DeforaNetworks/corteza
DeforaNetworks/corteza
3
0
Fork 0
Code
3,669 Commits 2 Branches 228 Tags
Commit Graph

1014 Commits

Author SHA1 Message Date
Vivek Patel
f160d391f5 Add filters to permissions for role route 
It allows filtering for specific rules and also the rules which are applied to the resource, and not to a specific resource.

Introduces generic methods for RuleSet and FindRules method to access_control generation template.
 2022-07-19 17:30:26 +05:30
Tomaž Jerman
1d5232fc75 Make DAL model management more consistent, deprecate most dalutils 2022-07-18 18:53:11 +02:00
Vivek Patel
56a7bfa821 Add route for listing sensitive modules 
It will list out all the privacy related modules, that have one or more private fields.
 2022-07-18 17:24:37 +05:30
Vivek Patel
07a8fdbbd5 Fix test notification cli command 
Also, addresses issue with SMTP_* env vars value, which were ignored on server startup.
 2022-07-18 17:12:12 +05:30
Tomaž Jerman
85bb86c5cd Refactor sensitivity levels to be consistent with connections 2022-07-15 11:02:14 +02:00
Denis Arh
87c65c2591 Fix RBAC tracing issue - handling wildcarded resources 2022-07-14 19:06:29 +02:00
Tomaž Jerman
f41b7872f4 Add content-type header for generated config.js 2022-07-14 13:52:14 +02:00
Denis Arh
d1d00d7771 Handle new auth options for signature algo & key 2022-07-14 11:09:26 +02:00
Denis Arh
4a27786f27 Cleanup token issuer (auth) code 2022-07-14 11:09:26 +02:00
Denis Arh
defdc41ec3 Improve RBAC resource handling 2022-07-14 11:07:10 +02:00
Denis Arh
af077b0edd Add slice.UInt64s, helper type 
Type properly encodes slice of uint64s as JSON array of strings
 2022-07-14 11:07:10 +02:00
Denis Arh
39046c52d0 Harden RBAC and refactor check tracking 
- stricter rule checking when multiple roles have permissions on same
   resource
 - tracking (prev: evaluation) is refactored to stand out less than
   previous solution
 - performance optimization on certain situations (earlier fn return)
 2022-07-14 11:07:10 +02:00
Vivek Patel
0d9b63635e Add env config for webapp sentry DSN 
Also, updates sentry DSN entry in config.js for webapp
 2022-07-11 14:58:18 +05:30
Denis Arh
23e97f96e4 Remove all pre-2022.9.x migrations 2022-07-04 13:09:41 +02:00
Tomaž Jerman
5d8f00df64 Add content type assertion fallback for JSON file imports 2022-07-04 13:03:49 +02:00
Vivek Patel
c1412615b9 Fix pagination issue in migration of rbac resource rules 2022-07-04 13:03:39 +02:00
Vivek Patel
46e8f4d283 Fix migration of rbac resource rules 2022-07-04 13:02:03 +02:00
Peter Grlica
dada6e40da Removed unnecessary queue consumer property 2022-07-04 13:01:48 +02:00
Peter Grlica
495fac3845 Fix peer-closed connection error 2022-07-04 12:58:19 +02:00
Tomaž Jerman
3643b7d23b Fix resource.Ref eq. check to properly handle wildcard paths 2022-07-04 12:55:05 +02:00
Tomaž Jerman
9f7e87f30e Refactor NS import/export for above changes 2022-07-04 12:55:05 +02:00
Tomaž Jerman
a790c12064 Improve resource referencing 
* Use Ref structs to allow for more context
* Assure constraints
 2022-07-04 12:55:03 +02:00
Tomaž Jerman
f5a4bd9a30 Add additional utilities to work with resources 2022-07-04 12:54:21 +02:00
Vivek Patel
e7a36e26c5 Add env options to enable/disable Compose record action log 
It will enable/disable action log entry for compose record create, update or delete.
 2022-07-04 12:53:39 +02:00
Denis Arh
013053d8a8 Fix label handling (broken after store refactor) 2022-07-03 13:20:00 +02:00
Denis Arh
2b87ef2577 Fix record service tests 2022-07-03 12:19:48 +02:00
Denis Arh
bdd9318f93 Refactor and improve DAL implementation and init 
Changes:
 - Boot initialization follows standard impl
