DeforaNetworks/corteza
3
0
Fork 0
Code Activity
3,679 Commits 2 Branches 228 Tags
805b160ec0093ef132fdd77bae44d66ec3666f18
Commit Graph

121 Commits

Author SHA1 Message Date
Vivek Patel
f160d391f5 Add filters to permissions for role route 
It allows filtering for specific rules and also the rules which are applied to the resource, and not to a specific resource.

Introduces generic methods for RuleSet and FindRules method to access_control generation template.
 2022-07-19 17:30:26 +05:30
Tomaž Jerman
149d75578a Fix/improve DAL integration tests 2022-07-18 18:53:11 +02:00
Denis Arh
39046c52d0 Harden RBAC and refactor check tracking 
- stricter rule checking when multiple roles have permissions on same
   resource
 - tracking (prev: evaluation) is refactored to stand out less than
   previous solution
 - performance optimization on certain situations (earlier fn return)
 2022-07-14 11:07:10 +02:00
Vivek Patel
7cdf51adc4 Add data privacy request route and implementation 
- Introduces new role for data-privacy-officer(Role allows user to manage data privacy requests)
- along with a new system resource for data privacy requests and its access control
- Routes as per access control to create data privacy request, list request and filter it based on their kind and status, update data privacy request status, and create/list comments on data privacy request
 2022-06-14 13:17:44 +05:30
Tomaž Jerman
62e43f19d3 Add base DAL crud integration tests 2022-05-31 16:53:01 +02:00
Denis Arh
773d64636f Refactored store codegen, replace squirrel with goqu 2022-04-23 16:34:04 +02:00
Denis Arh
7bde98697a Corteza discovery 
- It provides mappings of corteza resources(Namespaces, Modules, Records, Users) along with values to corteza discovery indexer.
- It also save recordLogs for create, update, deletion of resources.
- Extend settings to hold discovery enabled/disabled flag
- Adds URL of compose resources for namespace and record and for module still pending, added todo with notes to code
 2022-02-22 17:13:59 +05:30
Denis Arh
e13e429ca9 Add test cases for denied role member management 2022-02-21 12:08:09 +01:00
Denis Arh
8988bf4f9c Fix failing TestAuthExternalSAMLSuccess test 2022-01-22 16:32:51 +01:00
Denis Arh
6c3bef0750 Refactor token-issuer (ex-jwt) to be more robust and configurable 2022-01-21 15:31:10 +01:00
Denis Arh
29a135843f Minor fix of SAML tests, trim endlines in static files 2022-01-18 21:50:18 +01:00
Denis Arh
59ec77e204 Refactor JWT implementation 2022-01-18 21:50:18 +01:00
Denis Arh
3ffa0ef8be Fixing codebase after JWT lib switch 2022-01-11 15:35:05 +01:00
Denis Arh
72999ca692 Replacing dgrijalva/jwt-go with lestrrat-go/jwx 2022-01-11 10:56:17 +01:00
Denis Arh
60020f8510 Upgrade go-chi&co 2022-01-11 10:53:49 +01:00
Denis Arh
771a60abd7 Post dep-upgrade fixes 2022-01-11 10:53:49 +01:00
Vivek Patel
0564fe7190 Add support for role permission cloning 
It clones all RBAC rules from one role to another, but also removes all existing rules from role.
 2021-12-10 00:54:59 +05:30
Tomaž Jerman
59ef8da1ac Fix panicking report filter marshaling when invalid 2021-12-09 15:55:53 +01:00
Tomaž Jerman
597484914d Properly handle ID-like report filter responses 2021-11-15 10:16:17 +01:00
Tomaž Jerman
4b6b52b3f6 Add back-end support for report scenarios 2021-11-10 16:39:21 +01:00
Peter Grlica
94d1e89ac3 Refactored messagebus out of service layer 2021-10-19 08:56:31 +02:00
Denis Arh
832a4557c5 Return default language when there are no headers 
