luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

ui/mounts: Add a better error message when permission is denied (#4624) 

* ui/mounts: Add a better error message when permission is denied

* Update logical_system.go
This commit is contained in:
Brian Kassouf 2018-05-23 17:47:54 -07:00 committed by GitHub
parent 7749f3cb3f
commit 210df327d1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
vault/logical_system.go
View File

@ -3598,11 +3598,13 @@ func (b *SystemBackend) pathInternalUIMountRead(ctx context.Context, req *logica
}
path = sanitizeMountPath(path)
errResp := logical.ErrorResponse(fmt.Sprintf("Preflight capability check returned 403, please ensure client's policies grant access to path \"%s\"", path))
me := b.Core.router.MatchingMountEntry(path)
if me == nil {
// Return a permission denied error here so this path cannot be used to
// brute force a list of mounts.
return nil, logical.ErrPermissionDenied
return errResp, logical.ErrPermissionDenied
}
resp := &logical.Response{
@ -3616,11 +3618,11 @@ func (b *SystemBackend) pathInternalUIMountRead(ctx context.Context, req *logica
return nil, err
}
if entity != nil && entity.Disabled {
return nil, logical.ErrPermissionDenied
return errResp, logical.ErrPermissionDenied
}
if !hasMountAccess(acl, me.Path) {
return nil, logical.ErrPermissionDenied
return errResp, logical.ErrPermissionDenied
}
return resp, nil