DeforaNetworks/corteza
3
0
Fork 0
Code Activity
3,896 Commits 2 Branches 228 Tags
d7ecbafa669ecebed0051fde337db6606a54eefe
Commit Graph

34 Commits

Author SHA1 Message Date
Denis Arh
6939d9e226 Model definition fixes (dal, index) 2022-09-14 12:18:43 +02:00
Denis Arh
f170760765 Fix RBAC rule filtering 2022-07-28 18:06:19 +02:00
Denis Arh
05bdf6a1d4 Handle RBAC trace req on wildcard resource with contextual roles 2022-07-28 15:55:06 +02:00
Denis Arh
773fe7a602 Prevent error when wildcard resources are requested for RBAC trace 2022-07-28 15:01:16 +02:00
Vivek Patel
fef77a7a47 Refactor rules endpoint 
- Removes specific params
- Improves RuleSet.FilterResource to accept multiple resources
- Rework FindRules method in access-controller tpl
 2022-07-27 22:43:07 +05:30
Denis Arh
74d0dfd6de Add resource load&check on access-control 2022-07-24 11:50:56 +02:00
Denis Arh
bab140a3f9 Skip contextual roles when doing RBAC trace on wildcard resource 2022-07-24 11:45:29 +02:00
Vivek Patel
f160d391f5 Add filters to permissions for role route 
It allows filtering for specific rules and also the rules which are applied to the resource, and not to a specific resource.

Introduces generic methods for RuleSet and FindRules method to access_control generation template.
 2022-07-19 17:30:26 +05:30
Denis Arh
87c65c2591 Fix RBAC tracing issue - handling wildcarded resources 2022-07-14 19:06:29 +02:00
Denis Arh
defdc41ec3 Improve RBAC resource handling 2022-07-14 11:07:10 +02:00
Denis Arh
af077b0edd Add slice.UInt64s, helper type 
Type properly encodes slice of uint64s as JSON array of strings
 2022-07-14 11:07:10 +02:00
Denis Arh
39046c52d0 Harden RBAC and refactor check tracking 
- stricter rule checking when multiple roles have permissions on same
   resource
 - tracking (prev: evaluation) is refactored to stand out less than
   previous solution
 - performance optimization on certain situations (earlier fn return)
 2022-07-14 11:07:10 +02:00
Denis Arh
2b87ef2577 Fix record service tests 2022-07-03 12:19:48 +02:00
Denis Arh
14d3b7033d Refactor RBAC evaluation processing 2022-06-28 12:53:51 +02:00
Tomaž Jerman
83ba7faa0f Add /permissions/evaluate endpoints to evaluate RBAC rules 2022-06-27 14:28:52 +02:00
Denis Arh
773d64636f Refactored store codegen, replace squirrel with goqu 2022-04-23 16:34:04 +02:00
Tomaž Jerman
8e679bf97c Improve namespace export 
* Add RBAC rules
* add resource translations
* slight refactor
 2022-02-25 16:48:25 +01:00
Denis Arh
7bde98697a Corteza discovery 
- It provides mappings of corteza resources(Namespaces, Modules, Records, Users) along with values to corteza discovery indexer.
- It also save recordLogs for create, update, deletion of resources.
- Extend settings to hold discovery enabled/disabled flag
- Adds URL of compose resources for namespace and record and for module still pending, added todo with notes to code
 2022-02-22 17:13:59 +05:30
Vivek Patel
0564fe7190 Add support for role permission cloning 
It clones all RBAC rules from one role to another, but also removes all existing rules from role.
 2021-12-10 00:54:59 +05:30
Denis Arh
a385fe1c18 Fix unstable RBAC check 2021-11-09 15:12:31 +01:00
Denis Arh
179381ef08 Improve workflow & system tests, logging 
A set of changes touching different parts of system
all related to initialization of system users and
groups
 2021-10-03 17:53:41 +02:00
Denis Arh
89ae50dbae Add RBAC functions for workflow for check&grant 2021-07-15 20:36:57 +02:00
Tomaž Jerman
80e60d2f20 Add support for ComposeRecord RBAC rules 2021-07-15 14:29:30 +02:00
Denis Arh
f662d4e794 Add RBAC functions for workflow for check&grant 2021-07-14 10:44:09 +02:00
Denis Arh
20e05280b3 System wide RBAC changes 2021-07-08 11:42:18 +02:00
Denis Arh
46f86dbd21 Role migration 2021-07-08 11:22:11 +02:00
Denis Arh
7941e7ba4a Add general suport for new role types 2021-07-08 11:22:11 +02:00
Denis Arh
b3da377c2d Support context roles support in rbac pkg 2021-07-08 11:22:11 +02:00
Denis Arh
6a6f74d4a6 Refactored resource/role logic 2021-07-08 11:22:11 +02:00
Denis Arh
79ed77a379 Fixed typos across the codebase (can not, cannot) 2021-03-17 17:25:05 +01:00
Tomaž Jerman
26e4832d5c Improve the Envoy package 
- Add support for store decoding
- add support for yaml, csv, jsonl encoding
- refactor, cleanup
 2021-02-24 15:57:44 +01:00
Denis Arh
c299a64086 Removed obsolete importer code, pkg/deinterfacer 2020-11-30 19:51:18 +01:00
Tomaž Jerman
3333394165 Small pkg/rbac changes in exposed methods 2020-11-27 11:19:15 +01:00
Denis Arh
7508659165 RBAC refactored (pkg renamed, init improved) 2020-09-18 07:56:58 +02:00