c03ec2b09318f8fcc0591793cddffd74f5e9941a - platform/system/weaved

commit	c03ec2b09318f8fcc0591793cddffd74f5e9941a	[log] [tgz]
author	Vitaly Buka <vitalybuka@chromium.org>	Sun May 31 23:32:46 2015 -0700
committer	ChromeOS Commit Bot <chromeos-commit-bot@chromium.org>	Mon Jun 01 18:12:17 2015 +0000
tree	ed9c97a01404e3e1f4494e95573c2bc9fb12ecce
parent	835f7e6288aeff0950603f95eb2eda61895b8e67 [diff]

privetd: Compare user scope with minimalRole for local commands

Prived passes current auth scope corresponding to the current
/privet/v3/commands/execute requests to buffet.
Buffet compare scope with minimalRole of requested command and denies
request if scope is not enough.

BUG=brillo:808
TEST=`FEATURES=test emerge-gizmo buffet privetd`

Change-Id: Ib691184460fcd9d099e0688eaeadf831229672aa
Reviewed-on: https://chromium-review.googlesource.com/274234
Tested-by: Vitaly Buka <vitalybuka@chromium.org>
Reviewed-by: Alex Vakulenko <avakulenko@chromium.org>
Commit-Queue: Vitaly Buka <vitalybuka@chromium.org>

buffet/buffet_client.cc[diff]
buffet/dbus_bindings/org.chromium.Buffet.Manager.xml[diff]
buffet/manager.cc[diff]
buffet/manager.h[diff]

4 files changed

tree: ed9c97a01404e3e1f4494e95573c2bc9fb12ecce

buffet/