Influxdata
/
influxdb
mirror of https://github.com/influxdata/influxdb.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
influxdb/authorizer
History
Sam Arnold e5ccbb8831
fix: forbid reading OSS buckets for a token with only write permissions (#23148) 
* fix: forbid reading OSS buckets for a token with only write permissions

We previously enabled write tokens to also find DBRP buckets, in order to allow
the legacy /write (not /api/v2/write) endpoint to read the DBRP mappings and
find the real bucket id to write to.

This had the unintended consequency of allowing tokens with only write permissions
to read data in buckets via the legacy /query (not /api/v2/query) endpoint with
InfluxQL.

This change fixes the behaviour to allow writing to /write with a write-only
token, while forbidding reading from /query.

* fix: nanosecond precision in tests
 		2022-02-24 09:59:14 -05:00
..
agent.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
agent_test.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
annotation.go feat(annotations): authorization service (#21665) 2021-06-11 17:39:51 -04:00
annotation_test.go feat(annotations): authorization service (#21665) 2021-06-11 17:39:51 -04:00
auth.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
auth_test.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
authorize.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
authorize_find.go fix: forbid reading OSS buckets for a token with only write permissions (#23148) 2022-02-24 09:59:14 -05:00
backup.go refactor: rename Lock/Unlock on KV stores to RLock/RUnlock (#22357) 2021-08-31 17:03:54 -04:00
bucket.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
bucket_test.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
check.go refactor: refactor for tasks backport (#21117) 2021-04-07 14:42:55 -04:00
check_test.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
dashboard.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
dashboard_test.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
document.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
label.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
label_test.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
notebook.go feat(notebooks): additional auth filter for listing (#21699) 2021-06-16 09:02:40 -04:00
notebook_test.go feat(annotations): authorization service (#21665) 2021-06-11 17:39:51 -04:00
notification_endpoint.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
notification_endpoint_test.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
notification_rule.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
notification_rule_test.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
org.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
org_test.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
password.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
password_test.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
restore.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
scraper.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
scraper_test.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
secret.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
secret_test.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
source.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
source_test.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
sql_backup_restore.go refactor: rename Lock/Unlock on KV stores to RLock/RUnlock (#22357) 2021-08-31 17:03:54 -04:00
sql_backup_restore_test.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
task.go refactor: refactor for tasks backport (#21117) 2021-04-07 14:42:55 -04:00
task_test.go refactor: refactor for tasks backport (#21117) 2021-04-07 14:42:55 -04:00
telegraf.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
telegraf_test.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
urm.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
urm_test.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
user.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
user_test.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
variable.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00
variable_test.go fix: more expressive errors (#22448) 2021-09-13 15:12:35 -04:00