use runt.confirm instead of runt.user.confirm (#1958)

Use runt.confirm instead of runt.user.confirm for Storm permission checks
vertexproject · Nov 16, 2020 · df5e6ce · df5e6ce
1 parent f0d5668
commit df5e6ce
Showing 1 changed file with 28 additions and 28 deletions.
diff --git a/synapse/lib/stormtypes.py b/synapse/lib/stormtypes.py
@@ -220,7 +220,7 @@ async def _libPkgAdd(self, pkgdef):
         Returns:
             dict: The validated storm package definition.
         '''
-        self.runt.user.confirm(('pkg', 'add'), None)
+        self.runt.confirm(('pkg', 'add'), None)
         await self.runt.snap.core.addStormPkg(pkgdef)
 
     async def _libPkgDel(self, name):
@@ -233,7 +233,7 @@ async def _libPkgDel(self, name):
         Returns:
             None
         '''
-        self.runt.user.confirm(('pkg', 'del'), None)
+        self.runt.confirm(('pkg', 'del'), None)
         await self.runt.snap.core.delStormPkg(name)
 
     async def _libPkgList(self):
@@ -276,7 +276,7 @@ async def _libDmonDel(self, iden):
             raise s_exc.NoSuchIden(mesg=mesg)
 
         if dmon.get('user') != self.runt.user.iden:
-            self.runt.user.confirm(('dmon', 'del', iden))
+            self.runt.confirm(('dmon', 'del', iden))
 
         await self.runt.snap.core.delStormDmon(iden)
 
@@ -299,7 +299,7 @@ async def _libDmonLog(self, iden):
         Returns:
             list: A list of messages from the StormDmon.
         '''
-        self.runt.user.confirm(('dmon', 'log'))
+        self.runt.confirm(('dmon', 'log'))
         return await self.runt.snap.core.getStormDmonLog(iden)
 
     async def _libDmonAdd(self, quer, name='noname'):
@@ -319,7 +319,7 @@ async def _libDmonAdd(self, quer, name='noname'):
         Returns:
             str: The iden of the newly created StormDmon.
         '''
-        self.runt.user.confirm(('dmon', 'add'))
+        self.runt.confirm(('dmon', 'add'))
 
         # closure style capture of runtime
         runtprims = await toprim(self.runt.vars)
@@ -362,10 +362,10 @@ async def _checkSvcGetPerm(self, ssvc):
         Helper to handle service.get.* permissions
         '''
         try:
-            self.runt.user.confirm(('service', 'get', ssvc.iden))
+            self.runt.confirm(('service', 'get', ssvc.iden))
         except s_exc.AuthDeny as e:
             try:
-                self.runt.user.confirm(('service', 'get', ssvc.name))
+                self.runt.confirm(('service', 'get', ssvc.name))
             except s_exc.AuthDeny as sub_e:
                 raise e from None
             else:
@@ -385,7 +385,7 @@ async def _libSvcAdd(self, name, url):
             dict: The Storm Service definition.
         '''
 
-        self.runt.user.confirm(('service', 'add'))
+        self.runt.confirm(('service', 'add'))
         sdef = {
             'name': name,
             'url': url,
@@ -402,7 +402,7 @@ async def _libSvcDel(self, iden):
         Returns:
             None: Returns None.
         '''
-        self.runt.user.confirm(('service', 'del'))
+        self.runt.confirm(('service', 'del'))
         return await self.runt.snap.core.delStormSvc(iden)
 
     async def _libSvcGet(self, name):
@@ -448,7 +448,7 @@ async def _libSvcList(self):
         Returns:
             list: A list of Storm Service definitions.
         '''
-        self.runt.user.confirm(('service', 'list'))
+        self.runt.confirm(('service', 'list'))
         retn = []
 
         for ssvc in self.runt.snap.core.getStormSvcs():
@@ -1579,7 +1579,7 @@ async def _methTeleOpen(self, url):
             Proxy: A Storm Proxy representing a Telepath Proxy.
         '''
         scheme = url.split('://')[0]
-        self.runt.user.confirm(('lib', 'telepath', 'open', scheme))
+        self.runt.confirm(('lib', 'telepath', 'open', scheme))
         return Proxy(await self.runt.getTeleProxy(url))
 
 # @registry.registerType
@@ -3411,7 +3411,7 @@ async def _methTriggerGet(self, iden):
         if trigger is None:
             return None
 
-        self.runt.user.confirm(('trigger', 'get'), gateiden=iden)
+        self.runt.confirm(('trigger', 'get'), gateiden=iden)
 
         return Trigger(self.runt, trigger.pack())
 
@@ -3588,7 +3588,7 @@ async def _methUsersAdd(self, name, passwd=None, email=None):
         Returns:
             User: A Storm User object for the new user.
         '''
-        self.runt.user.confirm(('auth', 'user', 'add'))
+        self.runt.confirm(('auth', 'user', 'add'))
         udef = await self.runt.snap.core.addUser(name, passwd=passwd, email=email)
         return User(self.runt, udef['iden'])
 
@@ -3602,7 +3602,7 @@ async def _methUsersDel(self, iden):
         Returns:
             None: Returns None.
         '''
-        self.runt.user.confirm(('auth', 'user', 'del'))
+        self.runt.confirm(('auth', 'user', 'del'))
         await self.runt.snap.core.delUser(iden)
 
