diff --git a/esp/services/ws_fileio/ws_fileioservice.cpp b/esp/services/ws_fileio/ws_fileioservice.cpp index 77a2f7aa482..f99b4df3f67 100644 --- a/esp/services/ws_fileio/ws_fileioservice.cpp +++ b/esp/services/ws_fileio/ws_fileioservice.cpp @@ -35,46 +35,6 @@ void CWsFileIOEx::init(IPropertyTree *cfg, const char *process, const char *serv tpWrapper.getTpDropZones(9999, nullptr, false, allTpDropZones); //version 9999: get the latest information about dropzone } -void CWsFileIOEx::validateDropZoneAccess(IEspContext &context, const char *targetDZNameOrHost, const char *hostReq, SecAccessFlags permissionReq, - const char *fileNameWithRelPath, CDfsLogicalFileName &dlfn) -{ - if (containsRelPaths(fileNameWithRelPath)) //Detect a path like: a/../../../f - throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "Invalid file path %s", fileNameWithRelPath); - - Owned dropZone = getDropZonePlane(targetDZNameOrHost); - if (!dropZone) //The targetDZNameOrHost could be a dropzone host. - { - dropZone.setown(findDropZonePlane(nullptr, targetDZNameOrHost, true, true)); - } - else if (!isEmptyString(hostReq)) - { - if (!isHostInPlane(dropZone, hostReq, true)) - throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "Host %s is not valid DropZone plane %s", hostReq, targetDZNameOrHost); - } - - //make sure a relative dropzone path - StringBuffer s; - const char* prefix = dropZone->queryProp("@prefix"); - if (hasPrefix(fileNameWithRelPath, prefix, true)) - { - const char* p = fileNameWithRelPath + strlen(prefix); - if (!*p || !isPathSepChar(p[0])) - addPathSepChar(s); - s.append(p); - fileNameWithRelPath = s.str(); - } - - const char *dropZoneName = dropZone->queryProp("@name"); - dlfn.setPlaneExternal(dropZoneName, fileNameWithRelPath); - - Owned userDesc = createUserDescriptor(); - userDesc->set(context.queryUserId(), context.queryPassword(), context.querySignature()); - SecAccessFlags permission = queryDistributedFileDirectory().getDLFNPermissions(dlfn, userDesc); - if (permission < permissionReq) - throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "Access DropZone Scope %s %s not allowed for user %s (permission:%s). %s Access Required.", - dropZoneName, fileNameWithRelPath, context.queryUserId(), getSecAccessFlagName(permission), getSecAccessFlagName(permissionReq)); -} - bool CWsFileIOEx::onCreateFile(IEspContext &context, IEspCreateFileRequest &req, IEspCreateFileResponse &resp) { context.ensureFeatureAccess(FILE_IO_URL, SecAccess_Write, ECLWATCH_ACCESS_TO_FILE_DENIED, "WsFileIO::CreateFile: Permission denied"); diff --git a/esp/services/ws_fileio/ws_fileioservice.hpp b/esp/services/ws_fileio/ws_fileioservice.hpp index 5c8b02de8e4..196861f8c01 100644 --- a/esp/services/ws_fileio/ws_fileioservice.hpp +++ b/esp/services/ws_fileio/ws_fileioservice.hpp @@ -45,10 +45,6 @@ class CWsFileIOEx : public CWsFileIO virtual bool onCreateFile(IEspContext &context, IEspCreateFileRequest &req, IEspCreateFileResponse &resp); virtual bool onWriteFileData(IEspContext &context, IEspWriteFileDataRequest &req, IEspWriteFileDataResponse &resp); virtual bool onReadFileData(IEspContext &context, IEspReadFileDataRequest &req, IEspReadFileDataResponse &resp); - -protected: - void validateDropZoneAccess(IEspContext &context, const char *targetDZNameOrHost, const char *hostReq, - SecAccessFlags permissionReq, const char *fileNameWithRelPath, CDfsLogicalFileName &dlfn); }; #endif //_ESPWIZ_WsFileIO_HPP__ diff --git a/esp/services/ws_fs/ws_fsBinding.cpp b/esp/services/ws_fs/ws_fsBinding.cpp index 013bf543d51..68d7af88590 100644 --- a/esp/services/ws_fs/ws_fsBinding.cpp +++ b/esp/services/ws_fs/ws_fsBinding.cpp @@ -400,7 +400,7 @@ int CFileSpraySoapBindingEx::downloadFile(IEspContext &context, CHttpRequest* re request->getParameter("Name", nameStr); request->getParameter("DropZoneName", dropZoneName); - SecAccessFlags