DeforaNetworks/corteza
3
0
Fork 0
Code Activity
3,669 Commits 2 Branches 228 Tags
f160d391f5a32cbaaf0eeda3f96317ebc19c4db9
Commit Graph

668 Commits

Author SHA1 Message Date
Vivek Patel
f160d391f5 Add filters to permissions for role route 
It allows filtering for specific rules and also the rules which are applied to the resource, and not to a specific resource.

Introduces generic methods for RuleSet and FindRules method to access_control generation template.
 2022-07-19 17:30:26 +05:30
Tomaž Jerman
1d5232fc75 Make DAL model management more consistent, deprecate most dalutils 2022-07-18 18:53:11 +02:00
Vivek Patel
56a7bfa821 Add route for listing sensitive modules 
It will list out all the privacy related modules, that have one or more private fields.
 2022-07-18 17:24:37 +05:30
Tomaž Jerman
88a75784ce Tweak rv sanitizer->value expression interaction 
When record value expression returns null the value gets omitted.
Tweak value sanitizer logic for more consistency.
 2022-07-18 10:01:22 +02:00
Jože Fortun
163f04bc6e Make sensitivity level property undefined by default 2022-07-15 15:28:48 +02:00
Denis Arh
cd865edb2b Fix RBAC tracing issue - always append auth roles 
Whenever a RBAC check request is sent for a specific user
all user's roles are loaded. This fix appends authenticated
roles to that user as well.
 2022-07-14 18:01:09 +02:00
Denis Arh
defdc41ec3 Improve RBAC resource handling 2022-07-14 11:07:10 +02:00
Denis Arh
39046c52d0 Harden RBAC and refactor check tracking 
- stricter rule checking when multiple roles have permissions on same
   resource
 - tracking (prev: evaluation) is refactored to stand out less than
   previous solution
 - performance optimization on certain situations (earlier fn return)
 2022-07-14 11:07:10 +02:00
Denis Arh
bb23c84cf4 Support for dimension step translations on charts 2022-07-12 18:35:06 +02:00
Vivek Patel
d26ca37fe0 Refactor RBAC rule cloning route for role 
It moves role permission cloning under /system/roles from /system/permissions, since cloning action copies all rules, and it can not be limited per-component and also shifted all respective service methods to role service and removed Rbac rule cloning methods from access-control template.
 2022-07-10 15:47:26 +05:30
Tomaž Jerman
f56d61070d Review and add missing col sorting 2022-07-07 09:37:28 +02:00
Tomaž Jerman
5d8f00df64 Add content type assertion fallback for JSON file imports 2022-07-04 13:03:49 +02:00
Tomaž Jerman
8705cbdc0e Fix resource translations not removed when deleting field hint/description 2022-07-04 13:01:26 +02:00
Tomaž Jerman
afd292b982 Fix lapsus with module field res. tr. encoding/decoding pt. 2 2022-07-04 13:01:09 +02:00
Tomaž Jerman
480dc01796 Add missing page button config for create/update svc 2022-07-04 13:00:46 +02:00
Tomaž Jerman
ac0aca7a9c Fix lapsus with module field res. tr. encoding/decoding 2022-07-04 12:59:57 +02:00
Tomaž Jerman
2fddadc92a Refactor NS clone to reuse export/import core 2022-07-04 12:55:44 +02:00
Tomaž Jerman
9f7e87f30e Refactor NS import/export for above changes 2022-07-04 12:55:05 +02:00
Vivek Patel
e7a36e26c5 Add env options to enable/disable Compose record action log 
It will enable/disable action log entry for compose record create, update or delete.
 2022-07-04 12:53:39 +02:00
Denis Arh
0954c0d638 Cleanup and fix compose module tests 2022-07-03 13:20:16 +02:00
Denis Arh
2b87ef2577 Fix record service tests 2022-07-03 12:19:48 +02:00
Denis Arh
bdd9318f93 Refactor and improve DAL implementation and init 
Changes:
 - Boot initialization follows standard impl
 - Improved DAL connection management (adding, reloading, removing)
