mike-jumper commented on a change in pull request #389:
URL: https://github.com/apache/guacamole-client/pull/389#discussion_r443165273
##########
File path:
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/base/ModeledDirectoryObjectService.java
##########
@@ -427,16 +427,22 @@ public InternalType
retrieveObject(ModeledAuthenticatedUser user,
protected Collection<ObjectPermissionModel>
getImplicitPermissions(ModeledAuthenticatedUser user,
ModelType model) {
+ // Get the user model and check for an entity ID.
+ UserModel userModel = user.getUser().getModel();
+ Integer entityId = userModel.getEntityID();
+ if (entityId == null)
+ return Collections.emptyList();
Review comment:
Ah, OK ... I think I see what you're saying.
For users, `getImplicitPermissions()` contains essentially two distinct sets
of permissions:
1. Those from `IMPLICIT_USER_PERMISSIONS`, which are the permissions that a
newly-created user should have _for themselves_. This consists only of `READ`,
and should successfully be granted to an automatically-created user.
2. Those from `super.getImplicitPermissions()`, which are the permissions
granted to the user creating the object. This consists of several admin-level
permissions, and in this case both can't and shouldn't be granted:
* "Can't" because the user creating the object does not exist.
* "Shouldn't" because automatically-created users shouldn't be magically
granted permission to administer themselves.
Is that correct?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
