aheathershaw
/
blue-twilight
1
0
Çatalla 0
Kod Konular 32 Değişiklik İstekleri Sürüm 15 Wiki Aktivite

Enable public statistics gives guest users full access to private albums #71

Yeni Konu
Kapalı
aheathershaw tarafından 2018-07-28 23:33:08 +01:00 açıldı · 8 yorum
aheathershaw 2018-07-28 23:33:08 +01:00 yorum yaptı
Sahibi
Bağlantıyı Kopyala

LNT00:

Steps:

  1. Set an album as private, only available for users
  2. Create a sub-album inside the first one.
  3. Enable statistics.
  4. While not logged in, open mydomain/statistics
  5. Albums is also available, and can be opened by guest users.

Note: Statistics is not displayed when not logged in, but can be opened with direct link. Also, seems this is an issue with permissions, only sub-albums are available, main albums that were set as private are not available, so it's probably a permission inheritance issue.

[LNT00](https://github.com/LNT00): Steps: 1. Set an album as private, only available for users 2. Create a sub-album inside the first one. 2. Enable statistics. 3. While not logged in, open mydomain/statistics 4. Albums is also available, and can be opened by guest users. Note: Statistics is not displayed when not logged in, but can be opened with direct link. Also, seems this is an issue with permissions, only sub-albums are available, main albums that were set as private are not available, so it's probably a permission inheritance issue.
aheathershaw 2018-07-28 23:33:08 +01:00 Version 2.2.0-beta.1 kilometre taşına ekledi
aheathershaw 2018-07-28 23:33:08 +01:00 kendini atadı
aheathershaw
enhancement
 etiketini 2018-07-28 23:33:08 +01:00 ekledi
aheathershaw 2018-07-28 23:33:42 +01:00 yorum yaptı
Yazar
Sahibi
Bağlantıyı Kopyala

Permissions do not inherit, therefore yes, if a user has access to a child album but not the parent, as far as the system is concerned, they still have access to the child unless you’ve told it otherwise.

If we inherited permissions and you moved a child album from a parent that a user didn’t have permission to, into one they do, you could be inadvertently allowing access to a previously-disallowed album without realising it.

Permissions do not inherit, therefore yes, if a user has access to a child album but not the parent, as far as the system is concerned, they still have access to the child unless you’ve told it otherwise. If we inherited permissions and you moved a child album from a parent that a user didn’t have permission to, into one they do, you could be inadvertently allowing access to a previously-disallowed album without realising it.
aheathershaw 2018-07-28 23:34:12 +01:00 yorum yaptı
Yazar
Sahibi
Bağlantıyı Kopyala

LNT00:

Permissions should be inherited by default. If a user decides to allow access to a child album, then he assumes the action.

When you move a child album from a parent without permissions to a parent with permissions, then you accept that it will inherit the parent. If you still don't want to allow access to it, you can set it's own permission.

Issue came up from my own case, where i created parent albums without permissions, and i assume that everything i add inside will have the same restrictions. Otherwise, i will have to set permissions to each album i create, which i think is very time consuming. In my case i have about 10 parent albums, and 300+ child albums, for which i didn't set individual permissions.

As a workaround, i would suggest at least give the option to automatically set permissions to all content inside an album, or just the edited one.

[LNT00](https://github.com/LNT00): Permissions should be inherited by default. If a user decides to allow access to a child album, then he assumes the action. When you move a child album from a parent without permissions to a parent with permissions, then you accept that it will inherit the parent. If you still don't want to allow access to it, you can set it's own permission. Issue came up from my own case, where i created parent albums without permissions, and i assume that everything i add inside will have the same restrictions. Otherwise, i will have to set permissions to each album i create, which i think is very time consuming. In my case i have about 10 parent albums, and 300+ child albums, for which i didn't set individual permissions. As a workaround, i would suggest at least give the option to automatically set permissions to all content inside an album, or just the edited one.
aheathershaw 2018-07-28 23:34:22 +01:00 yorum yaptı
Yazar
Sahibi
Bağlantıyı Kopyala

I understand but I’m just saying it doesn’t work like that at the moment.

I will introduce a “inherit” option that works like Windows folder permissions for child albums but it will increase complexity of the code, particularly the statistics, so it isn’t going to be an immediate change - there are other things I would like to do first.

I understand but I’m just saying it doesn’t work like that at the moment. I will introduce a “inherit” option that works like Windows folder permissions for child albums but it will increase complexity of the code, particularly the statistics, so it isn’t going to be an immediate change - there are other things I would like to do first.
aheathershaw 2018-07-28 23:35:12 +01:00 yorum yaptı
Yazar
Sahibi
Bağlantıyı Kopyala

Migrated from https://github.com/andysh-uk/blue-twilight/issues/71

Migrated from https://github.com/andysh-uk/blue-twilight/issues/71
aheathershaw 2018-09-14 07:43:31 +01:00 yorum yaptı
Yazar
Sahibi
Bağlantıyı Kopyala

I've been thinking about this a bit more, and due to the complexity of the logic, it needs to be implemented in code.

