GUAC-1001: Treat queries with empty permission filter lists as unfiltered.

2025-09-07 05:31:22 +00:00 · 2015-01-22 16:37:25 -08:00
parent adc745da43
commit 0893493893
2 changed files with 12 additions and 4 deletions
--- a/guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/connectiongroup/ConnectionGroupRESTService.java
+++ b/guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/connectiongroup/ConnectionGroupRESTService.java
@@ -297,10 +297,10 @@ public class ConnectionGroupRESTService {
     *     The ID of the connection group to retrieve.
     *
     * @param permissions
-     *     If specified, limit the returned list to only those connections for
-     *     which the current user has any of the given permissions. Otherwise, 
-     *     all visible connections are returned. Connection groups are 
-     *     unaffected by this parameter.
+     *     If specified and non-empty, limit the returned list to only those
+     *     connections for which the current user has any of the given
+     *     permissions. Otherwise, all visible connections are returned.
+     *     Connection groups are unaffected by this parameter.
     * 
     * @return
     *     The requested connection group, including all descendants.
@@ -319,6 +319,10 @@ public class ConnectionGroupRESTService {

        UserContext userContext = authenticationService.getUserContext(authToken);

+        // Do not filter on permissions if no permissions are specified
+        if (permissions != null && permissions.isEmpty())
+            permissions = null;
+        
        // Retrieve requested connection group and all descendants
        APIConnectionGroup connectionGroup = retrieveConnectionGroup(userContext, connectionGroupID, true, permissions);
        if (connectionGroup == null)
--- a/guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/user/UserRESTService.java
+++ b/guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/user/UserRESTService.java
@@ -176,6 +176,10 @@ public class UserRESTService {
        UserContext userContext = authenticationService.getUserContext(authToken);
        User self = userContext.self();
        
+        // Do not filter on permissions if no permissions are specified
+        if (permissions != null && permissions.isEmpty())
+            permissions = null;
+
        // An admin user has access to any user
        boolean isAdmin = self.hasPermission(new SystemPermission(SystemPermission.Type.ADMINISTER));