DeforaNetworks/corteza
DeforaNetworks/corteza
3
0
Fork 0
Code

Fix server script security

Browse Source 
Security params must be processed before procesing iterator
This commit is contained in:
Denis Arh 2020-03-27 12:46:58 +01:00
parent 32ce2216cb
commit 63eb346a4a
1 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
pkg/corredor/service.go
View File

@ -449,6 +449,15 @@ func (svc *service) registerServerScripts(ss ...*ServerScript) {
Iterator: script.Iterator,
}
if len(s.Errors) == 0 {
if sec, rr, err := svc.serverScriptSecurity(script); err != nil {
s.Errors = append(s.Errors, err.Error())
} else {
s.Security = sec
svc.permissions = append(svc.permissions, rr...)
}
}
// Corredor can (by design) serve us script with errors (load, parse time) and
// they need to be ignored by security, trigger, iterator handlers
if len(s.Errors) == 0 {
@ -468,15 +477,6 @@ func (svc *service) registerServerScripts(ss ...*ServerScript) {
}
}
if len(s.Errors) == 0 {
if sec, rr, err := svc.serverScriptSecurity(script); err != nil {
s.Errors = append(s.Errors, err.Error())
} else {
s.Security = sec
svc.permissions = append(svc.permissions, rr...)
}
}
if len(s.Errors) == 0 {
svc.log.Debug(
"script registered",