This could be cached in the database in a similar way to how we cache disk usage in Blue Twilight Cloud (e.g. a flag indicating the permission cache is dirty.)

The cache will need to be dirtied when the following is true:

  • a new user is added - not needed as groups don't change until a user is edited
  • a user's group memberships are changed
  • a user is deleted (not really dirtied, just rely on a FK to delete the associated record)
  • a new album is created
  • an album's parent is changed
  • an album's permissions are changed
  • an album is deleted (not really dirtied, just rely on a FK to delete the associated record)

Also we should add a button to the Settings screen that allows an administrator to rebuild the permissions cache.

I've been thinking about this a bit more, and due to the complexity of the logic, it needs to be implemented in code. This could be cached in the database in a similar way to how we cache disk usage in Blue Twilight Cloud (e.g. a flag indicating the permission cache is dirty.) The cache will need to be dirtied when the following is true: - [x] ~~a new user is added~~ - not needed as groups don't change until a user is edited - [x] a user's group memberships are changed - [x] a user is deleted (not really dirtied, just rely on a FK to delete the associated record) - [x] a new album is created - [x] an album's parent is changed - [x] an album's permissions are changed - [x] an album is deleted (not really dirtied, just rely on a FK to delete the associated record) Also we should add a button to the Settings screen that allows an administrator to rebuild the permissions cache.
aheathershaw
wip
 etiketini 2018-09-14 18:28:11 +01:00 ekledi
aheathershaw 2018-09-16 22:14:49 +01:00 yorum yaptı
Yazar
Sahibi
Bağlantıyı Kopyala

Subject to testing, this is now complete.

Subject to testing, this is now complete.
aheathershaw
wip
 etiketini 2018-09-16 22:14:54 +01:00 sildi
aheathershaw 2018-10-10 19:17:57 +01:00 yorum yaptı
Yazar
Sahibi
Bağlantıyı Kopyala

Re-opening this as unless a user is specifically granted permissions via their groups, they cannot see albums that even an anonymous user can!

Therefore every user should inherit the same permissions as anonymous users.

This means we do need to rebuild the cache when a new user is activated or created.

Re-opening this as unless a user is specifically granted permissions via their groups, they cannot see albums that even an anonymous user can! Therefore every user should inherit the same permissions as anonymous users. This means we do need to rebuild the cache when a new user is activated or created.
aheathershaw 2018-10-10 19:17:57 +01:00 konusunu yeniden açtı
aheathershaw 2018-11-18 21:38:23 +00:00 yorum yaptı
Yazar
Sahibi
Bağlantıyı Kopyala

I've implemented this by doing an additional security check against anonymous users first - if that passes, it applies to logged-in users as well, otherwise it falls back to checking a specific user.

I've implemented this by doing an additional security check against anonymous users first - if that passes, it applies to logged-in users as well, otherwise it falls back to checking a specific user.
Bu konuşmaya katılmak için oturum aç.
Bölüm/Etiket Belirtilmedi
Dal Etiket
main
v2.2
v2.1
v2.0
v2.2.0-beta.1
v2.1.2
v2.1.1
v2.1.1-beta
v2.1.0
v2.1.0-beta.4
v2.1.0-beta.3
v2.1.0-beta.2
v2.1.0-beta.1
v2.0.2
v2.0.1
v2.0.0
v2.0.0-beta.4
v2.0.0-beta.3
v2.0.0-beta.2
1.1.2
Etiketler
Etiketleri temizle   
bug

   
enhancement

   
feature

   
invalid

   
task

   
wip
Etiket Yok
bug
enhancement
feature
invalid
task
wip
Kilometre Taşı
Kilometre Taşlarını Temizle
Öge yok
Kilometre Taşı Yok
Version 2.2.0-beta.1
Atananlar
Atamaları Temizle
Atanan Kişi Yok
aheathershaw
1 Katılımcı
Bildirimler
Bitiş Tarihi
Bitiş tarihi geçersiz veya aralık dışında. Lütfen 'yyyy-aa-gg' biçimini kullanın.

Bitiş tarihi atanmadı.

Bağımlılıklar

Bağımlılık yok.

Referans: aheathershaw/blue-twilight#71
Herhangi bir açıklama sağlanmadı.
"%!s(<nil>)" Dalını Sil

Bir dalı silmek kalıcıdır. Her ne kadar silinen dal tamamen kaldırılana kadar çok kısa bir süre yaşamını sürdürse de, çoğu durumda bu işlem GERİ ALINAMAZ. Devam edilsin mi?