bitbake: hashserv: Add become-user API

Adds API that allows a user admin to impersonate another user in the system. This makes it easier to write external services that have external authentication, since they can use a common user account to access the server, then impersonate the logged in user. (Bitbake rev: 71e2f5b52b686f34df364ae1f2fc058f45cd5e18) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Joshua Watt <JPEWhacker@gmail.com> 2023-11-03 08:26:32 -0600
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-11-09 17:33:03 +0000
commit: 8cfb94c06cdfe3e6f0ec1ce0154951108bc3df94 (patch)
tree: 046a6d0d98b0b1bfb1467b2d3e4bbc29b181eb9b /bitbake/lib/hashserv/server.py
parent: 1af725b2eca63fa113cedb6d77eb5c5f1de6e2f0 (diff)
download: poky-8cfb94c06cdfe3e6f0ec1ce0154951108bc3df94.tar.gz
1 files changed, 18 insertions, 0 deletions
diff --git a/bitbake/lib/hashserv/server.py b/bitbake/lib/hashserv/server.py
index f5baa6be78..ca419a1abf 100644
--- a/bitbake/lib/hashserv/server.py
+++ b/bitbake/lib/hashserv/server.py
@@ -255,6 +255,7 @@ class ServerClient(bb.asyncrpc.AsyncServerConnection):
                "auth": self.handle_auth,
                "get-user": self.handle_get_user,
                "get-all-users": self.handle_get_all_users,
+                "become-user": self.handle_become_user,
            }
        )
@@ -707,6 +708,23 @@ class ServerClient(bb.asyncrpc.AsyncServerConnection):
        return {"username": username}
+    @permissions(USER_ADMIN_PERM, allow_anon=False)
+    async def handle_become_user(self, request):
+        username = str(request["username"])
+        user = await self.db.lookup_user(username)
+        if user is None:
+            raise bb.asyncrpc.InvokeError(f"User {username} doesn't exist")
+        self.user = user
+        self.logger.info("Became user %s", username)
+        return {
+            "username": self.user.username,
+            "permissions": self.return_perms(self.user.permissions),
+        }
 class Server(bb.asyncrpc.AsyncServer):
    def __init__(
author	Joshua Watt <JPEWhacker@gmail.com>	2023-11-03 08:26:32 -0600
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2023-11-09 17:33:03 +0000
commit	8cfb94c06cdfe3e6f0ec1ce0154951108bc3df94 (patch)
tree	046a6d0d98b0b1bfb1467b2d3e4bbc29b181eb9b /bitbake/lib/hashserv/server.py
parent	1af725b2eca63fa113cedb6d77eb5c5f1de6e2f0 (diff)
download	poky-8cfb94c06cdfe3e6f0ec1ce0154951108bc3df94.tar.gz

diff --git a/bitbake/lib/hashserv/server.py b/bitbake/lib/hashserv/server.py index f5baa6be78..ca419a1abf 100644 --- a/bitbake/lib/hashserv/server.py +++ b/bitbake/lib/hashserv/server.py
@@ -255,6 +255,7 @@ class ServerClient(bb.asyncrpc.AsyncServerConnection):
255	"auth": self.handle_auth,	255	"auth": self.handle_auth,
256	"get-user": self.handle_get_user,	256	"get-user": self.handle_get_user,
257	"get-all-users": self.handle_get_all_users,	257	"get-all-users": self.handle_get_all_users,
		258	"become-user": self.handle_become_user,
258	}	259	}
259	)	260	)
260		261
@@ -707,6 +708,23 @@ class ServerClient(bb.asyncrpc.AsyncServerConnection):
707		708
708	return {"username": username}	709	return {"username": username}
709		710
		711	@permissions(USER_ADMIN_PERM, allow_anon=False)
		712	async def handle_become_user(self, request):
		713	username = str(request["username"])
		714
		715	user = await self.db.lookup_user(username)
		716	if user is None:
		717	raise bb.asyncrpc.InvokeError(f"User {username} doesn't exist")
		718
		719	self.user = user
		720
		721	self.logger.info("Became user %s", username)
		722
		723	return {
		724	"username": self.user.username,
		725	"permissions": self.return_perms(self.user.permissions),
		726	}
		727
710		728
711	class Server(bb.asyncrpc.AsyncServer):	729	class Server(bb.asyncrpc.AsyncServer):
712	def __init__(	730	def __init__(