From 487ed2d5141f08f85539b4cd7b57b91f0e383132 Mon Sep 17 00:00:00 2001
From: Graham Dumpleton <Graham.Dumpleton@gmail.com>
Date: Thu, 17 Nov 2022 13:51:06 +1100
Subject: [PATCH] Pass all volume mount types through for now until work out
 what to restrict.

---
 session-manager/handlers/workshopsession.py | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/session-manager/handlers/workshopsession.py b/session-manager/handlers/workshopsession.py
index 8e781079..10e7f86e 100644
--- a/session-manager/handlers/workshopsession.py
+++ b/session-manager/handlers/workshopsession.py
@@ -1849,9 +1849,10 @@ def _apply_environment_patch(patch):
         resource_objects = [docker_persistent_volume_claim]
 
         if docker_compose:
-            # Only allow volume mounts and not bind mounts. Where a volume
-            # mount references the named volume "workshop" convert that to a
-            # bind mount of workshop home directory.
+            # Where a volume mount references the named volume "workshop"
+            # convert that to a bind mount of workshop home directory. We
+            # should probably block certain types of mounts but allow
+            # everything for now.
 
             docker_compose_services = xget(docker_compose, "services", {})
 
@@ -1870,6 +1871,8 @@ def _apply_environment_patch(patch):
                             )
                         else:
                             docker_compose_service_volumes.append(volume_details)
+                    else:
+                        docker_compose_service_volumes.append(volume_details)
 
                 docker_compose_service["volumes"] = docker_compose_service_volumes