Affected by GO-2023-1808 and 2 other vulnerabilities

GO-2023-1808: Go package pydio/cells vulnerable to authorization bypass in github.com/pydio/cells

GO-2023-1809: go package pydio cells vulnerable to cross-site scripting in github.com/pydio/cells

GO-2023-2344: Abstrium Pydio Cells Resource Injection vulnerability in github.com/pydio/cells

The highest tagged major version is v4.

resources

package

v1.4.0 Latest Latest Go to latest Published: Feb 20, 2019 License: AGPL-3.0 Imports: 13 Imported by: 80

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/pydio/cells

Links

Open Source Insights

Documentation ¶

Overview ¶

Package resources provides extendable service Handler for managing resource-policy based data.

Index ¶

type PoliciesCleaner
- func (c *PoliciesCleaner) Handle(ctx context.Context, msg *idm.ChangeEvent) error
type PoliciesCleanerOptions
type PoliciesLoaderFunc
type ResourceProviderHandler

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type PoliciesCleaner ¶

type PoliciesCleaner struct {
	Dao     dao.DAO
	Options PoliciesCleanerOptions
	LogCtx  context.Context
}

func (*PoliciesCleaner) Handle ¶

func (c *PoliciesCleaner) Handle(ctx context.Context, msg *idm.ChangeEvent) error

Clean resources in the current DAO based on the delete events

type PoliciesCleanerOptions ¶

type PoliciesCleanerOptions struct {
	SubscribeRoles bool
	SubscribeUsers bool
}

type PoliciesLoaderFunc ¶

type PoliciesLoaderFunc func(ctx context.Context, resourceId string, resourceClient interface{}) (policies []*service.ResourcePolicy, e error)

Signature for a function that can load policies from a given resource

type ResourceProviderHandler ¶

type ResourceProviderHandler struct {
	ResourceName   string
	ServiceName    string
	PoliciesLoader PoliciesLoaderFunc
}

"Abstract" class that can be implemented by REST handlers to add Policies checking capabilities

func (*ResourceProviderHandler) IsAllowed ¶

func (r *ResourceProviderHandler) IsAllowed(ctx context.Context, resourceId string, action service.ResourcePolicyAction, resourceClient interface{}) (err error)

IsAllowed matches a resourceId against a policy Action It uses the PoliciesLoader function to first grab the policies associated to this resource, then use an in-memory warden to check the policies stack.

func (*ResourceProviderHandler) IsContextEditable ¶

func (r *ResourceProviderHandler) IsContextEditable(ctx context.Context, resourceId string, policies []*service.ResourcePolicy) bool

IsContextEditable can be used for outputting results with a flag telling wether this resource can be edited by the currently logged user

func (*ResourceProviderHandler) MatchPolicies ¶

func (r *ResourceProviderHandler) MatchPolicies(ctx context.Context, resourceId string, policies []*service.ResourcePolicy, action service.ResourcePolicyAction, subjects ...string) bool

MatchPolicies creates an memory-based policy stack checker to check if action is allowed or denied. It uses a DenyByDefault strategy

func (*ResourceProviderHandler) RestToServiceResourcePolicy ¶

func (r *ResourceProviderHandler) RestToServiceResourcePolicy(ctx context.Context, input *rest.ResourcePolicyQuery) (output *service.ResourcePolicyQuery, e error)

RestToServiceResourcePolicy transforms input rest.ResourcePolicy to service.ResourcePolicy that can be used internally

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL