DeforaNetworks/corteza
3
0
Fork 0
Code Activity
3,693 Commits 2 Branches 228 Tags
cbc92dcc63f1955ef7dadcdfcb671532f4ce3e03
Commit Graph

837 Commits

Author SHA1 Message Date
Tomaž Jerman
9d44fa8679 Fix RDBMS filter construction for applications and flags 
* Add a new byFlag resource filter feature to support filtering
  using flags.
  False by default since only system applications use it.
* Add filter definitions to flag pkg resource.
* Add support for using []string inside byValue filters.
 2022-07-27 16:53:04 +02:00
Denis Arh
5e8fae37af Fix store layer usage (must be store.<fn>(ctx, svc.store, ...) 2022-07-24 12:34:16 +02:00
Denis Arh
74d0dfd6de Add resource load&check on access-control 2022-07-24 11:50:56 +02:00
Denis Arh
805b160ec0 Add missing and standarize load<resource> functions 2022-07-24 11:49:30 +02:00
Denis Arh
fbde6a559f Cleanup Activate() fn on system servies 2022-07-21 08:37:41 +02:00
Vivek Patel
f160d391f5 Add filters to permissions for role route 
It allows filtering for specific rules and also the rules which are applied to the resource, and not to a specific resource.

Introduces generic methods for RuleSet and FindRules method to access_control generation template.
 2022-07-19 17:30:26 +05:30
Tomaž Jerman
149d75578a Fix/improve DAL integration tests 2022-07-18 18:53:11 +02:00
Jože Fortun
163f04bc6e Make sensitivity level property undefined by default 2022-07-15 15:28:48 +02:00
Tomaž Jerman
85bb86c5cd Refactor sensitivity levels to be consistent with connections 2022-07-15 11:02:14 +02:00
Tomaž Jerman
af8aa9893d Make the connection sensitivity level not required 2022-07-15 09:30:05 +02:00
Denis Arh
44213462a2 Fix RBAC resorce type case for dal resources 2022-07-15 07:17:04 +02:00
Denis Arh
5168310aa4 Refactored credential handling 2022-07-14 21:09:21 +02:00
Peter Grlica
06315c55b8 Forbid password reuse 2022-07-14 21:02:32 +02:00
Denis Arh
cd865edb2b Fix RBAC tracing issue - always append auth roles 
Whenever a RBAC check request is sent for a specific user
all user's roles are loaded. This fix appends authenticated
roles to that user as well.
 2022-07-14 18:01:09 +02:00
Denis Arh
defdc41ec3 Improve RBAC resource handling 2022-07-14 11:07:10 +02:00
Denis Arh
39046c52d0 Harden RBAC and refactor check tracking 
- stricter rule checking when multiple roles have permissions on same
   resource
 - tracking (prev: evaluation) is refactored to stand out less than
   previous solution
 - performance optimization on certain situations (earlier fn return)
 2022-07-14 11:07:10 +02:00
Vivek Patel
d26ca37fe0 Refactor RBAC rule cloning route for role 
It moves role permission cloning under /system/roles from /system/permissions, since cloning action copies all rules, and it can not be limited per-component and also shifted all respective service methods to role service and removed Rbac rule cloning methods from access-control template.
 2022-07-10 15:47:26 +05:30
Tomaž Jerman
f56d61070d Review and add missing col sorting 2022-07-07 09:37:28 +02:00
Denis Arh
bdd9318f93 Refactor and improve DAL implementation and init 
Changes:
 - Boot initialization follows standard impl
 - Improved DAL connection management (adding, reloading, removing)
 - Cleaner and more detailed logging
 - Primary store connection is now reused when added to DAL
 2022-07-01 18:13:54 +02:00
Denis Arh
14d3b7033d Refactor RBAC evaluation processing 2022-06-28 12:53:51 +02:00
Tomaž Jerman
83ba7faa0f Add /permissions/evaluate endpoints to evaluate RBAC rules 2022-06-27 14:28:52 +02:00
Tomaž Jerman
ef503e433f Add missing sorting to application codegen definition 2022-06-16 13:06:23 +02:00
Tomaž Jerman
3b2710a210 Fix improper request kind type casting 2022-06-15 09:53:16 +02:00
Tomaž Jerman
