GO-2024-3228: Coder vulnerable to post-auth URL redirection to untrusted site ('Open Redirect') in github.com/coder/coder
The highest tagged major version isv2.
dbauthz
packageThis package is not in the latest version of its module.
Details
Validgo.mod file
The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
- Redistributable license
Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
- Tagged version
Modules with tagged versions give importers more predictable builds.
Stable versionWhen a project reaches major version v1 it is considered stable.
- Learn more about best practices
Repository
Links
Open Source Insights
Documentation¶
Overview¶
Package dbauthz provides an authorization layer on top of the database. Thispackage exposes an interface that is currently a 1:1 mapping withdatabase.Store.
The same cultural rules apply to this package as they do to database.Store.Meaning that each method implemented should keep the number of databasequeries as close to 1 as possible. Each method should do 1 thing, with nounexpected side effects (eg: updating multiple tables in a single method).
Do not implement business logic in this package. Only authorization relatedlogic should be implemented here. In most cases, this should only be a call tothe rbac authorizer.
When a new database method is added to database.Store, it should be added tothis package as well. The unit test "Accounting" will ensure all methods aretested. See other unit tests for examples on how to write these.
Index¶
- Variables
- func ActorFromContext(ctx context.Context) (rbac.Subject, bool)
- func As(ctx context.Context, actor rbac.Subject) context.Context
- func AsAutostart(ctx context.Context) context.Context
- func AsHangDetector(ctx context.Context) context.Context
- func AsProvisionerd(ctx context.Context) context.Context
- func AsSystemRestricted(ctx context.Context) context.Context
- func IsNotAuthorizedError(err error) bool
- func New(db database.Store, authorizer rbac.Authorizer, logger slog.Logger) database.Store
- type NotAuthorizedError
Constants¶
This section is empty.
Variables¶
var AsRemoveActor =rbac.Subject{ID: "remove-actor",}var NoActorError =xerrors.Errorf("no authorization actor in context: %w",sql.ErrNoRows)NoActorError wraps ErrNoRows for the api to return a 404. This is the correctresponse when the user is not authorized.
Functions¶
funcActorFromContext¶
ActorFromContext returns the authorization subject from the context.All authentication flows should set the authorization subject in the context.If no actor is present, the function returns false.
funcAs¶
As returns a context with the given actor stored in the context.This is used for cases where the actor touching the database is not theactor stored in the context.When you use this function, be sure to add a //nolint commentexplaining why it is necessary.
funcAsAutostart¶added inv0.17.4
AsAutostart returns a context with an actor that has permissions requiredfor autostart to function.
funcAsHangDetector¶added inv0.25.0
AsHangDetector returns a context with an actor that has permissions requiredfor unhanger.Detector to function.
funcAsProvisionerd¶added inv0.17.4
AsProvisionerd returns a context with an actor that has permissions requiredfor provisionerd to function.
funcAsSystemRestricted¶added inv0.17.4
AsSystemRestricted returns a context with an actor that has permissionsrequired for various system operations (login, logout, metrics cache).
funcIsNotAuthorizedError¶added inv0.20.0
Types¶
typeNotAuthorizedError¶
type NotAuthorizedError struct {Errerror}NotAuthorizedError is a sentinel error that unwraps to sql.ErrNoRows.This allows the internal error to be read by the caller if needed. Otherwiseit will be handled as a 404.
func (NotAuthorizedError)Error¶
func (eNotAuthorizedError) Error()string
func (NotAuthorizedError)Unwrap¶
func (eNotAuthorizedError) Unwrap()error
Unwrap will always unwrap to a sql.ErrNoRows so the API returns a 404.So 'errors.Is(err, sql.ErrNoRows)' will always be true.
Source Files