Skip to content

Commit

Permalink
Merge pull request #4375 from bruntib/fix_product_permissions
Browse files Browse the repository at this point in the history
[fix] Get product configuration with view permission
  • Loading branch information
dkrupp authored Oct 25, 2024
2 parents 91b729c + 76e8245 commit 1e9f8f0
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 1 deletion.
6 changes: 5 additions & 1 deletion web/server/codechecker_server/api/product_server.py
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,8 @@ def __require_permission(self, required, args=None):
with DBSession(self.__session) as session:
if args is None:
args = dict(self.__permission_args)

if 'config_db_session' not in args:
args['config_db_session'] = session

# Anonymous access is only allowed if authentication is
Expand Down Expand Up @@ -254,7 +256,9 @@ def getProductConfiguration(self, product_id):
Get the product configuration --- WITHOUT THE DB PASSWORD --- of the
given product.
"""
self.__require_permission([permissions.PRODUCT_VIEW])
self.__require_permission([permissions.PRODUCT_VIEW], {
'productID': product_id
})

with DBSession(self.__session) as session:
product = session.query(Product).get(product_id)
Expand Down
1 change: 1 addition & 0 deletions web/tests/functional/products/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,7 @@ def setup_class_common(workspace_name):

# Export the test configuration to the workspace.
env.export_test_cfg(TEST_WORKSPACE, test_config)
env.enable_auth(TEST_WORKSPACE)


def teardown_class_common():
Expand Down
13 changes: 13 additions & 0 deletions web/tests/functional/products/test_products.py
Original file line number Diff line number Diff line change
Expand Up @@ -181,6 +181,19 @@ def test_get_product_data(self):
Confidentiality.CONFIDENTIAL,
"Default Confidentiality was not Confidential")

def test_get_product_config_auth_server(self):
"""
Test if product configuration can be retrieved from an authenticated
server.
"""
pr_client = env.setup_product_client(
self.test_workspace, product=self.product_name)
product_id = pr_client.getCurrentProduct().id

pr_client = env.setup_product_client(self.test_workspace)
pr_config = pr_client.getProductConfiguration(product_id)
self.assertIsNotNone(pr_config)

def test_editing(self):
"""
Test editing the product details (without reconnecting it).
Expand Down

0 comments on commit 1e9f8f0

Please sign in to comment.