This file is indexed.

/usr/lib/ruby/vendor_ruby/chef_zero/endpoints/principal_endpoint.rb is in chef-zero 4.5.0-2.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
require 'ffi_yajl'
require 'chef_zero'
require 'chef_zero/rest_base'

module ChefZero
  module Endpoints
    # /principals/NAME
    class PrincipalEndpoint < RestBase
      def get(request)
        name = request.rest_path[-1]
        # If /organizations/ORG/users/NAME exists, use this user (only org members have precedence over clients).        hey are an org member.
        json = get_data(request, request.rest_path[0..1] + [ 'users', name ], :nil)
        if json
          type = 'user'
          org_member = true
        else
          # If /organizations/ORG/clients/NAME exists, use the client.
          json = get_data(request, request.rest_path[0..1] + [ 'clients', name ], :nil)
          if json
            type = 'client'
            org_member = true
          else
            # If there is no client with that name, check for a user (/users/NAME) and return that with
            # org_member = false.
            json = get_data(request, [ 'users', name ], :nil)
            if json
              type = 'user'
              org_member = false
            end
          end
        end
        if json
          json_response(200, {
            'name' => name,
            'type' => type,
            'public_key' => FFI_Yajl::Parser.parse(json)['public_key'] || PUBLIC_KEY,
            'authz_id' => '0'*32,
            'org_member' => org_member
          })
        else
          error(404, 'Principal not found')
        end
      end
    end
  end
end