From b3d7174a7aafa4e211f813e36463ce93fa16ef1c Mon Sep 17 00:00:00 2001 From: Jose Diaz-Gonzalez Date: Mon, 16 May 2022 00:56:18 -0400 Subject: [PATCH] fix: filter apps when verifying app names This ensures folks can't interact with apps that are hidden from them via the filtering performed in app listing. --- plugins/common/common.go | 5 +++++ plugins/common/functions | 23 ++++++++++++++++++++++- 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/plugins/common/common.go b/plugins/common/common.go index 4039fe7d2..091f15451 100644 --- a/plugins/common/common.go +++ b/plugins/common/common.go @@ -581,6 +581,11 @@ func VerifyAppName(appName string) error { return &AppDoesNotExist{appName} } + apps, _ := filterApps([]string{appName}) + if len(apps) != 1 { + return &AppDoesNotExist{appName} + } + return nil } diff --git a/plugins/common/functions b/plugins/common/functions index 181fccb27..0b4b0c0d0 100755 --- a/plugins/common/functions +++ b/plugins/common/functions @@ -250,6 +250,9 @@ is_valid_app_name_old() { verify_app_name() { declare desc="verify app name format and app existence" declare APP="$1" + export SSH_USER=${SSH_USER:=$USER} + export SSH_NAME=${NAME:="default"} + local VALID_NEW=false local VALID_OLD=false if fn-is-valid-app-name "$APP" 2>/dev/null; then @@ -266,7 +269,25 @@ verify_app_name() { [[ ! -d "$DOKKU_ROOT/$APP" ]] && DOKKU_FAIL_EXIT_CODE=20 dokku_log_fail "App $APP does not exist" - return 0 + local user_auth_count=$(find "$PLUGIN_PATH"/enabled/*/user-auth-app 2>/dev/null | wc -l) + + # no plugin trigger exists + if [[ $user_auth_count == 0 ]]; then + return 0 + fi + + # this plugin trigger exists in the core `20_events` plugin + if [[ "$user_auth_count" == 1 ]] && [[ -f "$PLUGIN_PATH"/enabled/20_events/user-auth-app ]]; then + return 0 + fi + + if output="$(plugn trigger user-auth-app "$SSH_USER" "$SSH_NAME" "$@" "$APP")"; then + if [[ -n "$output" ]]; then + return 0 + fi + fi + + DOKKU_FAIL_EXIT_CODE=20 dokku_log_fail "App $APP does not exist" } verify_image() {