DeforaNetworks/corteza
DeforaNetworks/corteza
3
0
Fork 0
Code
3,669 Commits 2 Branches 228 Tags
Commit Graph

3669 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Vivek Patel
f160d391f5 Add filters to permissions for role route 
It allows filtering for specific rules and also the rules which are applied to the resource, and not to a specific resource.

Introduces generic methods for RuleSet and FindRules method to access_control generation template.
 2022-07-19 17:30:26 +05:30
Tomaž Jerman
149d75578a Fix/improve DAL integration tests 2022-07-18 18:53:11 +02:00
Tomaž Jerman
1d5232fc75 Make DAL model management more consistent, deprecate most dalutils 2022-07-18 18:53:11 +02:00
Tomaž Jerman
c8179f74d4 Fix boolean field Backward compatibility for alias store codec 
The JSON record value codec properly encoded T/F as "1"/"" but
the plain codec did not.
 2022-07-18 18:40:34 +02:00
Tomaž Jerman
aaa536441b Prevent boot levels from panicking if default language not set 2022-07-18 18:03:18 +02:00
Vivek Patel
56a7bfa821 Add route for listing sensitive modules 
It will list out all the privacy related modules, that have one or more private fields.
 2022-07-18 17:24:37 +05:30
Vivek Patel
07a8fdbbd5 Fix test notification cli command 
Also, addresses issue with SMTP_* env vars value, which were ignored on server startup.
 2022-07-18 17:12:12 +05:30
Tomaž Jerman
88a75784ce Tweak rv sanitizer->value expression interaction 
When record value expression returns null the value gets omitted.
Tweak value sanitizer logic for more consistency.
 2022-07-18 10:01:22 +02:00
Tomaž Jerman
58082d90ca Add missing store tests for privacy resources 2022-07-18 10:01:14 +02:00
Jože Fortun
163f04bc6e Make sensitivity level property undefined by default 2022-07-15 15:28:48 +02:00
Tomaž Jerman
85bb86c5cd Refactor sensitivity levels to be consistent with connections 2022-07-15 11:02:14 +02:00
Tomaž Jerman
af8aa9893d Make the connection sensitivity level not required 2022-07-15 09:30:05 +02:00
Denis Arh
44213462a2 Fix RBAC resorce type case for dal resources 2022-07-15 07:17:04 +02:00
Denis Arh
5168310aa4 Refactored credential handling 2022-07-14 21:09:21 +02:00
Peter Grlica
06315c55b8 Forbid password reuse 2022-07-14 21:02:32 +02:00
Denis Arh
87c65c2591 Fix RBAC tracing issue - handling wildcarded resources 2022-07-14 19:06:29 +02:00
Denis Arh
cd865edb2b Fix RBAC tracing issue - always append auth roles 
Whenever a RBAC check request is sent for a specific user
all user's roles are loaded. This fix appends authenticated
roles to that user as well.
 2022-07-14 18:01:09 +02:00
Tomaž Jerman
f41b7872f4 Add content-type header for generated config.js 2022-07-14 13:52:14 +02:00
Denis Arh
72ae80aaf9 Change snapshot builder image to golang:1.18-buster (from 1.17) 2022-07-14 12:04:53 +02:00
Denis Arh
d1d00d7771 Handle new auth options for signature algo & key 2022-07-14 11:09:26 +02:00
Denis Arh
e5a50a7191 Move auth initialization steps to a dedicated initAuth boot fn 2022-07-14 11:09:26 +02:00
Denis Arh
4a27786f27 Cleanup token issuer (auth) code 2022-07-14 11:09:26 +02:00
Denis Arh
e0f6b349da Merge branch '2022.9.x-fix-rbac-check-tracing' into 2022.9.x 2022-07-14 11:07:31 +02:00
Denis Arh
defdc41ec3 Improve RBAC resource handling 2022-07-14 11:07:10 +02:00
Denis Arh
af077b0edd Add slice.UInt64s, helper type 
Type properly encodes slice of uint64s as JSON array of strings
 2022-07-14 11:07:10 +02:00
Denis Arh
39046c52d0 Harden RBAC and refactor check tracking 
- stricter rule checking when multiple roles have permissions on same
   resource
 - tracking (prev: evaluation) is refactored to stand out less than
   previous solution
 - performance optimization on certain situations (earlier fn return)
 2022-07-14 11:07:10 +02:00
Denis Arh
d209ca3788 Additional integration tests for record reporter 2022-07-14 07:28:06 +02:00
Denis Arh
bb23c84cf4 Support for dimension step translations on charts 2022-07-12 18:35:06 +02:00
Vivek Patel
235a483c15 Update discovery unsigned_long mapping type to long 
It fixes issue with open search container, since it does not support unsigned_long type yet.