permission = getDropZoneScopePermissions(context, dropZoneName, pathStr, netAddressStr); + SecAccessFlags permission = getDZPathScopePermissions(context, dropZoneName, pathStr, netAddressStr); if (permission < SecAccess_Read) throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "Access DropZone Scope %s %s %s not allowed for user %s (permission:%s). Read Access Required.", dropZoneName.str(), netAddressStr.str(), pathStr.str(), context.queryUserId(), getSecAccessFlagName(permission)); @@ -490,7 +490,7 @@ int CFileSpraySoapBindingEx::onStartUpload(IEspContext& ctx, CHttpRequest* reque request->getParameter("DropZoneName", dropZoneName); if (!validateDropZonePath(nullptr, netAddress, path)) //The path should be the absolute path for the dropzone. throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "Invalid Landing Zone path %s", path.str()); - SecAccessFlags permission = getDropZoneScopePermissions(ctx, dropZoneName, path, netAddress); + SecAccessFlags permission = getDZPathScopePermissions(ctx, dropZoneName, path, netAddress); if (permission < SecAccess_Full) throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "Access DropZone Scope %s %s %s not allowed for user %s (permission:%s). Full Access Required.", dropZoneName.str(), netAddress.str(), path.str(), ctx.queryUserId(), getSecAccessFlagName(permission)); diff --git a/esp/services/ws_fs/ws_fsService.cpp b/esp/services/ws_fs/ws_fsService.cpp index e632e7cd84b..ca6f296b434 100644 --- a/esp/services/ws_fs/ws_fsService.cpp +++ b/esp/services/ws_fs/ws_fsService.cpp @@ -1882,7 +1882,7 @@ IPropertyTree *CFileSprayEx::getAndValidateDropZone(const char *path, const char } void CFileSprayEx::readAndCheckSpraySourceReq(MemoryBuffer& srcxml, const char* srcIP, const char* srcPath, const char* srcPlane, - StringBuffer& sourceIPReq, StringBuffer& sourcePathReq) + StringBuffer& sourcePlaneReq, StringBuffer& sourceIPReq, StringBuffer& sourcePathReq) { StringBuffer sourcePath(srcPath); sourcePath.trim(); @@ -1910,6 +1910,7 @@ void CFileSprayEx::readAndCheckSpraySourceReq(MemoryBuffer& srcxml, const char* sourcePath.append(s); } getDropZoneHost(srcPlane, dropZone, sourceIPReq); + sourcePlaneReq.append(srcPlane); } else { @@ -1917,6 +1918,7 @@ void CFileSprayEx::readAndCheckSpraySourceReq(MemoryBuffer& srcxml, const char* if (sourceIPReq.isEmpty()) throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "Source network IP not specified."); Owned plane = getAndValidateDropZone(sourcePath, sourceIPReq); + sourcePlaneReq.append(plane->queryProp("@name")); } } getStandardPosixPath(sourcePathReq, sourcePath.str()); @@ -1964,9 +1966,8 @@ bool CFileSprayEx::onSprayFixed(IEspContext &context, IEspSprayFixed &req, IEspS throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "Destination node group not specified."); MemoryBuffer& srcxml = (MemoryBuffer&)req.getSrcxml(); - StringBuffer sourceIPReq, sourcePathReq; - readAndCheckSpraySourceReq(srcxml, req.getSourceIP(), req.getSourcePath(), req.getSourcePlane(), sourceIPReq, sourcePathReq); - const char* srcip = sourceIPReq.str(); + StringBuffer sourcePlaneReq, sourceIPReq, sourcePathReq; + readAndCheckSpraySourceReq(srcxml, req.getSourceIP(), req.getSourcePath(), req.getSourcePlane(), sourcePlaneReq, sourceIPReq, sourcePathReq); const char* srcfile = sourcePathReq.str(); const char* destname = req.getDestLogicalName(); if(isEmptyString(destname)) @@ -2005,24 +2006,7 @@ bool CFileSprayEx::onSprayFixed(IEspContext &context, IEspSprayFixed &req, IEspS wu->setCommand(DFUcmd_import); IDFUfileSpec *source = wu->queryUpdateSource(); - if(srcxml.length() == 0) - { - RemoteMultiFilename rmfn; - SocketEndpoint ep(srcip); - if (ep.isNull()) - throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "SprayFixed to %s: cannot resolve source network IP from %s.", destname, srcip); - - rmfn.setEp(ep); - StringBuffer