GUAC-1126: Document that active connection information may be missing. If a user is a non-admin, hide sensitive information about active connections.

2025-09-06 13:17:41 +00:00 · 2015-04-09 14:41:34 -07:00
parent f8714b735f
commit 4caddb9c29
4 changed files with 35 additions and 14 deletions
--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/activeconnection/ActiveConnectionService.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/activeconnection/ActiveConnectionService.java
@@ -83,6 +83,7 @@ public class ActiveConnectionService
    public Collection<TrackedActiveConnection> retrieveObjects(AuthenticatedUser user,
            Collection<String> identifiers) throws GuacamoleException {

+        boolean isAdmin = user.getUser().isAdministrator();
        Set<String> identifierSet = new HashSet<String>(identifiers);

        // Retrieve all visible connections (permissions enforced by tunnel service)
@@ -95,7 +96,7 @@ public class ActiveConnectionService
            // Add connection if within requested identifiers
            if (identifierSet.contains(record.getUUID().toString())) {
                TrackedActiveConnection activeConnection = trackedActiveConnectionProvider.get();
-                activeConnection.init(user, record);
+                activeConnection.init(user, record, isAdmin);
                activeConnections.add(activeConnection);
            }

--- a/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/activeconnection/TrackedActiveConnection.java
+++ b/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/glyptodon/guacamole/auth/jdbc/activeconnection/TrackedActiveConnection.java
@@ -69,26 +69,40 @@ public class TrackedActiveConnection extends RestrictedObject implements ActiveC

    /**
     * Initializes this TrackedActiveConnection, copying the data associated
-     * with the given active connection record.
+     * with the given active connection record. At a minimum, the identifier
+     * of this active connection will be set, the start date, and the
+     * identifier of the associated connection will be copied. If requested,
+     * sensitive information like the associated username will be copied, as
+     * well.
     *
     * @param currentUser
     *     The user that created or retrieved this object.
     *
     * @param activeConnectionRecord
     *     The active connection record to copy.
+     *
+     * @param includeSensitiveInformation
+     *     Whether sensitive data should be copied from the connection record
+     *     as well. This includes the remote host, associated tunnel, and
+     *     username.
     */
    public void init(AuthenticatedUser currentUser,
-            ActiveConnectionRecord activeConnectionRecord) {
+            ActiveConnectionRecord activeConnectionRecord,
+            boolean includeSensitiveInformation) {

        super.init(currentUser);
        
-        // Copy all data from given record
+        // Copy all non-sensitive data from given record
        this.connectionIdentifier = activeConnectionRecord.getConnection().getIdentifier();
        this.identifier           = activeConnectionRecord.getUUID().toString();
-        this.remoteHost           = activeConnectionRecord.getRemoteHost();
        this.startDate            = activeConnectionRecord.getStartDate();
-        this.tunnel               = activeConnectionRecord.getTunnel();
-        this.username             = activeConnectionRecord.getUsername();
+
+        // Include sensitive data, too, if requested
+        if (includeSensitiveInformation) {
+            this.remoteHost = activeConnectionRecord.getRemoteHost();
+            this.tunnel     = activeConnectionRecord.getTunnel();
+            this.username   = activeConnectionRecord.getUsername();
+        }

    }