#!/usr/bin/perl
#------------------------------------------------------------------------------
# Must Be Owner
#
# This broker filter script overrides P4D default behaviour, requiring that
# the user running the specified command to edit/view a spec must be the
# owner of the given spec, or else their command is rejected. For example,
# if you do 'p4 client' p4 'p4 client -o MyWS', you must own the indicated
# workspace. Super users bypass this always.
#
# Enable in the broker config file like this example for various commands:
#
# command: ^branch|client|label|group$
# {
# action = filter;
# checkauth = true;
# execute = /p4/common/hms/scripts/broker_must_be_owner.pl;
# }
use strict;
my $User;
my $Cmd;
my $AccessLevel;
my $UpdateTime;
my $ClientSpecName;
my $SpecName;
my $SpecOwner;
while (<STDIN>) {
if (/^user: /) {
$User = $_;
chomp $User;
$User =~ s/^user: //;
}
if (/^command: /) {
$Cmd = $_;
chomp $Cmd;
$Cmd =~ s/^command: //;
}
if (/^workspace: /) {
$ClientSpecName = $_;
$ClientSpecName =~ s/^workspace: //;
chomp $ClientSpecName;
}
# If we see certain flags that take an argument, like '-S <stream>' or
# '-t <template>', ignore them and skip the next argument.
if (/^Arg\d+: -(S|t)/) {
readline;
next;
}
# Ignore all remaining '-' flags, so only the spec name remains.
if (/^Arg\d+: -/) {
next;
}
if (/^Arg\d+: /) {
$SpecName = $_;
$SpecName =~ s/^Arg\d+: //;
chomp $SpecName;
}
}
if ( ! $Cmd ) {
print "action: REJECT\n";
print "message: \"Data Leakage Protection: Internal Error, could not determine Cmd.\"\n";
exit (0);
}
if ( ! $User ) {
print "action: REJECT\n";
print "message: \"Data Leakage Protection: Internal Error, could not determine User.\"\n";
exit (0);
}
$AccessLevel=`$ENV{P4BIN} protects -m -u $User`;
chomp $AccessLevel;
if ($AccessLevel eq "super") {
print "action: PASS\n";
exit (0);
}
if ( ! $SpecName ) {
# Special case for the 'p4 client' command; a default for the client
# spec name (if unspecified) is the current workspace from the
# environment context.
if ($ClientSpecName) {
$SpecName = $ClientSpecName;
} else {
print "action: REJECT\n";
print "message: \"Data Leakage Protection: Internal Error, could not determine SpecName.\"\n";
exit (0);
}
}
# If the spec doesn't yet exist, the user is creating or querying
# a non-existent spec. Allow the command to pass.
$UpdateTime=`$ENV{P4BIN} -ztag -F %Update% $Cmd -o $SpecName`;
chomp $UpdateTime;
if ($UpdateTime eq "") {
print "action: PASS\n";
exit (0);
}
$SpecOwner=`$ENV{P4BIN} -ztag -F %Owner% $Cmd -o $SpecName`;
chomp $SpecOwner;
if ($User eq $SpecOwner) {
print "action: PASS\n";
exit (0);
}
print "action: REJECT\n";
print "message: \"Data Leakage Protection: The command 'p4 $Cmd' requires super access or ownership of the $Cmd spec on this server.\"\n";
exit (0);