This change also affects test setup: we need to load locale service
without any languages/translations to avoid test flakines
 2021-10-07 15:24:59 +02:00
Vivek Patel
955ea9c0fa Includes disabled entries to APIGw list call 
For APIgw route and filter List API assigned default value 1 to `disabled` filter
 2021-10-05 17:21:28 +05:30
Vivek Patel
a22083573c APIGw updates 
- Fixes filter status update
- Updates search route API param for status
- Updates envoy marshaling for filter
- Fixes/Updated test for route and filter
 2021-10-05 11:57:36 +05:30
Denis Arh
179381ef08 Improve workflow & system tests, logging 
A set of changes touching different parts of system
all related to initialization of system users and
groups
 2021-10-03 17:53:41 +02:00
Tomaž Jerman
dba109abf0 Add missing & fix improper user read AC 2021-10-03 16:24:49 +02:00
Denis Arh
1e5e956195 Cleanup SAML setup, cert loading, fix live-reload 2021-10-02 08:32:45 +02:00
Vivek Patel
d2bff9e3fd Apigw tweaks 
- Add system/apigw tests
- Removes permissions from APIGw filters from each level
 2021-10-01 10:08:58 +02:00
Vivek Patel
b342ec91d8 Fixes token generation in integration test 2021-10-01 10:08:58 +02:00
Vivek Patel
a9c762aacc Fix integration tests 
- Extends helper for integration test with token generation
 2021-09-24 19:24:00 +05:30
Denis Arh
92f225654c Fix access token handling in integration test 2021-09-22 21:23:42 +02:00
Vivek Patel
54cbfe20d8 Adds JWT token generation methods 
- Generates token encoded with user and save it to store
- Updated token generation method usage in Corredor and Impersonalization
 2021-09-22 21:09:55 +02:00
Tomaž Jerman
48a8705053 Resolve SAML initialization issues 
* invalid certificates
* invalid URL
* enabled/disabled
 2021-09-22 11:25:16 +02:00
Denis Arh
1b3a811cfd Add resource limiting for users 2021-09-22 07:16:40 +02:00
Vivek Patel
9f74d5c074 Excludes deleted reminders from reminderList API 
- Adds `includeDeleted` filter to include deleted reminders in reminderList API
 2021-09-21 09:07:17 +05:30
Peter Grlica
b40d93f7c1 Fixed queue integration tests 2021-09-01 12:58:33 +02:00
Denis Arh
dbe05b9eec Fix flaky template integration test 
Now uses statically prefix ("handle-_") + random chars.
 2021-08-31 06:37:54 +02:00
Denis Arh
626f03a9e7 Fix flaky template-creation tests 2021-08-24 00:11:20 +02:00
Denis Arh
af09848dd8 Fix tests (use translation keys) 2021-08-23 19:10:21 +02:00
Denis Arh
92d2de8639 Add *.search RBAC ops check 2021-07-12 08:58:24 +02:00
Vivek Patel
03344782a9 Adds access control check for reminders 2021-07-09 02:00:13 +05:30
Denis Arh
20e05280b3 System wide RBAC changes 2021-07-08 11:42:18 +02:00
Denis Arh
b923953ca5 Removing superuser logic 2021-07-08 11:24:12 +02:00
Denis Arh
6a6f74d4a6 Refactored resource/role logic 2021-07-08 11:22:11 +02:00
Vivek Patel
537791389e Adds integration tests for compose, system and automation 2021-07-02 17:57:51 +05:30
Peter Grlica
a4b61c044e Added integration and unit tests 2021-05-19 11:10:42 +02:00
Vivek Patel
1fd9bdfa7c Extends SCIM implementation to support role membership management 
- Updates request payload for patching group
- Updates tests
 2021-05-11 17:01:03 +05:30
Denis Arh
79ed77a379 Fixed typos across the codebase (can not, cannot) 2021-03-17 17:25:05 +01:00
Tomaž Jerman
d2bd39d61e Add reminder integration tests 2021-03-17 14:51:11 +01:00
Denis Arh
67d0a788df Remove messaging 2021-03-09 07:36:01 +01:00