You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In the scenario where a production site and testing site point at the same swift object store - typically the testing site is given access using a read-only user account using forced config settings or other processes - different from the user account configured in prod.
The access token "openstack_authtoken" is cached at the db layer though, so there's a short period of time when the restored site has access to that "token" providing full write access over the object storage container and this would allow the testing site to both store stuff in object storage (and if configured) delete stuff from object storage which should not be possible.
We should improve the handling of this cache so that if the site-url changes, the token is no longer valid and gets cleared.
one idea - when a token is generated store the user that generated that token in a separate config item - then when using the token again - check that the value stored in tool_objectfs | openstack_username matches the same value as the one stored in the new config item and if it doesn't, clear the authtoken.
There are probably other approaches that might work too.
The text was updated successfully, but these errors were encountered:
In the scenario where a production site and testing site point at the same swift object store - typically the testing site is given access using a read-only user account using forced config settings or other processes - different from the user account configured in prod.
The access token "openstack_authtoken" is cached at the db layer though, so there's a short period of time when the restored site has access to that "token" providing full write access over the object storage container and this would allow the testing site to both store stuff in object storage (and if configured) delete stuff from object storage which should not be possible.
We should improve the handling of this cache so that if the site-url changes, the token is no longer valid and gets cleared.
relevant code for this is around here:
https://github.com/catalyst/moodle-tool_objectfs/blob/MOODLE_402_STABLE/classes/local/store/swift/client.php#L76
one idea - when a token is generated store the user that generated that token in a separate config item - then when using the token again - check that the value stored in tool_objectfs | openstack_username matches the same value as the one stored in the new config item and if it doesn't, clear the authtoken.
There are probably other approaches that might work too.
The text was updated successfully, but these errors were encountered: