Docker/portainer
Docker/portainer
1
0
Fork 0
mirror of https://github.com/portainer/portainer.git synced 2025-07-25 08:19:40 +02:00
Code Issues Releases Activity

feat(waiting-room): show and filter by check in [EE-5186] (#8701)

Browse source
This commit is contained in:
Chaim Lev-Ari 2023-04-27 09:22:05 +07:00 committed by GitHub
parent b5771df6a8
commit 4b9c857d85
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
10 changed files with 108 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

13
api/http/security/bouncer.go
View file

@ -1,12 +1,11 @@
package security
import (
"errors"
"fmt"
"net/http"
"strings"
"time"
"github.com/pkg/errors"
httperror "github.com/portainer/libhttp/error"
portainer "github.com/portainer/portainer/api"
"github.com/portainer/portainer/api/apikey"
@ -147,13 +146,19 @@ func (bouncer *RequestBouncer) AuthorizedEdgeEndpointOperation(r *http.Request,
return errors.New("invalid Edge identifier")
}
if endpoint.LastCheckInDate > 0 || endpoint.UserTrusted {
return nil
}
// TrustedEdgeEnvironmentAccess defines a security check for Edge environments, checks if
// the request is coming from a trusted Edge environment
func (bouncer *RequestBouncer) TrustedEdgeEnvironmentAccess(endpoint *portainer.Endpoint) error {
if endpoint.UserTrusted {
return nil
}
settings, err := bouncer.dataStore.Settings().Settings()
if err != nil {
return fmt.Errorf("could not retrieve the settings: %w", err)
return errors.WithMessage(err, "could not retrieve the settings")
}
if !settings.TrustOnFirstConnect {