 @registry.registerLib
@@ -3668,7 +3668,7 @@ async def _methRolesAdd(self, name):
         Returns:
             Role: A Storm Role object for the new user.
         '''
-        self.runt.user.confirm(('auth', 'role', 'add'))
+        self.runt.confirm(('auth', 'role', 'add'))
         rdef = await self.runt.snap.core.addRole(name)
         return Role(self.runt, rdef['iden'])
 
@@ -3682,7 +3682,7 @@ async def _methRolesDel(self, iden):
         Returns:
             None: Returns None.
         '''
-        self.runt.user.confirm(('auth', 'role', 'del'))
+        self.runt.confirm(('auth', 'role', 'del'))
         await self.runt.snap.core.delRole(iden)
 
 @registry.registerLib
@@ -3795,23 +3795,23 @@ async def _methUserAllowed(self, permname, gateiden=None):
         return await self.runt.snap.core.isUserAllowed(self.valu, perm, gateiden=gateiden)
 
     async def _methUserGrant(self, iden):
-        self.runt.user.confirm(('auth', 'user', 'grant'))
+        self.runt.confirm(('auth', 'user', 'grant'))
         await self.runt.snap.core.addUserRole(self.valu, iden)
 
     async def _methUserRevoke(self, iden):
-        self.runt.user.confirm(('auth', 'user', 'revoke'))
+        self.runt.confirm(('auth', 'user', 'revoke'))
         await self.runt.snap.core.delUserRole(self.valu, iden)
 
     async def _methUserSetRules(self, rules, gateiden=None):
-        self.runt.user.confirm(('auth', 'user', 'set', 'rules'))
+        self.runt.confirm(('auth', 'user', 'set', 'rules'))
         await self.runt.snap.core.setUserRules(self.valu, rules, gateiden=gateiden)
 
     async def _methUserAddRule(self, rule, gateiden=None):
-        self.runt.user.confirm(('auth', 'user', 'set', 'rules'))
+        self.runt.confirm(('auth', 'user', 'set', 'rules'))
         await self.runt.snap.core.addUserRule(self.valu, rule, gateiden=gateiden)
 
     async def _methUserDelRule(self, rule, gateiden=None):
-        self.runt.user.confirm(('auth', 'user', 'set', 'rules'))
+        self.runt.confirm(('auth', 'user', 'set', 'rules'))
         await self.runt.snap.core.delUserRule(self.valu, rule, gateiden=gateiden)
 
     async def _methUserSetEmail(self, email):
@@ -3820,12 +3820,12 @@ async def _methUserSetEmail(self, email):
             await self.runt.snap.core.setUserEmail(self.valu, email)
             return
 
-        self.runt.user.confirm(('auth', 'user', 'set', 'email'))
+        self.runt.confirm(('auth', 'user', 'set', 'email'))
         await self.runt.snap.core.setUserEmail(self.valu, email)
 
     async def _methUserSetAdmin(self, admin, gateiden=None):
 
-        self.runt.user.confirm(('auth', 'user', 'set', 'admin'))
+        self.runt.confirm(('auth', 'user', 'set', 'admin'))
         admin = await tobool(admin)
 
         await self.runt.snap.core.setUserAdmin(self.valu, admin, gateiden=gateiden)
@@ -3835,11 +3835,11 @@ async def _methUserSetPasswd(self, passwd):
         if self.runt.user.iden == self.valu:
             return await self.runt.snap.core.setUserPasswd(self.valu, passwd)
 
-        self.runt.user.confirm(('auth', 'user', 'set', 'passwd'))
+        self.runt.confirm(('auth', 'user', 'set', 'passwd'))
         return await self.runt.snap.core.setUserPasswd(self.valu, passwd)
 
     async def _methUserSetLocked(self, locked):
-        self.runt.user.confirm(('auth', 'user', 'set', 'locked'))
+        self.runt.confirm(('auth', 'user', 'set', 'locked'))
         return await self.runt.snap.core.setUserLocked(self.valu, await tobool(locked))
 
     async def value(self):
@@ -3874,15 +3874,15 @@ async def _methRoleGet(self, name):
         return rdef.get(name)
 
     async def _methRoleSetRules(self, rules, gateiden=None):
-        self.runt.user.confirm(('auth', 'role', 'set', 'rules'))
+        self.runt.confirm(('auth', 'role', 'set', 'rules'))
         await self.runt.snap.core.setRoleRules(self.valu, rules, gateiden=gateiden)
 
     async def _methRoleAddRule(self, rule, gateiden=None):
-        self.runt.user.confirm(('auth', 'role', 'set', 'rules'))
+        self.runt.confirm(('auth', 'role', 'set', 'rules'))
         await self.runt.snap.core.addRoleRule(self.valu, rule, gateiden=gateiden)
 
     async def _methRoleDelRule(self, rule, gateiden=None):
-        self.runt.user.confirm(('auth', 'role', 'set', 'rules'))
+        self.runt.confirm(('auth', 'role', 'set', 'rules'))
         await self.runt.snap.core.delRoleRule(self.valu, rule, gateiden=gateiden)
 
     async def value(self):