 - Improved DAL connection management (adding, reloading, removing)
 - Cleaner and more detailed logging
 - Primary store connection is now reused when added to DAL
 2022-07-01 18:13:54 +02:00
Denis Arh
61b91a8a6a Cleaned up old store (record, rvalues) code, add missing tests 2022-06-28 19:01:44 +02:00
Denis Arh
14d3b7033d Refactor RBAC evaluation processing 2022-06-28 12:53:51 +02:00
Tomaž Jerman
83ba7faa0f Add /permissions/evaluate endpoints to evaluate RBAC rules 2022-06-27 14:28:52 +02:00
Tomaž Jerman
2afd806c2e Allow sensitive data collection to filter by connectionID 2022-06-14 20:35:42 +02:00
Tomaž Jerman
319ae7e375 Fix improper sensitivity level check when removing attributes 2022-06-14 20:35:42 +02:00
Tomaž Jerman
9adced7a1e Fix attribute panic when adding/removing attributes 2022-06-14 20:35:42 +02:00
Tomaž Jerman
557a573f04 Add base DAL tests 2022-06-14 20:35:42 +02:00
Tomaž Jerman
11e82354fe Temporarily disable DAL for provisioning 2022-06-14 12:08:18 +02:00
Tomaž Jerman
d7be55948c Quick refactor of other services for DAL 
@todo cleanup, refactor
 2022-06-14 12:08:18 +02:00
Tomaž Jerman
8eb062293f Refactor pkg/dal implementation 
* Reworked errors to not brick the system (things keep track of
  issues.
* Reworked internal state management -- keeping invalid things
  present, cleanning up the code, utilizing issues.
* Cleanup/improve error messages
 2022-06-14 12:06:13 +02:00
Vivek Patel
86431fe82f Add rest endpoints for chart translations 
It allows saving/updating yAxis label and metric label translations
 2022-06-14 13:17:44 +05:30
Vivek Patel
7cdf51adc4 Add data privacy request route and implementation 
- Introduces new role for data-privacy-officer(Role allows user to manage data privacy requests)
- along with a new system resource for data privacy requests and its access control
- Routes as per access control to create data privacy request, list request and filter it based on their kind and status, update data privacy request status, and create/list comments on data privacy request
 2022-06-14 13:17:44 +05:30
Tomaž Jerman
c6b26c4e32 Temporary patch for primary connection updating 2022-05-31 13:16:14 +02:00
Tomaž Jerman
4517d9b06d Tweak dal connection location for easier FE work 
Default it to the empty geolocation JSON.
 2022-05-30 15:59:28 +02:00
Tomaž Jerman
a70087ace8 Refactor primary DAL connection to be preserved in DB 2022-05-30 15:43:03 +02:00
Denis Arh
5c317cdbdf Add proper support and access control for record owner 2022-05-26 20:56:33 +02:00
Tomaž Jerman
a0a6314ea9 Introduce DAL model ident formatter to simplify the interfaces 2022-05-26 17:41:15 +02:00
Tomaž Jerman
9223feac95 Omit sensitivity level inclusion check when omitted 2022-05-26 15:12:20 +02:00
Tomaž Jerman
94fbe4bd44 Improve DAL sensitivity level 
* Integrate with pkg/dal package
* Additional validation/constraints
 2022-05-26 13:24:16 +02:00
Denis Arh
aeec20018c Prevent nil pointer dereference inside corredor healthcheck 2022-05-25 15:49:13 +02:00
Tomaž Jerman
ac07f133b5 Expand DAL REST API structure and exposed resources 
* Cleanup DAL connection REST endpoints, remove primary connection
  endpoint.
* Make connection search endpoint return federation nodes and
  primary connection along user-defined DAL connections
* Expose DAL connection drivers
* Prepare DAL sensitivity level resource
 2022-05-25 14:10:52 +02:00
Denis Arh
17406362dd Rename Connection to DalConnection 2022-05-24 14:29:22 +02:00
Denis Arh
dd3d25a5ae Deprecate/remove AUTH_JWT_EXPIRY 
JWT expiration is now controled via AUTH_OAUTH2_ACCESS_TOKEN_LIFETIME
 2022-05-24 10:44:54 +02:00