[#1940] Reinstated OAuth-less admin_token authentication. Refactored UserIsAdminPlug (freed from checking admin scopes presence).

2020-07-19 21:35:57 +03:00 · 2020-07-19 21:35:57 +03:00 · cf3f8cb72a
commit cf3f8cb72a
parent 5d215fd81f
10 changed files with 169 additions and 242 deletions
--- a/lib/pleroma/plugs/admin_secret_authentication_plug.ex
+++ b/lib/pleroma/plugs/admin_secret_authentication_plug.ex
@ -4,7 +4,9 @@

 defmodule Pleroma.Plugs.AdminSecretAuthenticationPlug do
  import Plug.Conn
+
  alias Pleroma.User
+  alias Pleroma.Plugs.OAuthScopesPlug

  def init(options) do
    options
@ -26,7 +28,7 @@ defmodule Pleroma.Plugs.AdminSecretAuthenticationPlug do

  def authenticate(%{params: %{"admin_token" => admin_token}} = conn) do
    if admin_token == secret_token() do
-      assign(conn, :user, %User{is_admin: true})
+      assign_admin_user(conn)
    else
      conn
    end
@ -36,8 +38,14 @@ defmodule Pleroma.Plugs.AdminSecretAuthenticationPlug do
    token = secret_token()

    case get_req_header(conn, "x-admin-token") do
-      [^token] -> assign(conn, :user, %User{is_admin: true})
+      [^token] -> assign_admin_user(conn)
      _ -> conn
    end
  end
+
+  defp assign_admin_user(conn) do
+    conn
+    |> assign(:user, %User{is_admin: true})
+    |> OAuthScopesPlug.skip_plug()
+  end
 end
--- a/lib/pleroma/plugs/user_is_admin_plug.ex
+++ b/lib/pleroma/plugs/user_is_admin_plug.ex
@ -7,37 +7,18 @@ defmodule Pleroma.Plugs.UserIsAdminPlug do
  import Plug.Conn

  alias Pleroma.User
-  alias Pleroma.Web.OAuth

  def init(options) do
    options
  end

-  def call(%{assigns: %{user: %User{is_admin: true}} = assigns} = conn, _) do
-    token = assigns[:token]
-
-    cond do
-      not Pleroma.Config.enforce_oauth_admin_scope_usage?() ->
-        conn
-
-      token && OAuth.Scopes.contains_admin_scopes?(token.scopes) ->
-        # Note: checking for _any_ admin scope presence, not necessarily fitting requested action.
-        #   Thus, controller must explicitly invoke OAuthScopesPlug to verify scope requirements.
-        #   Admin might opt out of admin scope for some apps to block any admin actions from them.
-        conn
-
-      true ->
-        fail(conn)
-    end
+  def call(%{assigns: %{user: %User{is_admin: true}}} = conn, _) do
+    conn
  end

  def call(conn, _) do
-    fail(conn)
-  end
-
-  defp fail(conn) do
    conn
-    |> render_error(:forbidden, "User is not an admin or OAuth admin scope is not granted.")
+    |> render_error(:forbidden, "User is not an admin.")
    |> halt()
  end
 end