Asset Manager Access Control

Steps to reproduce

The asset manager's check for testing if a user is allowed to create a
new snapshots does not provide any security at all. Every user can
change assets and with it change all security restrictions with no
privileges other than access to the REST interfaces required.

Right now, the process basically works like this:

When user1 submits a new media package to create a snapshot, the asset
manager checks the access control list of that media package if the
user is allowed to write.

If you haven't realized it already: The access control list used for
verifying the privileges of user1 is provided by user1 right in the
request. So there is no security at all.

This patch fixes this problem by checking the access rules set in the
previous snapshot instead. This means that a user can only change the
rules (or anything else) if he indeed is allowed to do so.

The obvious exception is, if no previous snapshot existed. In that case,
the user is allowed to create the first snapshot without any further
tests.

Status

Assignee

Lars Kiesow

Reporter

Lars Kiesow

Severity

Security

Tags (folksonomy)

None

Components

Fix versions

Affects versions

5.2

Priority

Major
Configure