Also, fixes mapping list and excludes all disabled resource mappings.
 2022-07-12 15:49:24 +05:30
Vivek Patel
54bfe95800 Add sonarqube GitHub build action 2022-07-11 15:51:05 +05:30
Vivek Patel
0d9b63635e Add env config for webapp sentry DSN 
Also, updates sentry DSN entry in config.js for webapp
 2022-07-11 14:58:18 +05:30
Vivek Patel
d26ca37fe0 Refactor RBAC rule cloning route for role 
It moves role permission cloning under /system/roles from /system/permissions, since cloning action copies all rules, and it can not be limited per-component and also shifted all respective service methods to role service and removed Rbac rule cloning methods from access-control template.
 2022-07-10 15:47:26 +05:30
Tomaž Jerman
2ffe8a2df0 Merge branch '2022.9.x-store-sorted' into 2022.9.x 2022-07-07 09:37:56 +02:00
Tomaž Jerman
937e5b5634 Fix improper unsortable error report construction 2022-07-07 09:37:28 +02:00
Tomaž Jerman
f56d61070d Review and add missing col sorting 2022-07-07 09:37:28 +02:00
Denis Arh
23e97f96e4 Remove all pre-2022.9.x migrations 2022-07-04 13:09:41 +02:00
Tomaž Jerman
5d8f00df64 Add content type assertion fallback for JSON file imports 2022-07-04 13:03:49 +02:00
Vivek Patel
c1412615b9 Fix pagination issue in migration of rbac resource rules 2022-07-04 13:03:39 +02:00
Denis Arh
f7f18af5f4 Update description of AUTH_*_LIFETIME options 2022-07-04 13:03:06 +02:00
Vivek Patel
46e8f4d283 Fix migration of rbac resource rules 2022-07-04 13:02:03 +02:00
Peter Grlica
dada6e40da Removed unnecessary queue consumer property 2022-07-04 13:01:48 +02:00
Tomaž Jerman
8705cbdc0e Fix resource translations not removed when deleting field hint/description 2022-07-04 13:01:26 +02:00
Tomaž Jerman
afd292b982 Fix lapsus with module field res. tr. encoding/decoding pt. 2 2022-07-04 13:01:09 +02:00
Tomaž Jerman
480dc01796 Add missing page button config for create/update svc 2022-07-04 13:00:46 +02:00
Tomaž Jerman
674b62bb89 Fix auth refresh token configuration 
Prior version didn't push refresh exparation forward so
an expired refresh token could be issued.
 2022-07-04 13:00:26 +02:00
Tomaž Jerman
ac0aca7a9c Fix lapsus with module field res. tr. encoding/decoding 2022-07-04 12:59:57 +02:00
Peter Grlica
495fac3845 Fix peer-closed connection error 2022-07-04 12:58:19 +02:00
Peter Grlica
c12385ebaa Handle email confirmation token correctly 2022-07-04 12:58:06 +02:00
Tomaž Jerman
2bddfd6af2 Add missing access control for NS dup 2022-07-04 12:56:26 +02:00
Tomaž Jerman
2fddadc92a Refactor NS clone to reuse export/import core 2022-07-04 12:55:44 +02:00