DeforaNetworks/corteza
3
0
Fork 0
Code Activity
3,693 Commits 2 Branches 228 Tags
cbc92dcc63f1955ef7dadcdfcb671532f4ce3e03
Commit Graph

1020 Commits

Author SHA1 Message Date
Vivek Patel
b41504dbe3 Improve KV related expr types, add r/w locking 
Also extended filter for compose record values
 2022-07-27 14:00:18 +05:30
Vivek Patel
fad8725a63 Fix sensitive level check for data privacy modules 
A module have one or more module field with have a sensitivity level then it will consider as private module.
 2022-07-26 09:30:59 +05:30
Denis Arh
74d0dfd6de Add resource load&check on access-control 2022-07-24 11:50:56 +02:00
Denis Arh
bab140a3f9 Skip contextual roles when doing RBAC trace on wildcard resource 2022-07-24 11:45:29 +02:00
Denis Arh
294d502786 Ensure default connection use finding DAL models 2022-07-21 08:37:52 +02:00
Denis Arh
c99095eba6 Print panic stacktrace directly if LOG_DEBUG is enabled 2022-07-21 08:37:31 +02:00
Vivek Patel
f160d391f5 Add filters to permissions for role route 
It allows filtering for specific rules and also the rules which are applied to the resource, and not to a specific resource.

