[go: nahoru, domu]
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[backend] fix user capabilities check for notification (#7109) #7130

Merged
merged 7 commits into from
May 31, 2024
Merged

[backend] fix user capabilities check for notification (#7109) #7130

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
a3ce2a8
[backend] fix user capabilities check for notification (#7109)
marieflorescontact May 27, 2024
8645869
[backend] remove constant and add Todo
marieflorescontact May 30, 2024
8fa95fb
[backend] fix Opinion and Note capability check
marieflorescontact May 30, 2024
75fb568
[backend] fix Opinion and Note capability check
marieflorescontact May 30, 2024
5bb1622
[backend] fix Opinion and Note capability check
marieflorescontact May 30, 2024
844ba6c
[backend] use isUserHasCapability
marieflorescontact May 30, 2024
c033049
[backend] use isUserHasCapability
marieflorescontact May 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
[backend] fix user capabilities check for notification (#7109)
  • Loading branch information
@marieflorescontact
marieflorescontact committed May 30, 2024
commit a3ce2a8bdd5872126ea3fca8b8814b19ee817cd6
6 changes: 3 additions & 3 deletions opencti-platform/opencti-graphql/src/domain/backgroundTask-common.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
import { generateInternalId, generateStandardId } from '../schema/identifier';
import { ENTITY_TYPE_BACKGROUND_TASK } from '../schema/internalObject';
import { now } from '../utils/format';
import { BYPASS, MEMBER_ACCESS_RIGHT_ADMIN, SETTINGS_SET_ACCESSES } from '../utils/access';
import { BYPASS, MEMBER_ACCESS_RIGHT_ADMIN, SETACCESSES, SETTINGS_SET_ACCESSES } from '../utils/access';
import { isKnowledge, KNOWLEDGE_DELETE, KNOWLEDGE_UPDATE } from '../schema/general';
import { ForbiddenAccess, UnsupportedError } from '../config/errors';
import { elIndex } from '../database/engine';
Expand Down Expand Up @@ -88,7 +88,7 @@
const isUserData = userFilters.length > 0
&& userFilters[0].values.length === 1
&& userFilters[0].values[0] === user.id;
const isAuthorized = userCapabilities.includes(BYPASS) || userCapabilities.includes(SETTINGS_SET_ACCESSES) || isUserData;
const isAuthorized = userCapabilities.includes(BYPASS) || userCapabilities.includes(SETACCESSES) || isUserData;

Check warning on line 91 in opencti-platform/opencti-graphql/src/domain/backgroundTask-common.js

View check run for this annotation

Codecov / codecov/patch

opencti-platform/opencti-graphql/src/domain/backgroundTask-common.js#L91 

Added line #L91 was not covered by tests
if (!isAuthorized) {
throw ForbiddenAccess();
}
Expand All @@ -100,7 +100,7 @@
}
const notificationsUsers = uniq(objects.map((o) => o.user_id));
const isUserData = notificationsUsers.length === 1 && notificationsUsers.includes(user.id);
const isAuthorized = userCapabilities.includes(BYPASS) || userCapabilities.includes(SETTINGS_SET_ACCESSES) || isUserData;
const isAuthorized = userCapabilities.includes(BYPASS) || userCapabilities.includes(SETACCESSES) || isUserData;

Check warning on line 103 in opencti-platform/opencti-graphql/src/domain/backgroundTask-common.js

View check run for this annotation

Codecov / codecov/patch

opencti-platform/opencti-graphql/src/domain/backgroundTask-common.js#L103 

Added line #L103 was not covered by tests
if (!isAuthorized) {
throw ForbiddenAccess();
}
Expand Down
1 change: 1 addition & 0 deletions opencti-platform/opencti-graphql/src/utils/access.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ export const TAXIIAPI_SETCSVMAPPERS = 'TAXIIAPI_SETCSVMAPPERS';
export const KNOWLEDGE = 'KNOWLEDGE';
export const KNOWLEDGE_ORGANIZATION_RESTRICT = 'KNOWLEDGE_KNUPDATE_KNORGARESTRICT';
export const SETTINGS = 'SETTINGS';
export const SETACCESSES = 'SETACCESSES';
export const VIRTUAL_ORGANIZATION_ADMIN = 'VIRTUAL_ORGANIZATION_ADMIN';

export const ROLE_DEFAULT = 'Default';
Expand Down