[tracker/wip/carlosg/portal: 123/141] libtracker-data: Check graph permissions on graph manipulation syntax
- From: Carlos Garnacho <carlosg src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [tracker/wip/carlosg/portal: 123/141] libtracker-data: Check graph permissions on graph manipulation syntax
- Date: Wed, 19 Feb 2020 11:56:37 +0000 (UTC)
commit 0936c7ff4d66afd15f9b12a267fd3e35c118e36b
Author: Carlos Garnacho <carlosg gnome org>
Date: Sat Jan 25 13:54:20 2020 +0100
libtracker-data: Check graph permissions on graph manipulation syntax
Check when handling CREATE/DROP/ADD/MOVE/COPY that the graph can be
accessed.
src/libtracker-data/tracker-sparql.c | 40 ++++++++++++++++++++++++++++++++++++
1 file changed, 40 insertions(+)
---
diff --git a/src/libtracker-data/tracker-sparql.c b/src/libtracker-data/tracker-sparql.c
index 55d802928..b3c031ea5 100644
--- a/src/libtracker-data/tracker-sparql.c
+++ b/src/libtracker-data/tracker-sparql.c
@@ -3808,6 +3808,14 @@ translate_Drop (TrackerSparql *sparql,
}
for (l = graphs; l; l = l->next) {
+ if (!tracker_sparql_graph_is_whitelisted (sparql, l->data)) {
+ inner_error = g_error_new (TRACKER_SPARQL_ERROR,
+ TRACKER_SPARQL_ERROR_CONSTRAINT,
+ "Graph '%s' disallowed by policy",
+ (const gchar *) l->data);
+ break;
+ }
+
if (!tracker_data_manager_drop_graph (sparql->data_manager,
l->data, &inner_error))
break;
@@ -3846,6 +3854,14 @@ translate_Create (TrackerSparql *sparql,
goto error;
}
+ if (!tracker_sparql_graph_is_whitelisted (sparql, graph_name)) {
+ inner_error = g_error_new (TRACKER_SPARQL_ERROR,
+ TRACKER_SPARQL_ERROR_CONSTRAINT,
+ "Graph '%s' disallowed by policy",
+ graph_name);
+ goto error;
+ }
+
if (!tracker_data_manager_create_graph (sparql->data_manager,
graph_name,
&inner_error))
@@ -3894,6 +3910,14 @@ translate_Add (TrackerSparql *sparql,
goto error;
}
+ if (!tracker_sparql_graph_is_whitelisted (sparql, destination)) {
+ inner_error = g_error_new (TRACKER_SPARQL_ERROR,
+ TRACKER_SPARQL_ERROR_CONSTRAINT,
+ "Graph '%s' disallowed by policy",
+ destination);
+ goto error;
+ }
+
if (destination &&
!tracker_sparql_find_graph (sparql, destination)) {
if (!tracker_data_manager_create_graph (sparql->data_manager,
@@ -3956,6 +3980,14 @@ translate_Move (TrackerSparql *sparql,
goto error;
}
+ if (!tracker_sparql_graph_is_whitelisted (sparql, destination)) {
+ inner_error = g_error_new (TRACKER_SPARQL_ERROR,
+ TRACKER_SPARQL_ERROR_CONSTRAINT,
+ "Graph '%s' disallowed by policy",
+ destination);
+ goto error;
+ }
+
if (destination &&
!tracker_sparql_find_graph (sparql, destination)) {
if (!tracker_data_manager_create_graph (sparql->data_manager,
@@ -4030,6 +4062,14 @@ translate_Copy (TrackerSparql *sparql,
goto error;
}
+ if (!tracker_sparql_graph_is_whitelisted (sparql, destination)) {
+ inner_error = g_error_new (TRACKER_SPARQL_ERROR,
+ TRACKER_SPARQL_ERROR_CONSTRAINT,
+ "Graph '%s' disallowed by policy",
+ destination);
+ goto error;
+ }
+
if (destination &&
!tracker_sparql_find_graph (sparql, destination)) {
if (!tracker_data_manager_create_graph (sparql->data_manager,
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]