mike-jumper opened a new pull request #523: URL: https://github.com/apache/guacamole-client/pull/523
To facilitate collaborative storage of arbitrary attributes between extensions, this change adds a new `getPrivileged()` function to the `UserContext` interface, allowing an internal and privileged `UserContext` to be retrieved. As only an extension may invoke this function (it is not called within the REST API), this allows extensions to expose privileged access to other extensions without requiring that users logging into Guacamole via those extensions have the same privileges. For example, Guacamole's TOTP support has historically required that each user have `UPDATE` privileges on themselves, since the database authentication would otherwise deny the TOTP extension's attempt to store additional attributes for that user. With these changes, the TOTP support uses a privileged `UserContext` to store its attributes, and users of TOTP need not be granted additional privileges. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