 - Cleaner and more detailed logging
 - Primary store connection is now reused when added to DAL
 2022-07-01 18:13:54 +02:00
Denis Arh
61b91a8a6a Cleaned up old store (record, rvalues) code, add missing tests 2022-06-28 19:01:44 +02:00
Denis Arh
9ce63f1210 Implement ownership access-control on record creation 
Besides "owner.manage" on record resoure we now also have
"owned-record.create" on module.
 2022-06-28 15:58:57 +02:00
Denis Arh
42f94b6395 Remove obsolete record service event-emiting control 2022-06-28 14:33:19 +02:00
Denis Arh
d5ab4c7eba Improve record-service, return struct not interface 2022-06-28 14:31:50 +02:00
Denis Arh
14d3b7033d Refactor RBAC evaluation processing 2022-06-28 12:53:51 +02:00
Tomaž Jerman
83ba7faa0f Add /permissions/evaluate endpoints to evaluate RBAC rules 2022-06-27 14:28:52 +02:00
Peter Grlica
f7fc2f10dd Removed required status on fields in record delete 
Delete record workflow function removed required field status on
namespace and module.
 2022-06-22 10:13:52 +02:00
Jože Fortun
c535e3a91e Add wrap field to PageBlockStyle struct 2022-06-17 14:20:25 +02:00
Tomaž Jerman
cfed35d639 Prevent connection change for existing modules 2022-06-14 20:35:42 +02:00
Tomaž Jerman
71b3aacae5 Fix edgecase where empty sets would return 2022-06-14 20:35:42 +02:00
Tomaž Jerman
91552f607f Fix inconsistent naming for private data endpoint 2022-06-14 20:35:42 +02:00
Tomaž Jerman
2afd806c2e Allow sensitive data collection to filter by connectionID 2022-06-14 20:35:42 +02:00
Tomaž Jerman
2497dead2e Temporarily use the field's private flag for sensitive data collection 2022-06-14 20:35:42 +02:00
Tomaž Jerman
44f41fb10b Make some module model REST params optional 2022-06-14 20:35:42 +02:00
Tomaž Jerman
c5482777aa Fix improper record filter construction 2022-06-14 20:35:42 +02:00
Tomaž Jerman
ffb8dc1473 Add missing JSON tag params 2022-06-14 20:35:42 +02:00
Tomaž Jerman
4d9a2d0181 Add POC endpoint for sensitive data collection 2022-06-14 20:35:42 +02:00
Tomaž Jerman
d7be55948c Quick refactor of other services for DAL 
@todo cleanup, refactor
 2022-06-14 12:08:18 +02:00
Tomaž Jerman
033d2572dd Refactor core compose, system services with new DAL changes 
* Define utility packages to work with DAL structs
* Cleanup code
 2022-06-14 12:08:16 +02:00
Tomaž Jerman
e05abe960d Add missing module filter to module field search 2022-06-14 13:17:44 +05:30
Vivek Patel
86431fe82f Add rest endpoints for chart translations 
It allows saving/updating yAxis label and metric label translations
 2022-06-14 13:17:44 +05:30
Vivek Patel
7cdf51adc4 Add data privacy request route and implementation 
- Introduces new role for data-privacy-officer(Role allows user to manage data privacy requests)
- along with a new system resource for data privacy requests and its access control
- Routes as per access control to create data privacy request, list request and filter it based on their kind and status, update data privacy request status, and create/list comments on data privacy request
 2022-06-14 13:17:44 +05:30
Tomaž Jerman
de1f3a908e Make value validators properly translate error messages 2022-06-10 10:34:08 +02:00
Tomaž Jerman
8de5fe8502 Add canManageOwnerOnRecord to record response 2022-06-02 13:25:57 +02:00
Tomaž Jerman
9610e35073 Add REST API params for compose record owner 2022-06-02 12:38:51 +02:00
Tomaž Jerman
62e43f19d3 Add base DAL crud integration tests 2022-05-31 16:53:01 +02:00
Tomaž Jerman
a2606ea58d Mark additional Compose resource fields as sortable 2022-05-30 10:57:27 +02:00
Denis Arh
5c317cdbdf Add proper support and access control for record owner 2022-05-26 20:56:33 +02:00