Introduces generic methods for RuleSet and FindRules method to access_control generation template.
 2022-07-19 17:30:26 +05:30
Tomaž Jerman
1d5232fc75 Make DAL model management more consistent, deprecate most dalutils 2022-07-18 18:53:11 +02:00
Vivek Patel
56a7bfa821 Add route for listing sensitive modules 
It will list out all the privacy related modules, that have one or more private fields.
 2022-07-18 17:24:37 +05:30
Vivek Patel
07a8fdbbd5 Fix test notification cli command 
Also, addresses issue with SMTP_* env vars value, which were ignored on server startup.
 2022-07-18 17:12:12 +05:30
Tomaž Jerman
85bb86c5cd Refactor sensitivity levels to be consistent with connections 2022-07-15 11:02:14 +02:00
Denis Arh
87c65c2591 Fix RBAC tracing issue - handling wildcarded resources 2022-07-14 19:06:29 +02:00
Tomaž Jerman
f41b7872f4 Add content-type header for generated config.js 2022-07-14 13:52:14 +02:00
Denis Arh
d1d00d7771 Handle new auth options for signature algo & key 2022-07-14 11:09:26 +02:00
Denis Arh
4a27786f27 Cleanup token issuer (auth) code 2022-07-14 11:09:26 +02:00
Denis Arh
defdc41ec3 Improve RBAC resource handling 2022-07-14 11:07:10 +02:00
Denis Arh
af077b0edd Add slice.UInt64s, helper type 
Type properly encodes slice of uint64s as JSON array of strings
 2022-07-14 11:07:10 +02:00
Denis Arh
39046c52d0 Harden RBAC and refactor check tracking 
- stricter rule checking when multiple roles have permissions on same
   resource
 - tracking (prev: evaluation) is refactored to stand out less than
   previous solution
 - performance optimization on certain situations (earlier fn return)
 2022-07-14 11:07:10 +02:00
Vivek Patel
0d9b63635e Add env config for webapp sentry DSN 
Also, updates sentry DSN entry in config.js for webapp
 2022-07-11 14:58:18 +05:30
Denis Arh
23e97f96e4 Remove all pre-2022.9.x migrations 2022-07-04 13:09:41 +02:00
Tomaž Jerman
5d8f00df64 Add content type assertion fallback for JSON file imports 2022-07-04 13:03:49 +02:00
Vivek Patel
c1412615b9 Fix pagination issue in migration of rbac resource rules 2022-07-04 13:03:39 +02:00
Vivek Patel
46e8f4d283 Fix migration of rbac resource rules 2022-07-04 13:02:03 +02:00
Peter Grlica
dada6e40da Removed unnecessary queue consumer property 2022-07-04 13:01:48 +02:00
Peter Grlica
495fac3845 Fix peer-closed connection error 2022-07-04 12:58:19 +02:00
Tomaž Jerman
3643b7d23b Fix resource.Ref eq. check to properly handle wildcard paths 2022-07-04 12:55:05 +02:00
Tomaž Jerman
9f7e87f30e Refactor NS import/export for above changes 2022-07-04 12:55:05 +02:00
Tomaž Jerman
a790c12064 Improve resource referencing 
* Use Ref structs to allow for more context
* Assure constraints
 2022-07-04 12:55:03 +02:00
Tomaž Jerman
f5a4bd9a30 Add additional utilities to work with resources 2022-07-04 12:54:21 +02:00
Vivek Patel
e7a36e26c5 Add env options to enable/disable Compose record action log 
It will enable/disable action log entry for compose record create, update or delete.
 2022-07-04 12:53:39 +02:00
Denis Arh
013053d8a8 Fix label handling (broken after store refactor) 2022-07-03 13:20:00 +02:00
Denis Arh
2b87ef2577 Fix record service tests 2022-07-03 12:19:48 +02:00
Denis Arh
bdd9318f93 Refactor and improve DAL implementation and init 
Changes:
 - Boot initialization follows standard impl
 - Improved DAL connection management (adding, reloading, removing)
 - Cleaner and more detailed logging
 - Primary store connection is now reused when added to DAL
 2022-07-01 18:13:54 +02:00
Denis Arh
61b91a8a6a Cleaned up old store (record, rvalues) code, add missing tests 2022-06-28 19:01:44 +02:00
Denis Arh
14d3b7033d Refactor RBAC evaluation processing 2022-06-28 12:53:51 +02:00
Tomaž Jerman
83ba7faa0f Add /permissions/evaluate endpoints to evaluate RBAC rules 2022-06-27 14:28:52 +02:00
Tomaž Jerman
2afd806c2e Allow sensitive data collection to filter by connectionID 2022-06-14 20:35:42 +02:00
Tomaž Jerman
319ae7e375 Fix improper sensitivity level check when removing attributes 2022-06-14 20:35:42 +02:00
Tomaž Jerman
9adced7a1e Fix attribute panic when adding/removing attributes 2022-06-14 20:35:42 +02:00
Tomaž Jerman
557a573f04 Add base DAL tests 2022-06-14 20:35:42 +02:00
Tomaž Jerman
11e82354fe Temporarily disable DAL for provisioning 2022-06-14 12:08:18 +02:00
Tomaž Jerman
d7be55948c Quick refactor of other services for DAL 
@todo cleanup, refactor
 2022-06-14 12:08:18 +02:00
Tomaž Jerman
8eb062293f Refactor pkg/dal implementation 
* Reworked errors to not brick the system (things keep track of
  issues.
* Reworked internal state management -- keeping invalid things
  present, cleanning up the code, utilizing issues.
* Cleanup/improve error messages
 2022-06-14 12:06:13 +02:00
Vivek Patel
86431fe82f Add rest endpoints for chart translations 
It allows saving/updating yAxis label and metric label translations
 2022-06-14 13:17:44 +05:30
Vivek Patel
7cdf51adc4 Add data privacy request route and implementation 
- Introduces new role for data-privacy-officer(Role allows user to manage data privacy requests)
- along with a new system resource for data privacy requests and its access control
- Routes as per access control to create data privacy request, list request and filter it based on their kind and status, update data privacy request status, and create/list comments on data privacy request
 2022-06-14 13:17:44 +05:30
Tomaž Jerman
c6b26c4e32 Temporary patch for primary connection updating 2022-05-31 13:16:14 +02:00
Tomaž Jerman
4517d9b06d Tweak dal connection location for easier FE work 
Default it to the empty geolocation JSON.
 2022-05-30 15:59:28 +02:00
Tomaž Jerman
a70087ace8 Refactor primary DAL connection to be preserved in DB 2022-05-30 15:43:03 +02:00
Denis Arh
5c317cdbdf Add proper support and access control for record owner 2022-05-26 20:56:33 +02:00
Tomaž Jerman
a0a6314ea9 Introduce DAL model ident formatter to simplify the interfaces 2022-05-26 17:41:15 +02:00