safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 13:17:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUAC-995 Connection permission filter should take admin permission into account when filtering connection list.

Browse Source
This commit is contained in:
James Muehlner
2015-01-12 22:24:46 -08:00
parent 9181706784
commit cdc0581a1a
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/connectiongroup/ConnectionGroupRESTService.java
View File

@@ -45,6 +45,7 @@ import org.glyptodon.guacamole.net.auth.User;
import org.glyptodon.guacamole.net.auth.UserContext; import org.glyptodon.guacamole.net.auth.UserContext;
import org.glyptodon.guacamole.net.auth.permission.ConnectionPermission; import org.glyptodon.guacamole.net.auth.permission.ConnectionPermission;
import org.glyptodon.guacamole.net.auth.permission.ObjectPermission; import org.glyptodon.guacamole.net.auth.permission.ObjectPermission;
import org.glyptodon.guacamole.net.auth.permission.SystemPermission;
import org.glyptodon.guacamole.net.basic.rest.AuthProviderRESTExposure; import org.glyptodon.guacamole.net.basic.rest.AuthProviderRESTExposure;
import org.glyptodon.guacamole.net.basic.rest.ObjectRetrievalService; import org.glyptodon.guacamole.net.basic.rest.ObjectRetrievalService;
import org.glyptodon.guacamole.net.basic.rest.auth.AuthenticationService; import org.glyptodon.guacamole.net.basic.rest.auth.AuthenticationService;
@@ -111,6 +112,9 @@ public class ConnectionGroupRESTService {
throws GuacamoleException { throws GuacamoleException {
User self = userContext.self(); User self = userContext.self();
// An admin user has access to any connection or connection group
boolean isAdmin = self.hasPermission(new SystemPermission(SystemPermission.Type.ADMINISTER));
// Retrieve specified connection group // Retrieve specified connection group
ConnectionGroup connectionGroup; ConnectionGroup connectionGroup;
@@ -139,7 +143,7 @@ public class ConnectionGroupRESTService {
continue; continue;
// Filter based on permission, if requested // Filter based on permission, if requested
if (permission == null || self.hasPermission(new ConnectionPermission(permission, childIdentifier))) if (isAdmin || permission == null || self.hasPermission(new ConnectionPermission(permission, childIdentifier)))
apiConnections.add(new APIConnection(childConnection)); apiConnections.add(new APIConnection(childConnection));
} }