fnamebuf(srcfile); - fnamebuf.trim(); - rmfn.append(fnamebuf.str()); // handles comma separated files - source->setMultiFilename(rmfn); - } - else - { - srcxml.append('\0'); - source->setFromXML((const char*)srcxml.toByteArray()); - } + checkDZScopeAccessAndSetSpraySourceDFUFileSpec(context, sourcePlaneReq, sourceIPReq, srcfile, srcxml, source); IDFUfileSpec *destination = wu->queryUpdateDestination(); bool nosplit = req.getNosplit(); @@ -2147,9 +2131,8 @@ bool CFileSprayEx::onSprayVariable(IEspContext &context, IEspSprayVariable &req, gName.append(destNodeGroup); MemoryBuffer& srcxml = (MemoryBuffer&)req.getSrcxml(); - StringBuffer sourceIPReq, sourcePathReq; - readAndCheckSpraySourceReq(srcxml, req.getSourceIP(), req.getSourcePath(), req.getSourcePlane(), sourceIPReq, sourcePathReq); - const char* srcip = sourceIPReq.str(); + StringBuffer sourcePlaneReq, sourceIPReq, sourcePathReq; + readAndCheckSpraySourceReq(srcxml, req.getSourceIP(), req.getSourcePath(), req.getSourcePlane(), sourcePlaneReq, sourceIPReq, sourcePathReq); const char* srcfile = sourcePathReq.str(); const char* destname = req.getDestLogicalName(); if(isEmptyString(destname)) @@ -2182,24 +2165,7 @@ bool CFileSprayEx::onSprayVariable(IEspContext &context, IEspSprayVariable &req, IDFUfileSpec *destination = wu->queryUpdateDestination(); IDFUoptions *options = wu->queryUpdateOptions(); - if(srcxml.length() == 0) - { - RemoteMultiFilename rmfn; - SocketEndpoint ep(srcip); - if (ep.isNull()) - throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "SprayVariable to %s: cannot resolve source network IP from %s.", destname, srcip); - - rmfn.setEp(ep); - StringBuffer fnamebuf(srcfile); - fnamebuf.trim(); - rmfn.append(fnamebuf.str()); // handles comma separated files - source->setMultiFilename(rmfn); - } - else - { - srcxml.append('\0'); - source->setFromXML((const char*)srcxml.toByteArray()); - } + checkDZScopeAccessAndSetSpraySourceDFUFileSpec(context, sourcePlaneReq, sourceIPReq, srcfile, srcxml, source); source->setMaxRecordSize(req.getSourceMaxRecordSize()); source->setFormat((DFUfileformat)req.getSourceFormat()); @@ -2306,6 +2272,49 @@ bool CFileSprayEx::onSprayVariable(IEspContext &context, IEspSprayVariable &req, return true; } +void CFileSprayEx::checkDZScopeAccessAndSetSpraySourceDFUFileSpec(IEspContext &context, const char *srcPlane, const char *srcHost, + const char *srcFile, MemoryBuffer &srcXML, IDFUfileSpec *srcDFUfileSpec) +{ + if(srcXML.length() == 0) + { + //Both srcPlane and srcHost are validated in readAndCheckSpraySourceReq(). + StringBuffer fnamebuf(srcFile); + fnamebuf.trim(); + StringArray files; + files.appendList(fnamebuf, ","); // handles comma separated files + ForEachItemIn(i, files) + { + const char *file = files.item(i); + if (isEmptyString(file)) + continue; + + //Based on the tests, the dfuserver only supports the wildcard inside the file name, like '/path/f*'. + //The dfuserver throws an error if the wildcard is inside the path, like /p*ath/file. + + SecAccessFlags permission = getDZFileScopePermissions(context, srcPlane, file, srcHost); + if (permission < SecAccess_Read) + throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "Access DropZone Scope %s %s not allowed for user %s (permission:%s). Read Access Required.", + srcPlane, file, context.queryUserId(), getSecAccessFlagName(permission)); + } + + SocketEndpoint ep(srcHost); + if (ep.isNull()) + throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "Cannot resolve source network IP from %s.", srcHost); + + RemoteMultiFilename rmfn; + rmfn.setEp(ep); + rmfn.append(fnamebuf.str()); + srcDFUfileSpec->setMultiFilename(rmfn); + } + else + { //this block is copied from the code before PR https://github.com/hpcc-systems/HPCC-Platform/pull/17144. + //Not sure there exists any use case for spraying a file using the srcXML. JIRA-29339 is created to check + //whether this is completely legacy. If it is, it may be removed to make the code a lot clearer. + srcXML.append('\0'); + srcDFUfileSpec->setFromXML((const char*)srcXML.toByteArray()); + } +} + bool CFileSprayEx::onReplicate(IEspContext &context, IEspReplicate &req, IEspReplicateResponse &resp) { try @@ -2458,6 +2467,11 @@ bool CFileSprayEx::onDespray(IEspContext &context, IEspDespray &req, IEspDespray if (!isEmptyString(destPlane)) getDropZoneInfoByDestPlane(version, destPlane, destfile, destfileWithPath, umask, destip); + SecAccessFlags permission = getDZFileScopePermissions(context, destPlane, destfileWithPath, destip); + if (permission < SecAccess_Write) + throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "Access DropZone Scope %s %s not allowed for user %s (permission:%s). Write Access Required.", + isEmptyString(destPlane) ? destip : destPlane, destfileWithPath.str(), context.queryUserId(), getSecAccessFlagName(permission)); + RemoteFilename rfn; SocketEndpoint ep(destip.str()); if (ep.isNull()) @@ -2473,7 +2487,8 @@ bool CFileSprayEx::onDespray(IEspContext &context, IEspDespray &req, IEspDespray destination->setSingleFilename(rfn); } else - { + { //Not sure there exists any use case for despraying a file using the dstxml. JIRA-29339 is created to check + //whether this is completely legacy. If it is, it may be removed to make the code a lot clearer. dstxml.append('\0'); destination->setFromXML((const char*)dstxml.toByteArray()); } @@ -2897,7 +2912,7 @@ bool CFileSprayEx::onFileList(IEspContext &context, IEspFileListRequest &req, IE Owned plane = findDropZonePlane(sPath, netaddr, true, true); dropZoneName = plane->queryProp("@name"); } - SecAccessFlags permission = getDropZoneScopePermissions(context, dropZoneName, sPath, nullptr); + SecAccessFlags permission = getDZPathScopePermissions(context, dropZoneName, sPath, nullptr); if (permission < SecAccess_Read) throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "Access DropZone Scope %s %s not allowed for user %s (permission:%s). Read Access Required.", dropZoneName, sPath.str(), context.queryUserId(), getSecAccessFlagName(permission)); @@ -3007,7 +3022,7 @@ void CFileSprayEx::addPhysicalFile(IEspContext& context, IDirectoryIterator* di, bool CFileSprayEx::searchDropZoneFiles(IEspContext& context, const char* dropZoneName, const char* server, const char* dir, const char* relDir, const char* nameFilter, IArrayOf& files, unsigned& filesFound) { - if (getDropZoneScopePermissions(context, dropZoneName, dir, server) < SecAccess_Read) + if (getDZPathScopePermissions(context, dropZoneName, dir, server) < SecAccess_Read) return false; RemoteFilename rfn; @@ -3230,7 +3245,7 @@ void CFileSprayEx::getPhysicalFiles(IEspContext &context, const char *dropZoneNa if (dropZoneName && di->isDir()) { VStringBuffer fullPath("%s%s", path, fileName.str()); - if (getDropZoneScopePermissions(context, dropZoneName, fullPath, nullptr) < SecAccess_Read) + if (getDZPathScopePermissions(context, dropZoneName, fullPath, nullptr) < SecAccess_Read) continue; } @@ -3340,7 +3355,7 @@ bool CFileSprayEx::onDropZoneFiles(IEspContext &context, IEspDropZoneFilesReques Owned plane = findDropZonePlane(directoryStr, netAddress, true, true); dzName = plane->queryProp("@name"); } - if (getDropZoneScopePermissions(context, dzName, directoryStr, nullptr) < SecAccess_Read) + if (getDZPathScopePermissions(context, dzName, directoryStr, nullptr) < SecAccess_Read) return false; bool directoryOnly = req.getDirectoryOnly(); @@ -3482,7 +3497,7 @@ void CFileSprayEx::checkDropZoneFileScopeAccess(IEspContext &context, const char Owned plane = findDropZonePlane(dropZonePath, netAddress, true, true); dropZoneName = plane->queryProp("@name"); } - SecAccessFlags permission = getDropZoneScopePermissions(context, dropZoneName, dropZonePath, nullptr); + SecAccessFlags permission = getDZPathScopePermissions(context, dropZoneName, dropZonePath, nullptr); if (permission < accessReq) throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "Access DropZone Scope %s %s not allowed for user %s (permission:%s). %s Permission Required.", dropZoneName, dropZonePath, accessReqName, context.queryUserId(), getSecAccessFlagName(permission)); @@ -3526,7 +3541,7 @@ void CFileSprayEx::checkDropZoneFileScopeAccess(IEspContext &context, const char StringBuffer fullPath(dropZonePath); addPathSepChar(fullPath).append(pathToCheck); - SecAccessFlags permission = getDropZoneScopePermissions(context, dropZoneName, fullPath, nullptr); + SecAccessFlags permission = getDZPathScopePermissions(context, dropZoneName, fullPath, nullptr); if (permission < accessReq) { uniquePath.setValue(pathToCheck.str(), false); //add a path denied diff --git a/esp/services/ws_fs/ws_fsService.hpp b/esp/services/ws_fs/ws_fsService.hpp index 87128e5022a..65bbb3cff41 100644 --- a/esp/services/ws_fs/ws_fsService.hpp +++ b/esp/services/ws_fs/ws_fsService.hpp @@ -67,12 +67,14 @@ class Schedule : public Thread class CFileSprayEx : public CFileSpray { void readAndCheckSpraySourceReq(MemoryBuffer& srcxml, const char* srcIP, const char* srcPath, const char* srcplane, - StringBuffer& sourceIPReq, StringBuffer& sourcePathReq); + StringBuffer& sourcePlaneReq, StringBuffer& sourceIPReq, StringBuffer& sourcePathReq); void getServersInDropZone(const char* dropZoneName, IArrayOf& dropZoneList, bool isECLWatchVisibleOnly, StringArray& serverList); IPropertyTree* getAndValidateDropZone(const char * path, const char * host); IEspDFUWorkunit* createDFUWUFromSashaListResult(const char* result); void setDFUCommand(const char* commandStr, IEspDFUWorkunit* dfuWU); + void checkDZScopeAccessAndSetSpraySourceDFUFileSpec(IEspContext& context, const char* srcPlane, const char * srcHost, + const char* srcFile, MemoryBuffer& srcXML, IDFUfileSpec* srcDFUfileSpec); public: virtual void init(IPropertyTree *cfg, const char *process, const char *service); diff --git a/esp/smc/SMCLib/TpCommon.cpp b/esp/smc/SMCLib/TpCommon.cpp index 4819fc7ed1b..e028acb779b 100644 --- a/esp/smc/SMCLib/TpCommon.cpp +++ b/esp/smc/SMCLib/TpCommon.cpp @@ -156,27 +156,15 @@ extern TPWRAPPER_API bool validateDropZonePath(const char* dropZoneName, const c return false; } -extern TPWRAPPER_API SecAccessFlags getDropZoneScopePermissions(IEspContext& context, const char* dropZoneName, const char* dropZonePath, const char* dropZoneHost) +static SecAccessFlags getDropZoneScopePermissions(IEspContext& context, const IPropertyTree* dropZone, const char* dropZonePath) { if (isEmptyString(dropZonePath)) throw makeStringException(ECLWATCH_INVALID_CLUSTER_NAME, "getDropZoneScopePermissions(): DropZone path must be specified."); - Owned plane; - if (isEmptyString(dropZoneName)) - { - plane.setown(findDropZonePlane(dropZonePath, dropZoneHost, true, true)); - dropZoneName = plane->queryProp("@name"); - } - else - { - plane.setown(getDropZonePlane(dropZoneName)); - if (!plane) - throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "getDropZoneScopePermissions(): DropZone %s not found.", dropZoneName); - } - //If the dropZonePath is an absolute path, change it to a relative path. StringBuffer s; - const char* prefix = plane->queryProp("@prefix"); + const char* prefix = dropZone->queryProp("@prefix"); + const char* name = dropZone->queryProp("@name"); if (hasPrefix(dropZonePath, prefix, true)) { const char* p = dropZonePath + strlen(prefix); @@ -188,5 +176,54 @@ extern TPWRAPPER_API SecAccessFlags getDropZoneScopePermissions(IEspContext& con Owned userDesc = createUserDescriptor(); userDesc->set(context.queryUserId(), context.queryPassword(), context.querySignature()); - return queryDistributedFileDirectory().getDropZoneScopePermissions(dropZoneName, dropZonePath, userDesc); + return