Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Preference authorization processor #8915

Merged
merged 3 commits into from
Apr 4, 2024
Merged

Preference authorization processor #8915

merged 3 commits into from
Apr 4, 2024

Conversation

jimchamp
Copy link
Collaborator

@jimchamp jimchamp commented Mar 18, 2024
edited

Closes #8893

Prevents unauthorized access to patrons' preferences. Instead, patrons will be able to access their own preferences, while admins can access all patrons' preferences.

These changes include access to json and yml encodings of patron preferences, not just the preference pages.

Technical

A new processor was created to aid with authorization. The PreferenceProcessor, when handling a request for patron preferences, gets a reference to the authenticated User. If the request was unauthenticated, a 401 error is raised. Then, the processor checks if the User is the owner of the requested preferences, or is an admin. If neither are true, a 403 error is raised.

If all checks pass, or the request is not for preferences, the processor handles the request as per usual.

Testing

At a minimum, the following should be tested:

While logged out:

  1. Should not be able to view any /people/{username}/preferences page
  2. Should not be able to make json or yml preference requests

While logged in as a non-admin:

  1. Should be able to view one's own preference page
  2. Should be able to make json and yml preference requests for one's own preferences
  3. Should not be able to view other patrons' preference pages
  4. Should not be able to make json and yml preference requests for other patrons' preferences

While logged in as an admin:

  1. Should be able to view any preference page
  2. Should be able to make json or yml preference requests for any account

Other:

  1. /account/preferences requests should be unaffected by these changes
  2. Code paths that modify or read preferences should be unaffected by these changes

Special deployment notes

This is a new processor, so we should be vigilant when this is deployed, and ensure that pages not related to preferences are unaffected, etc.

Screenshot

Stakeholders

@mekarpeles mekarpeles self-assigned this Mar 25, 2024
@mekarpeles mekarpeles added Priority: 2 Important, as time permits. [managed] Priority: 1 Do this week, receiving emails, time sensitive, . [managed] and removed Priority: 2 Important, as time permits. [managed] labels Mar 25, 2024
@mekarpeles mekarpeles added Needs: Special Deploy This PR will need a non-standard deploy to production and removed Needs: Testing labels Apr 4, 2024
@mekarpeles mekarpeles merged commit e52cda7 into internetarchive:master Apr 4, 2024
3 checks passed
Achorn pushed a commit to Achorn/openlibrary that referenced this pull request Apr 12, 2024
@jimchamp @Achorn
Preference authorization processor (internetarchive#8915)
0f163b4 
* Add processor for preference authorization
* Require authorization for `json` and `yml` prefs
@jimchamp jimchamp deleted the 8893/sec/pref-processor branch April 24, 2024 00:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@mekarpeles mekarpeles

Labels
Needs: Special Deploy This PR will need a non-standard deploy to production Priority: 1 Do this week, receiving emails, time sensitive, . [managed]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Restrict read of patron preferences to logged in patron
2 participants
@jimchamp @mekarpeles