Add a flag to skip all authorization checks

This change adds a flag (`-insecure-skip-authorization`) that allows all users to do all actions. This should only be used in the omegaUp frontend unit tests.
omegaup · Aug 7, 2019 · dd74d94 · dd74d94
1 parent 988607f
commit dd74d94
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 1 deletion.
diff --git a/cmd/omegaup-gitserver/auth.go b/cmd/omegaup-gitserver/auth.go
@@ -304,7 +304,7 @@ func (a *omegaupAuthorization) authorize(
 	}
 
 	requestContext := request.FromContext(ctx)
-	if username == "omegaup:system" {
+	if username == "omegaup:system" || *insecureSkipAuthorization {
 		// This is the frontend, and we trust it completely.
 		requestContext.IsAdmin = true
 		requestContext.CanView = true

diff --git a/cmd/omegaup-gitserver/main.go b/cmd/omegaup-gitserver/main.go
@@ -27,6 +27,11 @@ var (
 		"/etc/omegaup/gitserver/config.json",
 		"gitserver configuration file",
 	)
+	insecureSkipAuthorization = flag.Bool(
+		"insecure-skip-authorization",
+		false,
+		"grant all privileges to all users",
+	)
 	version = flag.Bool("version", false, "Print the version and exit")
 	log     log15.Logger