Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

exec_as_user is not federation friendly #187

Open
2 tasks
korydraughn opened this issue Mar 25, 2022 · 2 comments
Open
2 tasks

exec_as_user is not federation friendly #187

korydraughn opened this issue Mar 25, 2022 · 2 comments
Assignees
@korydraughn
Labels
bug

Comments

@korydraughn
Copy link
Collaborator

korydraughn commented Mar 25, 2022
edited
Loading

  • main
  • 4-2-stable

Similar to irods/irods#6268

The code in question:

irods_capability_storage_tiering/exec_as_user.hpp

Lines 8 to 27 in c16624a

template <typename Function>
int exec_as_user(rcComm_t* _comm, const std::string& _user_name, Function _func)
{
auto& user = _comm->clientUser;
// need to be able to have a rodsuser/rodsuser 'switch hats'
//if (user.authInfo.authFlag < LOCAL_PRIV_USER_AUTH) {
// THROW(CAT_INSUFFICIENT_PRIVILEGE_LEVEL, "Cannot switch user");
//}
const std::string old_user_name = user.userName;
rstrcpy(user.userName, _user_name.data(), NAME_LEN);
irods::at_scope_exit<std::function<void()>> at_scope_exit{[&user, &old_user_name] {
rstrcpy(user.userName, old_user_name.c_str(), MAX_NAME_LEN);
}};
return _func(_comm);
} // exec_as_user

Workaround

Grant permission to the local user of the same name because that is the user that is being found.
@trel trel mentioned this issue May 12, 2022
Open
@korydraughn korydraughn self-assigned this Apr 4, 2023
@trel
Copy link
Member

trel commented Nov 27, 2023

related to #215 ?

@alanking alanking mentioned this issue Nov 28, 2023
Merged
alanking pushed a commit to cookie33/irods_capability_storage_tiering that referenced this issue Nov 28, 2023
@alanking
[irods#187][irods#215] implementing storage tiering for data from rem…
210191b 
…ote zones
alanking pushed a commit that referenced this issue Nov 28, 2023
@alanking
[#187][#215] implementing storage tiering for data from remote zones
b50254b
@alanking alanking mentioned this issue Nov 28, 2023
Merged
@alanking
Copy link
Contributor

I believe this is related to #215 but we want to make sure that things are working as expected across redirects as well as across federation. I believe #228 fixes the cross-zone case, so we just need to confirm the redirection case now.

alanking pushed a commit to alanking/irods_capability_storage_tiering that referenced this issue Nov 29, 2023
@alanking
[irods#187][irods#215] implementing storage tiering for data from rem…
d477996 
…ote zones
alanking pushed a commit that referenced this issue Nov 29, 2023
@alanking
[#187][#215] implementing storage tiering for data from remote zones
ea0b418
@alanking alanking added this to the 4.3.2.1 milestone May 15, 2024
@alanking alanking removed this from the 4.3.2.1 milestone Aug 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@korydraughn korydraughn

Labels
bug
Milestone
No milestone
Development

No branches or pull requests
3 participants
@trel @korydraughn @alanking