safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 05:07:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUACAMOLE-5: Include the sensitive information of an active connection if the current user started that active connection.

Browse Source
This commit is contained in:
Michael Jumper
2016-07-25 14:20:03 -07:00
parent a5af6c00d2
commit 8fad01c65c
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/activeconnection/ActiveConnectionService.java
View File

@@ -80,6 +80,7 @@ public class ActiveConnectionService
public Collection<TrackedActiveConnection> retrieveObjects(AuthenticatedUser user,
Collection<String> identifiers) throws GuacamoleException {
String username = user.getIdentifier();
boolean isAdmin = user.getUser().isAdministrator();
Set<String> identifierSet = new HashSet<String>(identifiers);
@@ -90,10 +91,15 @@ public class ActiveConnectionService
Collection<TrackedActiveConnection> activeConnections = new ArrayList<TrackedActiveConnection>(identifiers.size());
for (ActiveConnectionRecord record : records) {
// Sensitive information should be included if the connection was
// started by the current user OR the user is an admin
boolean includeSensitiveInformation =
isAdmin || username.equals(record.getUsername());
// Add connection if within requested identifiers
if (identifierSet.contains(record.getUUID().toString())) {
TrackedActiveConnection activeConnection = trackedActiveConnectionProvider.get();
activeConnection.init(user, record, isAdmin);
activeConnection.init(user, record, includeSensitiveInformation);
activeConnections.add(activeConnection);
}