Add back dynamically-generated-privileged

Author: jeongsoolee09

javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/db/schema.cds

@@ -0,0 +1,11 @@
+namespace advanced_security.dynamically_generated_privileged.sample_entities;
+
+entity Entity1 {
+  Attribute1 : String(100);
+  Attribute2 : String(100)
+}
+
+entity Entity2 {
+  Attribute3 : String(100);
+  Attribute4 : String(100)
+}

javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/dynamically-generated-privileged.expected

@@ -0,0 +1 @@
+bad-authn-authz/DefaultUserIsPrivileged/DynamicallyGeneratedPrivileged.ql

javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/dynamically-generated-privileged.qlref

@@ -0,0 +1,24 @@
+{
+  "name": "@advanced-security/dynamically-generated-privileged",
+  "version": "1.0.0",
+  "dependencies": {
+    "@sap/cds": "*",
+    "express": "^4.17.1",
+    "@cap-js/sqlite": "*"
+  },
+  "scripts": {
+    "start": "cds serve",
+    "watch": "cds watch"
+  },
+  "cds": {
+    "requires": {
+      "service-3": {
+        "kind": "odata",
+        "model": "@example/sample"
+      },
+      "auth": {
+        "impl": "./srv/privileged-user.js"
+      }
+    }
+  }
+}

javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/package.json

@@ -0,0 +1,4 @@
+const cds = require("@sap/cds");
+const app = require("express")();
+
+cds.serve("all").in(app);

javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/server.js

@@ -0,0 +1,12 @@
+/* 1. Creating a custom middleware that fulfills `req.user` */
+
+const cds = require("@sap/cds");
+class CustomPrivilegedUser1 extends cds.User {
+  is() {
+    return true;
+  }
+}
+module.exports = (req, res, next) => {
+  req.user = new CustomPrivilegedUser1("privileged");
+  next();
+};

javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/srv/privileged-user.js

@@ -0,0 +1,36 @@
+using { advanced_security.dynamically_generated_privileged.sample_entities as db_schema } from '../db/schema';
+
+service Service1 @(path: '/service-1') {
+  /* Unrestricted read access to anyone. */
+  @(restrict: [ { grant: 'READ' } ])
+  entity Service1Entity1 as projection on db_schema.Entity1 excluding { Attribute2 }
+
+  /* Read access only to users with access level greater than 2. */
+  @(restrict: [ { grant: 'READ', to: '$user.level > 2' } ])
+  entity Service1Entity2 as projection on db_schema.Entity1 excluding { Attribute1 }
+
+  /* API to talk to Service1. */
+  action send1 (
+    messageToPass : String
+  ) returns String;
+
+  /* API to talk to Service1. */
+  action send2 (
+    messageToPass : String
+  ) returns String;
+
+  /* API to talk to Service1. */
+  action send3 (
+    messageToPass : String
+  ) returns String;
+
+  /* API to talk to Service1. */
+  action send4 (
+    messageToPass : String
+  ) returns String;
+
+  /* API to talk to Service1. */
+  action send5 (
+    messageToPass : String
+  ) returns String;
+}

javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/srv/service1.cds

@@ -0,0 +1,93 @@
+const cds = require("@sap/cds");
+
+class Service1 extends cds.ApplicationService {
+  init() {
+    // const Service2 = await cds.connect.to("service-2");
+    // const { Service2Entity1, Service2Entity2 } = Service2.entities;
+
+    this.on("READ", "Service1Entity1", async (req) => {
+      console.log(req.data.messageToPass);
+    });
+
+    /*
+     * FP: Service1 accessing its own entity that does not
+     * require authorization, with a privileged user.
+     */
+    this.on("send1", async (req) => {
+      return this.tx(
+        { user: new cds.User.Privileged("privileged-user-1") },
+        (tx) =>
+          tx.run(
+            SELECT.from`Service1.Service1Entity1` // Declared in service1.cds
+              .where`Attribute1=${req.data.messageToPass}`
+          )
+      );
+    });
+
+    /*
+     * Error: Service1 accessing its own entity that requires
+     * authorization, with a privileged user.
+     */
+    this.on("send2", async (req) => {
+      return this.tx(
+        { user: new cds.User.Privileged("privileged-user-2") },
+        (tx) =>
+          tx.run(
+            SELECT.from`Service1.Service1Entity2` // Declared in service1.cds
+              .where`Attribute2=${req.data.messageToPass}`
+          )
+      );
+    });
+
+    /*
+     * FP: Service1 accessing a local service's entity that does not
+     * require authorization, with a privileged user.
+     */
+    this.on("send3", async (req) => {
+      return this.tx(
+        { user: new cds.User.Privileged("privileged-user-3") },
+        (tx) =>
+          tx.run(
+            SELECT.from(Service2Entity1) // Declared in service2.cds
+              .where`Attribute3=${req.data.messageToPass}`
+          )
+      );
+    });
+
+    /*
+     * Error: Service1 accessing a local service's entity that
+     * requires authorization, with a privileged user.
+     */
+    this.on("send4", async (req) => {
+      const Service2 = await cds.connect.to("Service2");
+      console.log(Service2);
+      const { Service2Entity1 } = Service2.entities; // Service2Entity1 is undefined!
+      console.log(Service2Entity1);
+      return this.tx(
+        { user: new cds.User.Privileged("privileged-user-4") },
+        (tx) =>
+          tx.run(
+            SELECT.from(Service2Entity1) // Declared in service2.cds
+              .where`Attribute4=${req.data.messageToPass}`
+          )
+      );
+    });
+
+    /*
+     * Warning: Service1 accessing a remote service's entity whose
+     * authorization requirements are unknown.
+     */
+    this.on("send5", async (req) => {
+      return this.tx(
+        { user: new cds.User.Privileged("privileged-user-5") },
+        (tx) =>
+          tx.run(
+            SELECT.from`RemoteEntity` // Assume that it's declared in @example/sample
+              .where`SomeAttribute=${req.data.messageToPass}`
+          )
+      );
+    });
+  }
+}
+
+module.exports = Service1;

javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/srv/service1.js

@@ -0,0 +1,16 @@
+using { advanced_security.dynamically_generated_privileged.sample_entities as db_schema } from '../db/schema';
+
+service Service2 @(path: '/service-2') {
+  /* Unrestricted read access to anyone. */
+  @(restrict: [ { grant: 'READ' } ])
+  entity Service2Entity1 as projection on db_schema.Entity2 excluding { Attribute4 }
+
+  /* Read access only to users with access level greater than 2. */
+  @(restrict: [ { grant: 'READ', to: '$user.level > 2' } ])
+  entity Service2Entity2 as projection on db_schema.Entity2 excluding { Attribute4 }
+
+  /* API to talk to Service2. */
+  action send5 (
+    messageToPass: String
+  ) returns String;
+}

javascript/frameworks/cap/test/queries/bad-authn-authz/misused-privileged-user/dynamically-generated-privileged/srv/service2.cds

@@ -0,0 +1,33 @@
+const cds = require("@sap/cds");
+
+class CustomPrivilegedUser2 extends cds.User {
+  is() {
+    return true;
+  }
+}
+
+module.exports = cds.service.impl(function () {
+  this.on("send2", async (msg) => {
+    /* 3. Creating a cds.User.Privileged directly */
+    const user1 = new cds.User.Privileged("privileged1");
+    this.tx({ user1 }, (tx) =>
+      tx.run(
+        INSERT.into("Service2Entity").entries({
+          url: req._.req.url,
+          user: req.user.id,
+          data: msg.data.messageToPass,
+        }),
+      ),
+    );
+    /* 4. Creating a custom privileged user directly */
+    const user2 = new CustomPrivilegedUser2("privileged2");
+    this.tx({ user2 }, (tx) =>
+      tx.run(
+        INSERT.into("Service2Entity").entries({
+          url: req._.req.url,
+          user: req.user.id,
+        }),
+      ),
+    );
+  });
+});