appsmith icon indicating copy to clipboard operation
appsmith copied to clipboard

Published 20 hours ago verified publisher icon appsmithorg

[Bug]: Default App Viewer role for public applications grants production access to whole workspace

Open Akatroj opened this issue 9 months ago • 2 comments

Is there an existing issue for this?

  • [X] I have searched the existing issues

Description

I'll start by saying I have been on a call yesterday with your team regarding an issue I had. My workspace got bugged and it had the default "App viewer" role configured, despite no application being public. We have fixed this issue by unassigning this role through mongoDB, but I am filing a bug report, because I believe that there is a serious issue with how the public App Viewer role works.

Because the default "App Viewer" role has access to every application in workspace, and these permissions are assigned to the workspace even if only 1 application in this workspace is public, then:

Any role that gives only staging access to this workspace environments, will also give users production access - this happens through the "App viewer" role.

If we have an environment with several applications, only one of which is shared, it makes no sense that the whole workspace will be treated as public and every application will be affected.

I have confirmed my theory and I have provided reproduction steps:

Steps To Reproduce

  1. Create a workspace with 2 applications - let's name them "Shared" and "Not shared".
  2. Configure 2 environments in this workspace - staging and production
  3. Configure the "Shared" application so that it is public via URL.
  4. Create a "staging" role.
    • In the "Application resources" tab, give it edit access to "Not shared" only.
    • In the "Data sources & environments" tab, give it access to datasources, but in "Staging" environment only
  5. Create a user and give him this "Staging role"
  6. When you login as this new user, you can see view access to "Shared" and edit access to "Not shared".
  7. When you go to edit mode for "Not shared", you can switch the environments to production, despite the fact your role does not have access to production environment.

Public Sample App

No response

Environment

Production

Severity

Critical (Broken Production apps)

Issue video log

No response

Version

Self-hosted v1.21

Akatroj avatar May 10 '24 11:05 Akatroj

Can someone recommend a workaround in the meantime?

paulschmeida avatar May 14 '24 11:05 paulschmeida

@paulschmeida We have logged the issue here: https://github.com/appsmithorg/appsmith/issues/33357. We are trying to fix the issue. However that would be up with coming releases, we will try to find a workaround in the meantime to unblock.

sondermanish avatar May 14 '24 15:05 sondermanish

closing the issue as a similar issue #33357 exists

sondermanish avatar Jun 03 '24 06:06 sondermanish