eosfs: update getUser to check uid and gid

Update getUser to verify that uid and gid are not zero to avoid granting access to users by mistake.
cs3org · Mar 19, 2021 · fabd746 · fabd746
1 parent 2176bd4
commit fabd746
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/pkg/storage/utils/eosfs/eosfs.go b/pkg/storage/utils/eosfs/eosfs.go
@@ -195,6 +195,12 @@ func getUser(ctx context.Context) (*userpb.User, error) {
 		err := errors.Wrap(errtypes.UserRequired(""), "eos: error getting user from ctx")
 		return nil, err
 	}
+	if u.UidNumber == 0 {
+		return nil, errors.New("eos: invalid user id")
+	}
+	if u.GidNumber == 0 {
+		return nil, errors.New("eos: invalid group id")
+	}
 	return u, nil
 }