From 8cfb94c06cdfe3e6f0ec1ce0154951108bc3df94 Mon Sep 17 00:00:00 2001 From: Joshua Watt Date: Fri, 3 Nov 2023 08:26:32 -0600 Subject: bitbake: hashserv: Add become-user API Adds API that allows a user admin to impersonate another user in the system. This makes it easier to write external services that have external authentication, since they can use a common user account to access the server, then impersonate the logged in user. (Bitbake rev: 71e2f5b52b686f34df364ae1f2fc058f45cd5e18) Signed-off-by: Joshua Watt Signed-off-by: Richard Purdie --- bitbake/lib/hashserv/server.py | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'bitbake/lib/hashserv/server.py') diff --git a/bitbake/lib/hashserv/server.py b/bitbake/lib/hashserv/server.py index f5baa6be78..ca419a1abf 100644 --- a/bitbake/lib/hashserv/server.py +++ b/bitbake/lib/hashserv/server.py @@ -255,6 +255,7 @@ class ServerClient(bb.asyncrpc.AsyncServerConnection): "auth": self.handle_auth, "get-user": self.handle_get_user, "get-all-users": self.handle_get_all_users, + "become-user": self.handle_become_user, } ) @@ -707,6 +708,23 @@ class ServerClient(bb.asyncrpc.AsyncServerConnection): return {"username": username} + @permissions(USER_ADMIN_PERM, allow_anon=False) + async def handle_become_user(self, request): + username = str(request["username"]) + + user = await self.db.lookup_user(username) + if user is None: + raise bb.asyncrpc.InvokeError(f"User {username} doesn't exist") + + self.user = user + + self.logger.info("Became user %s", username) + + return { + "username": self.user.username, + "permissions": self.return_perms(self.user.permissions), + } + class Server(bb.asyncrpc.AsyncServer): def __init__( -- cgit v1.2.3-54-g00ecf