[pmg-devel] [PATCH api 1/3] UserConfig: virify: check username vs userid

Wolfgang Bumiller w.bumiller at proxmox.com
Fri Feb 9 11:08:30 CET 2018


Since we have both userid and username in the schema and
both have a minimum length of 4, creating a user named 'foo'
was previously possible because the 'username' property was
not checked. Loading the file back in then failed because at
load time, the username 'foo' was too short.

Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
---
 PMG/UserConfig.pm | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/PMG/UserConfig.pm b/PMG/UserConfig.pm
index f1134e4..8ccb8f5 100644
--- a/PMG/UserConfig.pm
+++ b/PMG/UserConfig.pm
@@ -133,6 +133,15 @@ my $verity_entry = sub {
     my ($entry) = @_;
 
     my $errors = {};
+    my $userid = $entry->{userid};
+    if (defined(my $username = $entry->{username})) {
+	if ($userid !~ /^\Q$username\E\@/) {
+	    $errors->{'username'} = 'invalid username for userid';
+	}
+    } else {
+	# make sure the username's length is checked
+	$entry->{username} = ($userid =~ s/\@.*$//r);
+    }
     PVE::JSONSchema::check_prop($entry, $schema, '', $errors);
     if (scalar(%$errors)) {
 	raise "verify entry failed\n", errors => $errors;
-- 
2.11.0




More information about the pmg-devel mailing list