Skip to content

[v13] ensure moderated file transfers only perform allowed operations#39356

Merged
capnspacehook merged 3 commits intobranch/v13from
capnspacehook/backport/v13/39091
Mar 15, 2024
Merged

[v13] ensure moderated file transfers only perform allowed operations#39356
capnspacehook merged 3 commits intobranch/v13from
capnspacehook/backport/v13/39091

Conversation

@capnspacehook
Copy link
Copy Markdown
Contributor

@capnspacehook capnspacehook commented Mar 14, 2024

Backport of #39091 and #39343.

changelog: only allow necessary operations during moderated file transfers and limit in-flight file transfer requests to one per session

capnspacehook and others added 2 commits March 14, 2024 10:05
@capnspacehook
ensure moderated file transfers only perform allowed operations
e6b8a84 
* ensure moderated file transfers only preform allowed operations

* fix sess test

* wip integration test

* integration test working

* tweak some error messages and test cases

* allow setstat for uploads

* address nits from code review

* expand paths when necessary when creating file transfer request

* improve UX of errors in web UI

* deny request when an invalid user tries to transfer files

* don't allow open requests, they aren't done by the webui

* address feedback

* use a buffered reader when reading the file request, address a few nits
@zmb3 @capnspacehook
Remove unnecessary buffered reader wrapper
359e562
@capnspacehook capnspacehook added backport server-access sftp Issues related to Teleport's SFTP implementation labels Mar 14, 2024
@github-actions github-actions Bot requested review from Tener, avatus and zmb3 March 14, 2024 16:06
@public-teleport-github-review-bot public-teleport-github-review-bot Bot removed the request for review from avatus March 14, 2024 16:23
@capnspacehook capnspacehook added this pull request to the merge queue Mar 14, 2024
Merged via the queue into branch/v13 with commit e00ff25 Mar 15, 2024
@capnspacehook capnspacehook deleted the capnspacehook/backport/v13/39091 branch March 15, 2024 00:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Tener Tener Tener approved these changes

@zmb3 zmb3 zmb3 approved these changes

Assignees

No one assigned

Labels

backport server-access sftp Issues related to Teleport's SFTP implementation size/md

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@capnspacehook @Tener @zmb3