acdda97daa Allow data privacy requests to store the payload 2022-06-14 20:35:42 +02:00
Tomaž Jerman
cbb5dadd9e Temporarily add default sensitivity level with ID 1 2022-06-14 20:35:42 +02:00
Tomaž Jerman
d7be55948c Quick refactor of other services for DAL 
@todo cleanup, refactor
 2022-06-14 12:08:18 +02:00
Tomaž Jerman
033d2572dd Refactor core compose, system services with new DAL changes 
* Define utility packages to work with DAL structs
* Cleanup code
 2022-06-14 12:08:16 +02:00
Vivek Patel
7cdf51adc4 Add data privacy request route and implementation 
- Introduces new role for data-privacy-officer(Role allows user to manage data privacy requests)
- along with a new system resource for data privacy requests and its access control
- Routes as per access control to create data privacy request, list request and filter it based on their kind and status, update data privacy request status, and create/list comments on data privacy request
 2022-06-14 13:17:44 +05:30
Tomaž Jerman
62e43f19d3 Add base DAL crud integration tests 2022-05-31 16:53:01 +02:00
Tomaž Jerman
9bed03a95f Fix dal connection type assertion lapsus 2022-05-31 13:20:57 +02:00
Tomaž Jerman
1be620d787 Tweak dal connection meta for easier FE work 
* Default capabilities to empty slice
* Include primary connection connection parameters in REST
  responses.
 2022-05-31 13:00:21 +02:00
Tomaž Jerman
4517d9b06d Tweak dal connection location for easier FE work 
Default it to the empty geolocation JSON.
 2022-05-30 15:59:28 +02:00
Tomaž Jerman
a70087ace8 Refactor primary DAL connection to be preserved in DB 2022-05-30 15:43:03 +02:00
Tomaž Jerman
35469c4749 Tweak DAL setup to prevent the server freezing 
Errors are now logged and they don't kill the setup process.
This will be improved.
 2022-05-26 18:13:54 +02:00
Tomaž Jerman
a0a6314ea9 Introduce DAL model ident formatter to simplify the interfaces 2022-05-26 17:41:15 +02:00
Tomaž Jerman
94fbe4bd44 Improve DAL sensitivity level 
* Integrate with pkg/dal package
* Additional validation/constraints
 2022-05-26 13:24:16 +02:00
Tomaž Jerman
ac07f133b5 Expand DAL REST API structure and exposed resources 
* Cleanup DAL connection REST endpoints, remove primary connection
  endpoint.
* Make connection search endpoint return federation nodes and
  primary connection along user-defined DAL connections
* Expose DAL connection drivers
* Prepare DAL sensitivity level resource
 2022-05-25 14:10:52 +02:00
Denis Arh
17406362dd Rename Connection to DalConnection 2022-05-24 14:29:22 +02:00
Denis Arh
b6adec8a9c Fix Role filter, add mising name attribute 2022-05-23 20:33:17 +02:00
Tomaž Jerman
bda52ed992 Add endpoint for primary DAL connection 2022-05-20 15:37:33 +02:00
Tomaž Jerman
b85f16a368 Add slight structure rename, add supporting services 
* Add system connection CRUD & service
* Simplify compose type definitions
 2022-05-20 15:37:33 +02:00
Tomaž Jerman
383b07d1d7 Base DAL service integration into Compose services 2022-05-20 15:37:33 +02:00
Peter Grlica
919532b820 Fixed queue and route search in admin 2022-05-19 11:19:18 +02:00
Denis Arh
73266da547 Remove pkg/minions and IsNil 
Replaced with IsNil fn from modern-go/reflect2
 2022-05-18 12:36:30 +02:00
Denis Arh
0a2175f384 Make settings decoding more robust (numbers & strings) 2022-05-09 17:28:11 +02:00
Tomaž Jerman
e6264c8195 Add support for record page button settings 2022-04-26 03:04:03 +02:00
Denis Arh
ac35d569a3 Regenerated code after resource def. fix 2022-04-24 07:36:17 +02:00
Denis Arh
5fe1e63f22 Fix cue resource definitions 2022-04-24 07:36:17 +02:00
Denis Arh
fe107a6cfc Additional error wraps for clarity 2022-04-23 16:34:07 +02:00
Denis Arh
8f1a953697 Fix api-gw store tests, scanners & filters 2022-04-23 16:34:07 +02:00