servicecatalog / oscm-dockerbuild

OSCM docker build files.
Apache License 2.0
3 stars 10 forks source link

Protect oscm-maildev access #304

Open GoebelL opened 3 years ago

GoebelL commented 3 years ago

Motivation The access protection to the mail mock is not appropriate for collaborative scenarios. Using this mock implies that also OSCM is not operated with real users. Otherwise all participants would have to expose all their OSCM communication contents including their personal data to the platform administrator, who has access to all mails including password notifications etc. This is not what the users want. The request is to develop a filter application MailLogin, that wraps around the mail mock and provides a form based login to authenticate the requesting user against the BSS Realm and filter out from the mail mock Web UI those emails that the authenticated OSCM user is not authorized to access.

Note: Please check the below acceptance criteria before

Requirement Specification

  1. A User who has the organization administrator role can see all emails that match (in term of point 3) the email address of any of the users in his organization. Reason for this: Due the authentication before, the organization admin is needed to pick and forward the initial passwords of his users)

  2. Users without the organization administrator role can see all emails that match the email address of the user.

  3. An email M matches to a user email address, if this email address, as stored in the user's profile, is either contained in "mail to" (the recipients list) of M, or equals to "mail from" of M (the sender address), or both.

Details The current password protection for the oscm-maildev is implemented in the oscm-proxy start script. This is to be replaced with a web application (MailLogin) that provide a login screen and handles the authentication and authorization against oscm.

Acceptance criteria Preparation: Having OSCM with sample data, create additional users without administrator roles in Supplier and Reseller organization.

Check:

Additional context Consider adaptions required for web service test. To avoid, it may be helpful to add an test setup step that initially inserts the required modification to the compose file (e.g. port mapping), in order to make the mail mock directly accessible as it's now.

GoebelL commented 3 years ago

Hi @kowalczyka,

This is the feature request as discussed today. Let me know if you have any questions or comments.

kowalczyka commented 3 years ago

The only thing which I am not sure about in the issue is Web UI here. Is it considered to be separate UI which works on the top of Maildev API and existing Maildev Web UI would be not accessible anymore?

GoebelL commented 3 years ago

Actually the idea is not to have a second UI on top, but rather a filter application that forwards authorized requests to the existing Web UI mock up. Not sure regarding the filtering of email addresses. It might be necessary to operate the maildev as SMTP relay - see documentation -> https://github.com/maildev/maildev#usage. I guess the addresses are exposed via API in some way.

kowalczyka commented 3 years ago

After checking the documentation I cannot see any possibility to use existing Maildev Web Interface for filtering the emails by recipient.

One of the option to fulfill the requirements descrived would be preparing some simple Web UI which would work on the top of REST API delivered by maildev -https://github.com/maildev/maildev/blob/master/docs/rest.md

Operating the maildev as an SMTP relay requires configuring real SMTP service that will actually send the email to the recipient.