see is that sudo should timeout automatically after a short period of time, e.g. 15 minutes.
Merging master into this PR would make review easier.
hydra-web/src/js/app.js
Outdated
| var token = Cookies.get("token"); | ||
| if(app.issudo(username, token)) { | ||
| app.sudoCb(false, true); | ||
| } |
There was a problem hiding this comment.
Why not move this block of code to the success handler of /update/settings a few lines below? They both use username and token cookies and handle sudo checkbox value and visibility.
hydra-web/src/js/app.js
Outdated
| @@ -111,6 +119,27 @@ function( | |||
| } | |||
| }); | |||
| }, | |||
| issudo: function(username, token) { | |||
There was a problem hiding this comment.
I'd rename this function to isadmin to match endpoint name
hydra-web/src/js/app.js
Outdated
| app.sudoCb(false, true); | ||
| } else { | ||
| app.sudoCb(false, false); | ||
| } |
There was a problem hiding this comment.
Instead of the explicit if/else, you can use response directly:
app.sudoCb(false, response == 'true')
or assign it to a variable called visible to make the code more self-documenting
hydra-web/src/js/app.js
Outdated
| data: { | ||
| username: username, | ||
| token: token, | ||
| sudo: Cookies.get("sudo"), |
There was a problem hiding this comment.
Remove the extra trailing ,
There was a problem hiding this comment.
nice catch. will remove.
hydra-web/src/js/app.js
Outdated
| sudo:function() { | ||
| var sudoUrl = app.authprefix() + "/authentication/sudo"; |
There was a problem hiding this comment.
Consider refactor this function - I feel the way it mixes username/token validation and unsudo makes it less readable than it can be.
| @@ -34,6 +35,7 @@ | |||
|
|
|||
| private static final Logger log = LoggerFactory.getLogger(PermissionsManager.class); | |||
|
|
|||
| @VisibleForTesting | |||
| @@ -111,6 +111,10 @@ public User authenticate(String username, String secret) { | |||
| return authentication.authenticate(username, secret); | |||
| } | |||
|
|
|||
| public boolean isamdin(User user) { | |||
There was a problem hiding this comment.
What @tedpearson meant is camel case isAdmin is the convention
| public User getUser(String username) { | ||
| User user = authentication.getUser(username); | ||
| return user; | ||
| } |
There was a problem hiding this comment.
return authentication.getUser(username);
| builder = Response.ok(Boolean.toString(false)); | ||
| } else { | ||
| builder = Response.ok(Boolean.toString(true)); | ||
| } |
There was a problem hiding this comment.
Just do:
builder = Response.ok(Boolean.toString(isadmin))
| builder.header("Access-Control-Allow-Origin", | ||
| "http://" + uriInfo.getAbsolutePath().getHost() + | ||
| ":" + configuration.webPort); | ||
| builder.header("Access-Control-Allow-Methods", "POST"); | ||
| return builder.build(); | ||
| } catch (Exception ex) { | ||
| log.warn("Internal error in sudo attempt for user {} with ssl {}", username, usingSSL, ex); | ||
| return Response.serverError().entity(ex.toString()).build(); | ||
| // TODO: don't show "Accept out https certificate" and hydra.png |
There was a problem hiding this comment.
mistakenly added will remove
|
Also please make sure any script that requires sudo privilege, such as fail-minion, still works. |
|
will keep the bug described in app.js as it is for now. |
|
New changes look good to me. You should merge master to this PR (and resolve the web build files conflict and regenerate them with webpack -p as part of the merge). |