queryDistributedFileDirectory().getDropZoneScopePermissions(name, dropZonePath, userDesc); +} + +extern TPWRAPPER_API SecAccessFlags getDZPathScopePermissions(IEspContext& context, const char* dropZoneName, const char* dropZonePath, const char* dropZoneHost) +{ + if (isEmptyString(dropZonePath)) + throw makeStringException(ECLWATCH_INVALID_CLUSTER_NAME, "getDZPathScopePermissions(): DropZone path must be specified."); + + Owned dropZone; + if (isEmptyString(dropZoneName)) + dropZone.setown(findDropZonePlane(dropZonePath, dropZoneHost, true, true)); + else + { + dropZone.setown(getDropZonePlane(dropZoneName)); + if (!dropZone) + throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "getDZPathScopePermissions(): DropZone %s not found.", dropZoneName); + } + + return getDropZoneScopePermissions(context, dropZone, dropZonePath); +} + +extern TPWRAPPER_API SecAccessFlags getDZFileScopePermissions(IEspContext& context, const char* dropZoneName, const char* dropZonePath, + const char* dropZoneHost) +{ + StringBuffer dir, fileName; + splitFilename(dropZonePath, &dir, &dir, nullptr, nullptr); + dropZonePath = dir.str(); + return getDZPathScopePermissions(context, dropZoneName, dropZonePath, dropZoneHost); +} + +extern TPWRAPPER_API void validateDropZoneAccess(IEspContext& context, const char* targetDZNameOrHost, const char* hostReq, SecAccessFlags permissionReq, + const char* fileNameWithRelPath, CDfsLogicalFileName& dlfn) +{ + if (containsRelPaths(fileNameWithRelPath)) //Detect a path like: a/../../../f + throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "Invalid file path %s", fileNameWithRelPath); + + Owned dropZone = getDropZonePlane(targetDZNameOrHost); + if (!dropZone) //The targetDZNameOrHost could be a dropzone host. + dropZone.setown(findDropZonePlane(nullptr, targetDZNameOrHost, true, true)); + else if (!isEmptyString(hostReq)) + { + if (!isHostInPlane(dropZone, hostReq, true)) + throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "Host %s is not valid DropZone plane %s", hostReq, targetDZNameOrHost); + } + const char *dropZoneName = dropZone->queryProp("@name"); + SecAccessFlags permission = getDZFileScopePermissions(context, dropZoneName, fileNameWithRelPath, hostReq); + if (permission < permissionReq) + throw makeStringExceptionV(ECLWATCH_INVALID_INPUT, "Access DropZone Scope %s %s not allowed for user %s (permission:%s). %s Access Required.", + dropZoneName, fileNameWithRelPath, context.queryUserId(), getSecAccessFlagName(permission), getSecAccessFlagName(permissionReq)); + dlfn.setPlaneExternal(dropZoneName, fileNameWithRelPath); } diff --git a/esp/smc/SMCLib/TpWrapper.hpp b/esp/smc/SMCLib/TpWrapper.hpp index 753f7c6dc3d..ec8f457ae2c 100644 --- a/esp/smc/SMCLib/TpWrapper.hpp +++ b/esp/smc/SMCLib/TpWrapper.hpp @@ -231,7 +231,10 @@ extern TPWRAPPER_API bool validateDataPlaneName(const char *remoteDali, const ch extern TPWRAPPER_API bool matchNetAddressRequest(const char* netAddressReg, bool ipReq, IConstTpMachine& tpMachine); extern TPWRAPPER_API bool validateDropZonePath(const char* dropZoneName, const char* netAddr, const char* pathToCheck); -extern TPWRAPPER_API SecAccessFlags getDropZoneScopePermissions(IEspContext& context, const char * dropZoneName, const char * dropZonePath, const char * dropZoneHost); +extern TPWRAPPER_API SecAccessFlags getDZPathScopePermissions(IEspContext& context, const char* dropZoneName, const char* dropZonePath, const char* dropZoneHost); +extern TPWRAPPER_API SecAccessFlags getDZFileScopePermissions(IEspContext& context, const char* dropZoneName, const char* dropZonePath, const char* dropZoneHost); +extern TPWRAPPER_API void validateDropZoneAccess(IEspContext& context, const char* targetDZNameOrHost, const char* hostReq, SecAccessFlags permissionReq, + const char* fileNameWithRelPath, CDfsLogicalFileName& dlfn); #endif //_ESPWIZ_TpWrapper_HPP__