eosfs: update getUser to check uid and gid

Update getUser to verify that uid and gid are not zero to avoid granting access to users by mistake.
cs3org · Mar 19, 2021 · 0cb5c88 · 0cb5c88
1 parent addfc1b
commit 0cb5c88
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/pkg/storage/utils/eosfs/eosfs.go b/pkg/storage/utils/eosfs/eosfs.go
@@ -195,6 +195,12 @@ func getUser(ctx context.Context) (*userpb.User, error) {
 		err := errors.Wrap(errtypes.UserRequired(""), "eos: error getting user from ctx")
 		return nil, err
 	}
+	if u.UidNumber == 0 {
+		return nil, errors.New("eos: invalid user id")
+	}
+	if u.GidNumber == 0 {
+		return nil, errors.New("eos: invalid group id")
+	}
 	return u, nil
 }