From 8bef1ed4fd42d6840f6581333fe8a9ed9d893202 Mon Sep 17 00:00:00 2001 From: Timur Sufiev Date: Wed, 26 Nov 2014 13:11:27 +0300 Subject: [PATCH] Prevent leaking `target` info into subsequent `policy.check()` calls Due to mutable dictionary being used as the default `target` argument value the first target calculated from scratch in POLICY_CHECK function will be used for all subsequent calls to POLICY_CHECK with 2 arguments. The wrong `target` can either lead to a reduced set of operations on an entity for a given user, or to enlarged one. The latter case poses a security breach from an cloud operators' point of view. Change-Id: I744fac28de0fb7060b50c5db689e74631a628c88 Closes-Bug: #1396544 --- openstack_dashboard/policy.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/openstack_dashboard/policy.py b/openstack_dashboard/policy.py index f0ddb56..b192019 100644 --- a/openstack_dashboard/policy.py +++ b/openstack_dashboard/policy.py @@ -61,7 +61,7 @@ def reset(): _ENFORCER = None -def check(actions, request, target={}): +def check(actions, request, target=None): """Check user permission. Check if the user has permission to the action according @@ -98,6 +98,8 @@ def check(actions, request, target={}): {'project_id': object.project_id} :returns: boolean if the user has permission or not for the actions. """ + if target is None: + target = {} user = auth_utils.get_user(request) # Several service policy engines default to a project id check for -- 1.9.1