User Story #200 (closed)
Opened 18 years ago
Closed 18 years ago
User can run queries and not break security (Read security umbrella)
Reported by: | jamoore | Owned by: | jamoore |
---|---|---|---|
Priority: | critical | Milestone: | 3.0-M3 |
Component: | Security | Keywords: | queries,story114 |
Cc: | Story Points: | n.a. | |
Sprint: | n.a. | Importance: | n.a. |
Total Remaining Time: | n.a. | Estimated Remaining Time: | n.a. |
Description
What this means is that no matter what User A asks, no information should be leaked about User B that's been marked unreadable. An example of this would be the query : " all categories involving the gene X ? " . An subtler leak would be of the form : "how many categories invole the the gene X ? " .
To prevent this, values can't just be nulled through an interceptor, but they should be filtered at the db level. However, the one caveat is that if a user sets such information to unreadable (but leaves it writable) then they can lose data. This, however, should be common sense.
Change History (9)
comment:1 Changed 18 years ago by jmoore
- Keywords iteration2 added
comment:2 Changed 18 years ago by jmoore
comment:3 Changed 18 years ago by jmoore
- Keywords iteration2 removed
Unscheduling this umbrella ticket.
comment:4 Changed 18 years ago by jmoore
- Summary changed from User can run queries and not break security to User can run queries and not break security (Read security umbrella)
r895 has a full battery of read tests. All are passing. For the short-term, this seems to be finished.
comment:5 Changed 18 years ago by jmoore
comment:6 Changed 18 years ago by jmoore
See also #117 for changes and past work (merged with this ticket)
comment:7 Changed 18 years ago by jmoore
r929 reworks the client-side tests.
comment:8 Changed 18 years ago by jmoore
r941 further reworks test.
comment:9 Changed 18 years ago by jmoore
- Resolution set to fixed
- Status changed from new to closed
r789 introduces the filter needed to make this work. See #117 for more.