Skip to content

Commit

Permalink
fixup! CHE-10861 Add permissions filter for installer json rpc methods
Browse files Browse the repository at this point in the history
  • Loading branch information
@sleshchenko
sleshchenko committed Aug 30, 2018
1 parent 7f3c55b commit 96ff276
Showing 1 changed file with 7 additions and 3 deletions.
10 changes: 7 additions & 3 deletions ...e/che/multiuser/permission/workspace/server/filters/InstallerServicePermissionFilter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
import org.eclipse.che.api.workspace.shared.dto.event.InstallerLogEvent;
import org.eclipse.che.api.workspace.shared.dto.event.InstallerStatusEvent;
import org.eclipse.che.commons.env.EnvironmentContext;
import org.eclipse.che.commons.subject.Subject;
import org.eclipse.che.multiuser.api.permission.server.jsonrpc.JsonRpcPermissionsFilterAdapter;
import org.eclipse.che.multiuser.permission.workspace.server.WorkspaceDomain;

Expand Down Expand Up @@ -60,8 +61,11 @@ public void doAccept(String method, Object... params) throws ForbiddenException
throw new ForbiddenException("Unknown method is configured to be filtered.");
}

EnvironmentContext.getCurrent()
.getSubject()
.checkPermission(WorkspaceDomain.DOMAIN_ID, workspaceId, WorkspaceDomain.RUN);
Subject currentSubject = EnvironmentContext.getCurrent().getSubject();
if (!currentSubject.hasPermission(
WorkspaceDomain.DOMAIN_ID, workspaceId, WorkspaceDomain.RUN)) {
throw new ForbiddenException(
"User doesn't have the required permissions to the specified workspace");
}
}
}

0 comments on commit 96ff276

Please sign in to comment.