jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Revert "Also allow docker in containers spawned by an authorized app"

Browse Source 
This reverts commit 4f336a05fc.

This is not required by an app yet. Besides, it breaks tests
This commit is contained in:
Girish Ramakrishnan
2018-08-20 20:10:16 -07:00
parent 89cf8167e6
commit f338e015d5
3 changed files with 2 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/apps.js
+2 -2
View File
@@ -428,10 +428,10 @@ function getByIpAddress(ip, callback) {
assert.strictEqual(typeof ip, 'string');
assert.strictEqual(typeof callback, 'function');
docker.getAppIdByContainerIp(ip, function (error, appId) {
docker.getContainerIdByIp(ip, function (error, containerId) {
if (error) return callback(new AppsError(AppsError.INTERNAL_ERROR, error));
appdb.get(appId, function (error, app) {
appdb.getByContainerId(containerId, function (error, app) {
if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new AppsError(AppsError.NOT_FOUND, 'No such app'));
if (error) return callback(new AppsError(AppsError.INTERNAL_ERROR, error));
src/docker.js
-19
View File
@@ -14,7 +14,6 @@ exports = module.exports = {
deleteContainers: deleteContainers,
createSubcontainer: createSubcontainer,
getContainerIdByIp: getContainerIdByIp,
getAppIdByContainerIp: getAppIdByContainerIp,
inspect: inspect,
inspectByName: inspect,
execContainer: execContainer
@@ -385,24 +384,6 @@ function getContainerIdByIp(ip, callback) {
});
}
function getAppIdByContainerIp(ip, callback) {
assert.strictEqual(typeof ip, 'string');
assert.strictEqual(typeof callback, 'function');
getContainerIdByIp(ip, function (error, containerId) {
if (error) return callback(error);
inspect(containerId, function (error, result) {
if (error) return callback(error);
var appId = result.Config.Labels.appId;
if (!appId) return callback(new Error('No app associated with this ip'));
callback(null, appId);
});
});
}
function inspect(containerId, callback) {
assert.strictEqual(typeof containerId, 'string');
assert.strictEqual(typeof callback, 'function');
src/dockerproxy.js
-1
View File
@@ -27,7 +27,6 @@ function authorizeApp(req, res, next) {
// - block apps not using the docker addon
// - block calls regarding platform containers
// - only allow managing and inspection of containers belonging to the app
// - allow docker to be called from child containers spun of from an authorized app
// make the tests pass for now
if (config.TEST) {