-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(opensearch): show search results only if user has access permission to the index #5097
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@racnan Can you verify this file changes
crates/router/src/analytics.rs
Outdated
.change_context(UserErrors::InternalServerError) | ||
.change_context(OpenSearchError::UnknownError)?; | ||
let permissions = role_info.get_permissions_set(); | ||
let accessible_indexes: Vec<_> = vec![ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can this permission vector be kept in a common place for both global_search and index_search?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, moved it to a consts file.
analytics::search::msearch_results( | ||
&state.opensearch_client, | ||
req, | ||
&auth.merchant_account.merchant_id, | ||
&auth.merchant_id, | ||
accessible_indexes, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what happens when user has neither of the permissions? accessible_indexes = vec![]?, will msearch run on this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Resolved this by changing the OpenMserchOutput
struct to handle cases when the user has none of the permissions to access indexes.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can you share the the output of this test case
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
eef82cf
to
b5e7678
Compare
.ok_or(OpenSearchError::IndexAccessNotPermittedError(index))?; | ||
analytics::search::search_results(&state.opensearch_client, req, &auth.merchant_id) | ||
.await | ||
.map(ApplicationResponse::Json) | ||
}, | ||
&auth::JWTAuth(Permission::Analytics), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is Analytics permission also required?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Discussed with @lsampras and he suggested to check the Analytics Permission also as of now
…ay/hyperswitch into iatapay-through-hyperswitch-cypress * 'iatapay-through-hyperswitch-cypress' of github.com:juspay/hyperswitch: feat(router): skip apple pay session call if the browser is not Safari (#5136) fix(opensearch): show search results only if user has access permission to the index (#5097) chore(version): 2024.06.27.0 feat(users): add endpoint for terminate auth select (#5135) feat(users): implemented openidconnect (#5124) feat(router): add payments manual-update api (#5045) fix(docs): open-api fix for payment response (#5103) refactor(connector): [AdyenPlatform]Throw 4xx instead of 5xx for source_balance_account (#4990) feat: realtime user analytics (#5098) refactor(connector): added amount conversion framework for cashtocode (#4857) feat(email): Add `auth_id` in email types and send `auth_id` in email URLs (#5120) refactor(connector): add amount framework to payme & Trustpay with googlePay, ApplePay for bluesnap, Noon & Trustpay (#4833) fix(connector): [BOA/CYBS] make risk information message optional (#5107) chore(version): 2024.06.25.1 fix(router): skip serialize if none for assurance_details_required in googlepay session response (#5118) refactor: separate DB queries and HTML creation for payout links (#4967) feat(router): updated `last_used_at` field for apple pay and google pay for CITs (#5087) fix(payment_methods): use existing field value of `nick_name` in db if not sent during request (#5105) chore(version): 2024.06.25.0
…ay/hyperswitch into refactor-error-handling-in-cypress * 'iatapay-through-hyperswitch-cypress' of github.com:juspay/hyperswitch: chore: clean up feat(router): skip apple pay session call if the browser is not Safari (#5136) fix(opensearch): show search results only if user has access permission to the index (#5097) chore(version): 2024.06.27.0 feat(users): add endpoint for terminate auth select (#5135) feat(users): implemented openidconnect (#5124) feat(router): add payments manual-update api (#5045) fix(docs): open-api fix for payment response (#5103) refactor(connector): [AdyenPlatform]Throw 4xx instead of 5xx for source_balance_account (#4990) feat: realtime user analytics (#5098) refactor(connector): added amount conversion framework for cashtocode (#4857) feat(email): Add `auth_id` in email types and send `auth_id` in email URLs (#5120) refactor(connector): add amount framework to payme & Trustpay with googlePay, ApplePay for bluesnap, Noon & Trustpay (#4833) fix(connector): [BOA/CYBS] make risk information message optional (#5107) chore(version): 2024.06.25.1 fix(router): skip serialize if none for assurance_details_required in googlepay session response (#5118) refactor: separate DB queries and HTML creation for payout links (#4967) feat(router): updated `last_used_at` field for apple pay and google pay for CITs (#5087) fix(payment_methods): use existing field value of `nick_name` in db if not sent during request (#5105) chore(version): 2024.06.25.0
Type of Change
Description
/search and /search/{domain} are currently checking for analytics ACL before hitting opensearch and returning results.
Additionally we have to check access permissions per index:
Additional Changes
Motivation and Context
Checking access permissions to an index for a user is necessary to show results appropriately.
How did you test it?
Alternatively, it can also be verified through Postman:
Checklist
cargo +nightly fmt --all
cargo clippy