DeforaNetworks/corteza
3
0
Fork 0
Code Activity
3,733 Commits 2 Branches 228 Tags
d4fbc33f3db2a43ae1ceff15e050652d616575ac
Commit Graph

147 Commits

Author SHA1 Message Date
Denis Arh
89eefa5bc2 Use model/attribute terminology in CUE files 2022-08-01 19:01:19 +02:00
Denis Arh
353d6ad37d Unified CUE file names 2022-08-01 18:22:55 +02:00
Denis Arh
885e633ba2 Improve (cue) codegen performance 2022-08-01 18:17:31 +02:00
Denis Arh
c710aa079d Reduce code & refactor Scan & Value fn 2022-07-30 16:11:06 +02:00
Denis Arh
020b2c75b4 Moved pkg/decoder under fed/service/decoder 2022-07-28 19:44:20 +02:00
Denis Arh
773fe7a602 Prevent error when wildcard resources are requested for RBAC trace 2022-07-28 15:01:16 +02:00
Vivek Patel
fef77a7a47 Refactor rules endpoint 
- Removes specific params
- Improves RuleSet.FilterResource to accept multiple resources
- Rework FindRules method in access-controller tpl
 2022-07-27 22:43:07 +05:30
Denis Arh
5e8fae37af Fix store layer usage (must be store.<fn>(ctx, svc.store, ...) 2022-07-24 12:34:16 +02:00
Denis Arh
74d0dfd6de Add resource load&check on access-control 2022-07-24 11:50:56 +02:00
Denis Arh
805b160ec0 Add missing and standarize load<resource> functions 2022-07-24 11:49:30 +02:00
Vivek Patel
f160d391f5 Add filters to permissions for role route 
It allows filtering for specific rules and also the rules which are applied to the resource, and not to a specific resource.

Introduces generic methods for RuleSet and FindRules method to access_control generation template.
 2022-07-19 17:30:26 +05:30
Denis Arh
cd865edb2b Fix RBAC tracing issue - always append auth roles 
Whenever a RBAC check request is sent for a specific user
all user's roles are loaded. This fix appends authenticated
roles to that user as well.
 2022-07-14 18:01:09 +02:00
Denis Arh
defdc41ec3 Improve RBAC resource handling 2022-07-14 11:07:10 +02:00
Denis Arh
39046c52d0 Harden RBAC and refactor check tracking 
- stricter rule checking when multiple roles have permissions on same
   resource
 - tracking (prev: evaluation) is refactored to stand out less than
   previous solution
 - performance optimization on certain situations (earlier fn return)
 2022-07-14 11:07:10 +02:00
Vivek Patel
d26ca37fe0 Refactor RBAC rule cloning route for role 
It moves role permission cloning under /system/roles from /system/permissions, since cloning action copies all rules, and it can not be limited per-component and also shifted all respective service methods to role service and removed Rbac rule cloning methods from access-control template.
 2022-07-10 15:47:26 +05:30
Tomaž Jerman
f56d61070d Review and add missing col sorting 2022-07-07 09:37:28 +02:00
Denis Arh
2b87ef2577 Fix record service tests 2022-07-03 12:19:48 +02:00
Denis Arh
14d3b7033d Refactor RBAC evaluation processing 2022-06-28 12:53:51 +02:00
Tomaž Jerman
83ba7faa0f Add /permissions/evaluate endpoints to evaluate RBAC rules 2022-06-27 14:28:52 +02:00
Peter Grlica
fb5b0b59f8 Fixed federation uri node generation 2022-05-25 09:41:29 +02:00
Tomaž Jerman
383b07d1d7 Base DAL service integration into Compose services 2022-05-20 15:37:33 +02:00
Denis Arh
47cdee0125 Refactor store migration/upgrade proc 2022-04-26 03:03:47 +02:00
Denis Arh
5fe1e63f22 Fix cue resource definitions 2022-04-24 07:36:17 +02:00
Denis Arh
773d64636f Refactored store codegen, replace squirrel with goqu 2022-04-23 16:34:04 +02:00
Denis Arh
d27955daf3 Add missing locations to cue.fmt make task and re-run formatting 2022-02-09 10:09:47 +01:00
Denis Arh
d103d60a3d Refactor option definitions 2022-02-08 09:13:56 +01:00
Denis Arh
0ea543b2a2 Migrate codegen for fed&automation, remove old def dir 2022-01-26 17:18:34 +01:00
Denis Arh
ef0588f365 Fix federation node-pairing tests 2022-01-22 16:32:51 +01:00
Denis Arh
6c3bef0750 Refactor token-issuer (ex-jwt) to be more robust and configurable 2022-01-21 15:31:10 +01:00
Tomaž Jerman
4b113af9cc Allow content-type header to specify the charset 2022-01-18 21:50:19 +01:00
Denis Arh
59ec77e204 Refactor JWT implementation 2022-01-18 21:50:18 +01:00
Denis Arh
72999ca692 Replacing dgrijalva/jwt-go with lestrrat-go/jwx 2022-01-11 10:56:17 +01:00
Denis Arh
60020f8510 Upgrade go-chi&co 2022-01-11 10:53:49 +01:00
Tomaž Jerman
907cb25ceb Add support for multipart/form-data request parsing 2021-12-21 09:11:51 +01:00
Vivek Patel
0564fe7190 Add support for role permission cloning 
It clones all RBAC rules from one role to another, but also removes all existing rules from role.
 2021-12-10 00:54:59 +05:30
Denis Arh
1c55cee2df Fix access token handling in fed node handshake 2021-09-22 21:29:51 +02:00
Denis Arh
ca86a36a5d Make service actions translatable 
String placeholders are now wrapped with
double curly brackets for consistency
 2021-08-23 19:10:21 +02:00
Denis Arh
9e6d5884c2 Fix RBAC resource checks 2021-08-02 16:11:00 +02:00
Denis Arh
92d2de8639 Add *.search RBAC ops check 2021-07-12 08:58:24 +02:00
Denis Arh
f630a3d9ef Define *.search operations for all resources 2021-07-12 08:58:04 +02:00
Denis Arh
20e05280b3 System wide RBAC changes 2021-07-08 11:42:18 +02:00
Denis Arh
b923953ca5 Removing superuser logic 2021-07-08 11:24:12 +02:00
Denis Arh
46f86dbd21 Role migration 2021-07-08 11:22:11 +02:00
Denis Arh
b3da377c2d Support context roles support in rbac pkg 2021-07-08 11:22:11 +02:00
Denis Arh
6a6f74d4a6 Refactored resource/role logic 2021-07-08 11:22:11 +02:00
Peter Grlica
d450548245 Removed misleading federation etc/ 2021-05-11 17:01:03 +05:30
Denis Arh
79ed77a379 Fixed typos across the codebase (can not, cannot) 2021-03-17 17:25:05 +01:00
Denis Arh
82c76bbe6c Do not decode JSON from body if no POST params are spec. 2021-03-12 14:50:40 +01:00
Peter Grlica
c2d3151c2d Added compose module ID to module mapping endpoint 2021-03-04 14:30:52 +01:00
Peter Grlica
999ef668d1 Renamed social endpoints 2021-03-04 09:06:01 +01:00