-
Notifications
You must be signed in to change notification settings - Fork 101
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add filter to is_valid_path_for_site ACL function #6033
Conversation
Quality Gate passedIssues Measures |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## develop #6033 +/- ##
=============================================
+ Coverage 30.51% 30.53% +0.01%
Complexity 4811 4811
=============================================
Files 289 289
Lines 21177 21164 -13
=============================================
- Hits 6463 6462 -1
+ Misses 14714 14702 -12 ☔ View full report in Codecov by Sentry. |
@mjangda do you have any concerns with the proposed changes? functionally they work fine. |
Seems fine if there are legitimate uses we've identified for this. Main risk is that if the code that uses the filter isn't careful, it can end up leaking private data. But that's up the developer using the filter to enforce. |
yeah, my thoughts exactly. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for the PR @rbcorrales as well as for thorough testing! Looks good.
Thanks, @rinatkhaziev. I updated the changelog to be more descriptive. Let me know if this looks good. |
Description
This PR adds a filter to the
is_valid_path_for_site
function to allow overriding its behavior.The use case for this is not necessarily to circumvent the subsite restrictions when ACL is enabled but also to allow access to other custom directories within the
wp-content/uploads
path.This extends the functionality introduced by this PR in 2021: #1975
Changelog Description
Added
vip_files_acl_is_valid_path_for_site
filter to extend theis_valid_path_for_site
function. This new filter allows overriding the VIP File System's validation process for multisite setups, which uses the/wp-content/mu-plugins/files/acl/endpoint-check-file-acl.php
endpoint to check permissions for paths under/wp-content/uploads
. It enables custom use cases, such as accessing directories outside the default site asset paths (but within the uploads folder) while adhering to other ACL rules. This extends the functionality introduced in PR Private Files: Restrict cross-site file access #1975. Warning: Improper use of this filter could expose private data. Developers using it must ensure that the logic they implement enforces proper access control to prevent data leaks between subsites.Pre-review checklist
Please make sure the items below have been covered before requesting a review:
Pre-deploy checklist
Steps to Test
Clone this repo and switch to the
private-files-valid-path-filter
branch.Follow the instructions for creating a local dev environment using the repo path as mu-plugins:
> vip dev-env --slug=test start
/etc/hosts
file pointing to 127.0.0.1:202
:400
:/client-mu-plugins
:202
with no errors in the logs: