[katello-devel] Adding new list_permissions rake task
Lukas Zapletal
lzap at redhat.com
Fri Dec 2 13:49:27 UTC 2011
Guys,
I wrote a simple, yet powerful rake task:
# rake list_permissions
It generates a Trac-wiki compatible table of all our controllers and
actions (defined in the current routes.rb) and for each action it finds
corresponding permission from our rules hash. As I am not able to show
source of our permissions lambdas in Ruby 1.8, I put a link into our
gitweb for those who want to check particular rule out.
Simply put, it shows us all actions that are unprotected. And for both
UI and API.
As I will work on API permissions this sprint I will be updating this
page with the latest and greatest list_permissions output:
https://fedorahosted.org/katello/wiki/PermissionRoutesCheck
Feel free to update the page every time you work on permissions.
Those with blank third column are unprotected right now.
We should add this task to our list of pre-release bullets that should
be always checked to prevent security flaws.
--
Later,
Lukas Zapletal | E32E400A
RHN Satellite Engineering
Red Hat Czech s.r.o. Brno
More information about the katello-devel
mailing list