Skip to content

Commit

Permalink
Merge pull request #240 from Boy132/backport/ptero-backup-node-check
Browse files Browse the repository at this point in the history
backups: ensure requesting node is checked
  • Loading branch information
notAreYouScared authored May 18, 2024
2 parents 89d555f + 1742061 commit 45c0cfe
Show file tree
Hide file tree
Showing 2 changed files with 36 additions and 6 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
use App\Extensions\Filesystem\S3Filesystem;
use Symfony\Component\HttpKernel\Exception\ConflictHttpException;
use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
use App\Exceptions\Http\HttpForbiddenException;

class BackupRemoteUploadController extends Controller
{
Expand All @@ -32,18 +33,32 @@ public function __construct(private BackupManager $backupManager)
*/
public function __invoke(Request $request, string $backup): JsonResponse
{
// Get the node associated with the request.
/** @var \App\Models\Node $node */
$node = $request->attributes->get('node');

// Get the size query parameter.
$size = (int) $request->query('size');
if (empty($size)) {
throw new BadRequestHttpException('A non-empty "size" query parameter must be provided.');
}

/** @var \App\Models\Backup $backup */
$backup = Backup::query()->where('uuid', $backup)->firstOrFail();
/** @var \App\Models\Backup $model */
$model = Backup::query()
->where('uuid', $backup)
->firstOrFail();

// Check that the backup is "owned" by the node making the request. This avoids other nodes
// from messing with backups that they don't own.
/** @var \App\Models\Server $server */
$server = $model->server;
if ($server->node_id !== $node->id) {
throw new HttpForbiddenException('You do not have permission to access that backup.');
}

// Prevent backups that have already been completed from trying to
// be uploaded again.
if (!is_null($backup->completed_at)) {
if (!is_null($model->completed_at)) {
throw new ConflictHttpException('This backup is already in a completed state.');
}

Expand All @@ -54,7 +69,7 @@ public function __invoke(Request $request, string $backup): JsonResponse
}

// The path where backup will be uploaded to
$path = sprintf('%s/%s.tar.gz', $backup->server->uuid, $backup->uuid);
$path = sprintf('%s/%s.tar.gz', $model->server->uuid, $model->uuid);

// Get the S3 client
$client = $adapter->getClient();
Expand Down Expand Up @@ -92,7 +107,7 @@ public function __invoke(Request $request, string $backup): JsonResponse
}

// Set the upload_id on the backup in the database.
$backup->update(['upload_id' => $params['UploadId']]);
$model->update(['upload_id' => $params['UploadId']]);

return new JsonResponse([
'parts' => $parts,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
use App\Extensions\Filesystem\S3Filesystem;
use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
use App\Http\Requests\Api\Remote\ReportBackupCompleteRequest;
use App\Exceptions\Http\HttpForbiddenException;

class BackupStatusController extends Controller
{
Expand All @@ -30,8 +31,22 @@ public function __construct(private BackupManager $backupManager)
*/
public function index(ReportBackupCompleteRequest $request, string $backup): JsonResponse
{
// Get the node associated with the request.
/** @var \App\Models\Node $node */
$node = $request->attributes->get('node');

/** @var \App\Models\Backup $model */
$model = Backup::query()->where('uuid', $backup)->firstOrFail();
$model = Backup::query()
->where('uuid', $backup)
->firstOrFail();

// Check that the backup is "owned" by the node making the request. This avoids other nodes
// from messing with backups that they don't own.
/** @var \App\Models\Server $server */
$server = $model->server;
if ($server->node_id !== $node->id) {
throw new HttpForbiddenException('You do not have permission to access that backup.');
}

if ($model->is_successful) {
throw new BadRequestHttpException('Cannot update the status of a backup that is already marked as completed.');
Expand Down

0 comments on commit 45c0cfe

Please sign in to comment.