github/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2026-01-09 15:38:03 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1048 from akhilmhdh:fix/remove-import-permission-token

Browse Source 
fix: resolved permission check on imported secrets when using service token
This commit is contained in:
Maidul Islam
2023-10-03 12:38:12 -07:00
committed by GitHub
parent bd8c17d720 f3908e6b2a
commit 7234c014c8
1 changed files with 3 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
backend/src/controllers/v3/secretsController.ts
View File

@@ -3,7 +3,7 @@ import { Types } from "mongoose";
import { EventService, SecretService } from "../../services";
import { eventPushSecrets } from "../../events";
import { BotService } from "../../services";
import { containsGlobPatterns, isValidScope, repackageSecretToRaw } from "../../helpers/secrets";
import { containsGlobPatterns, repackageSecretToRaw } from "../../helpers/secrets";
import { encryptSymmetric128BitHexKeyUTF8 } from "../../utils/crypto";
import { getAllImportedSecrets } from "../../services/SecretImportService";
import { Folder, IServiceTokenData } from "../../models";
@@ -81,8 +81,7 @@ export const getSecretsRaw = async (req: Request, res: Response) => {
secretPath,
requiredPermissions: [PERMISSION_READ_SECRETS]
});
permissionCheckFn = (env: string, secPath: string) =>
isValidScope(req.authData.authPayload as IServiceTokenData, env, secPath);
permissionCheckFn = () => true;
}
const secrets = await SecretService.getSecrets({
@@ -447,8 +446,7 @@ export const getSecrets = async (req: Request, res: Response) => {
secretPath,
requiredPermissions: [PERMISSION_READ_SECRETS]
});
permissionCheckFn = (env: string, secPath: string) =>
isValidScope(req.authData.authPayload as IServiceTokenData, env, secPath);
permissionCheckFn = () => true;
}
const secrets = await SecretService.getSecrets({