[GitHub] [guacamole-client] necouchman commented on a change in pull request #511: GUACAMOLE-1025: Allow QuickConnect module to configure allowed and/or denied parameters

Tue, 23 Mar 2021 14:31:40 -0700 


necouchman commented on a change in pull request #511:
URL: https://github.com/apache/guacamole-client/pull/511#discussion_r599967911



##########
File path: 
extensions/guacamole-auth-quickconnect/src/main/java/org/apache/guacamole/auth/quickconnect/QuickConnectDirectory.java
##########
@@ -118,5 +136,54 @@ public String create(GuacamoleConfiguration config) throws 
GuacamoleException {
 
         return newConnectionId;
     }
+    
+    /**
+     * Checks the provided GuacamoleConfiguration to make sure the parameters
+     * in the configuration are allowed by the configuration.  If the
+     * allowed parameter configuration option is set, all parameters not
+     * specified will be removed from the config.  If the denied parameter
+     * configuration option is set, any parameters specified by that will be
+     * removed from the configuration.  If neither are set then all parameters
+     * are allowed.
+     * 
+     * @param config
+     *     The GuacamoleConfiguration containing parameters to check against
+     *     configured allowed and denied values.
+     * 
+     * @throws GuacamoleException 
+     *     If guacamole.properties cannot be parsed.
+     */
+    private void checkConfigParameters(GuacamoleConfiguration config) throws 
GuacamoleException {
+        
+        // Get configuration items.
+        List<String> allowedParams = confService.getAllowedParameters();
+        List<String> deniedParams = confService.getDeniedParameters();
+        
+        // Loop through parameters and remove them if they are not allowed.
+        Set<String> setParams = new HashSet<>(config.getParameterNames());
+        for (String key : setParams) {
+            
+            if (allowedParams != null
+                    && !allowedParams.isEmpty()
+                    && !allowedParams.contains(key)) {
+                
+                logger.debug("Parameter \"{}\" is not allowed and will be 
removed.",
+                        key);
+                config.unsetParameter(key);
+            
+            }
+            
+            if (deniedParams != null
+                    && !deniedParams.isEmpty()
+                    && deniedParams.contains(key)) {
+                
+                logger.debug("Parameter \"{}\" has been denied and will be 
removed.",
+                        key);
+                config.unsetParameter(key);
+                
+            }
+        }

Review comment:
       Wow. Yes.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to