-require 'locator'
-
class Arvados::V1::CollectionsController < ApplicationController
def create
# Collections are owned by system_user. Creating a collection has
# Check permissions on the collection manifest.
# If any signature cannot be verified, return 403 Permission denied.
- perms_ok = true
api_token = current_api_client_authorization.andand.api_token
signing_opts = {
key: Rails.configuration.blob_signing_key,
}
resource_attrs[:manifest_text].lines.each do |entry|
entry.split[1..-1].each do |tok|
- # TODO(twp): fail the request if this match fails.
- # Add in Phase 4 (see #2755)
- loc = Locator.parse(tok)
- if loc and loc.signature
- if !api_token
- logger.warn "No API token present; cannot verify signature on #{loc}"
- perms_ok = false
- elsif !Blob.verify_signature tok, signing_opts
- logger.warn "Invalid signature on locator #{loc}"
- perms_ok = false
- end
+ if /^[[:digit:]]+:[[:digit:]]+:/.match tok
+ # This is a filename token, not a blob locator. Note that we
+ # keep checking tokens after this, even though manifest
+ # format dictates that all subsequent tokens will also be
+ # filenames. Safety first!
+ elsif Blob.verify_signature tok, signing_opts
+ # OK.
+ elsif Locator.parse(tok).andand.signature
+ # Signature provided, but verify_signature did not like it.
+ logger.warn "Invalid signature on locator #{tok}"
+ raise ArvadosModel::PermissionDeniedError
+ elsif Rails.configuration.permit_create_collection_with_unsigned_manifest
+ # No signature provided, but we are running in insecure mode.
+ logger.debug "Missing signature on locator #{tok} ignored"
+ elsif Blob.new(tok).empty?
+ # No signature provided -- but no data to protect, either.
+ else
+ logger.warn "Missing signature on locator #{tok}"
+ raise ArvadosModel::PermissionDeniedError
end
end
end
- unless perms_ok
- raise ArvadosModel::PermissionDeniedError
- end
# Remove any permission signatures from the manifest.
resource_attrs[:manifest_text]
- .gsub!(/[[:xdigit:]]{32}(\+[[:digit:]]+)?(\+\S+)/) { |word|
+ .gsub!(/ [[:xdigit:]]{32}(\+[[:digit:]]+)?(\+\S+)/) { |word|
+ word.strip!
loc = Locator.parse(word)
if loc
- loc.without_signature.to_s
+ " " + loc.without_signature.to_s
else
- word
+ " " + word
end
}
@object.save!
rescue ActiveRecord::RecordNotUnique
logger.debug resource_attrs.inspect
- if resource_attrs[:manifest_text] and resource_attrs[:uuid]
+ if @object.manifest_text and @object.uuid
@existing_object = model_class.
where('uuid=? and manifest_text=?',
- resource_attrs[:uuid],
- resource_attrs[:manifest_text]).
+ @object.uuid,
+ @object.manifest_text).
first
@object = @existing_object || @object
end
ttl: Rails.configuration.blob_signing_ttl,
}
@object[:manifest_text]
- .gsub!(/[[:xdigit:]]{32}(\+[[:digit:]]+)?(\+\S+)/) { |word|
+ .gsub!(/ [[:xdigit:]]{32}(\+[[:digit:]]+)?(\+\S+)/) { |word|
+ word.strip!
loc = Locator.parse(word)
if loc
- Blob.sign_locator(word, signing_opts)
+ " " + Blob.sign_locator(word, signing_opts)
else
- word
+ " " + word
end
}
end
projects / arvados.git / blobdiff