There is a security vulnerability in SSH key-generation using GitKraken < v8.0.1. If you used this tool to create SSH keys, please update GitKraken and regenerate. If you need help with this, contact forum-support@opengroup.org

Commit 5776d98a authored by Diego Molteni's avatar Diego Molteni Committed by Sacha Brants
Browse files

fix: check dataset existence on Idempotency evaluation

parent 9401f8e9
This diff is collapsed.
...@@ -131,8 +131,10 @@ export class DatasetHandler { ...@@ -131,8 +131,10 @@ export class DatasetHandler {
const alreadyRegisteredDataset = subproject.enforce_key ? const alreadyRegisteredDataset = subproject.enforce_key ?
await DatasetDAO.getByKey(journalClient, dataset) : await DatasetDAO.getByKey(journalClient, dataset) :
(await DatasetDAO.get(journalClient, dataset))[0]; (await DatasetDAO.get(journalClient, dataset))[0];
await Locker.removeWriteLock(writeLockSession, true); // Keep the lock session if (alreadyRegisteredDataset) {
return alreadyRegisteredDataset; await Locker.removeWriteLock(writeLockSession, true); // Keep the lock session
return alreadyRegisteredDataset;
}
} }
// set gcs URL and LegalTag with the subproject information // set gcs URL and LegalTag with the subproject information
...@@ -434,7 +436,7 @@ export class DatasetHandler { ...@@ -434,7 +436,7 @@ export class DatasetHandler {
// Check authorizations // Check authorizations
if (FeatureFlags.isEnabled(Feature.AUTHORIZATION)) { if (FeatureFlags.isEnabled(Feature.AUTHORIZATION)) {
if(wid.startsWith('W')) { if (wid.startsWith('W')) {
await Auth.isWriteAuthorized(req.headers.authorization, await Auth.isWriteAuthorized(req.headers.authorization,
subproject.acls.admins, subproject.acls.admins,
tenant, subproject.name, req[Config.DE_FORWARD_APPKEY]); tenant, subproject.name, req[Config.DE_FORWARD_APPKEY]);
...@@ -527,7 +529,7 @@ export class DatasetHandler { ...@@ -527,7 +529,7 @@ export class DatasetHandler {
} }
await Auth.isWriteAuthorized(req.headers.authorization, await Auth.isWriteAuthorized(req.headers.authorization,
authGroups,tenant, subproject.name, req[Config.DE_FORWARD_APPKEY]); authGroups, tenant, subproject.name, req[Config.DE_FORWARD_APPKEY]);
} }
// patch datasetOUT with datasetIN // patch datasetOUT with datasetIN
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment