New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

using pattern in acl-file without %c or %u gives unwanted permissions #209

Closed
bitfreak25 opened this Issue Jul 8, 2016 · 3 comments

Comments

Projects
None yet
3 participants
@bitfreak25

bitfreak25 commented Jul 8, 2016

I've wrote a acl-file like this:

pattern read #

user Student
pattern readwrite #

user Global
pattern readwrite #

and created the 2 users "Student" and "Global". I expected, that a anonymous user could only read the topics, but he cloud write to it.

Changing the acl-file to something like this solved the problem:

topic read #

user Student
topic readwrite #

user Global
topic readwrite #

I've see that I've done a bad mistake, but it confused me, that there was no error or something. So, is it possible to give an error with a wrong acl-file or if better a implementation, that lets "pattern" work like "topic" if there is no %c or %u ?

@ralight

This comment has been minimized.

Show comment
Hide comment
@ralight

ralight Jul 9, 2016

Contributor

I'm not sure what the best thing to do here would be. Your original ACL isn't wrong, just not very useful. Perhaps it would be best to produce an error if there isn't a %c or %u in the pattern.

Contributor

ralight commented Jul 9, 2016

I'm not sure what the best thing to do here would be. Your original ACL isn't wrong, just not very useful. Perhaps it would be best to produce an error if there isn't a %c or %u in the pattern.

ralight added a commit that referenced this issue Aug 8, 2018

ACL patterns that do not contain either %c or %u are now rejected.
Closes #209.

Bug: #209

Signed-off-by: Roger A. Light <roger@atchoo.org>
@ralight

This comment has been minimized.

Show comment
Hide comment
@ralight

ralight Aug 8, 2018

Contributor

This now rejects patterns that do not contain %c or %u.

Contributor

ralight commented Aug 8, 2018

This now rejects patterns that do not contain %c or %u.

@ralight ralight closed this Aug 8, 2018

@ralight ralight added this to the 1.5.1 milestone Aug 8, 2018

@mikini

This comment has been minimized.

Show comment
Hide comment
@mikini

mikini Sep 19, 2018

Commit ecb4006 changes the rejection to just emitting a warning. Also see a real world use case discussed in this mailing list thread.

mikini commented Sep 19, 2018

Commit ecb4006 changes the rejection to just emitting a warning. Also see a real world use case discussed in this mailing list thread.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment