| Issue 1588: | Security with draft patch sets over anonymous HTTP | |
| 2 people starred this issue and may be notified of changes. | Back to list |
************************************************************ ***** NOTE: THIS BUG TRACKER IS FOR GERRIT CODE REVIEW ***** ***** DO NOT SUBMIT BUGS FOR CHROME, ANDROID, INTERNAL ***** ***** ISSUES WITH YOUR COMPANY'S GERRIT SETUP, ETC. ***** ***** THOSE ISSUE BELONG IN DIFFERENT ISSUE TRACKERS! ***** ************************************************************ Affected Version: What steps will reproduce the problem? 1. Create a draft patchset, available at refs/changes/yz/wxyz on project foo.git 2. git ls-remote http://gerrit.fqdn/p/foo.git | grep refs/changes/yz/wxyz 3. git fetch http://gerrit.fqdn/p/foo.git refs/changes/yz/wxyz What is the expected output? What do you see instead? Expected that the git over HTTP access should align with the web page that anonymous users are shown. Please provide any additional information below. Currently, if an anonymous user passes the allRefsAreVisible() method on the ProjectControl class then they can see everything. This method only takes into account the READ permission and not draft status. If that function fails, then a VisibleRefFilter class is instantiated to filter out what the user can see. This filter calls that same method, but as it returned false before, it will do the same now. It then finds all the visible changes for that project (taking into account the draft status). This means that to enforce drafts when the anonymous user has READ permissions on the entire project, the allRefsAreVisible() method needs to take into account the actual patch status of the ref. I have a partial solution to this, with a few issues but am happy to submit it to whereever you want it to get feedback.
Sep 27, 2012
#1
sop@google.com
Status:
WontFix
Sep 27, 2012
Ah, I'm sure I tried that, but now that I did that works fine. Sorry for inconvenience :D |
|
| ► Sign in to add a comment |