Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Auth policy #210

Merged
merged 24 commits into from Oct 31, 2021
Merged

Auth policy #210

merged 24 commits into from Oct 31, 2021

Conversation

nhoening
Copy link
Contributor

@nhoening nhoening commented Oct 12, 2021
edited

Closes #160

Move towards a more account-based and more central authorization policy.

I split into a few commits for better readability.

@nhoening nhoening mentioned this pull request Oct 12, 2021
Closed
nhoening
nhoening commented Oct 12, 2021
View reviewed changes
flexmeasures/auth/utils.py Outdated Show resolved Hide resolved
@nhoening nhoening requested a review from Flix6x October 12, 2021 19:51
@Flix6x Flix6x mentioned this pull request Oct 14, 2021
Merged
Flix6x
Flix6x requested changes Oct 23, 2021
View reviewed changes
Copy link
Contributor

@Flix6x Flix6x left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I finally got through this big PR, sorry for the delay. I advise to read through all of my comments first before addressing specific ones. This is a really nice and necessary PR. I added an 👀 symbol to my main concerns (e.g. clear naming of test users, and how we intend to use USEF roles in relation to access rights).

flexmeasures/auth/policy.py Outdated Show resolved Hide resolved
flexmeasures/auth/utils.py Outdated Show resolved Hide resolved
flexmeasures/api/v2_0/routes.py Show resolved Hide resolved
flexmeasures/api/dev/sensors.py Show resolved Hide resolved
flexmeasures/api/v2_0/routes.py Show resolved Hide resolved
documentation/concepts/security_auth.rst Outdated Show resolved Hide resolved
documentation/concepts/security_auth.rst Outdated Show resolved Hide resolved
documentation/concepts/inbuilt-smart-functionality.rst Outdated Show resolved Hide resolved
documentation/changelog.rst Outdated Show resolved Hide resolved
flexmeasures/api/common/utils/validators.py Show resolved Hide resolved
@nhoening nhoening requested a review from Flix6x October 30, 2021 22:04
Flix6x
Flix6x approved these changes Oct 31, 2021
View reviewed changes
Copy link
Contributor

@Flix6x Flix6x left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the explanations and changes. Besides addressing one typo, can you also open up a ticket for the incomplete service listings in API v2.0? This concept may need a significant revision so API users can see roles required and roles accepted listed separately.

documentation/concepts/security_auth.rst Outdated Show resolved Hide resolved
@nhoening
Copy link
Contributor Author

I made #227

@nhoening nhoening merged commit 05b0b6c into main Oct 31, 2021
@nhoening nhoening deleted the auth-policy branch October 31, 2021 17:01
@Flix6x Flix6x added this to the 0.8.0 milestone Jan 20, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Flix6x Flix6x Flix6x approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
0.8.0
Development

Successfully merging this pull request may close these issues.

Authorization policy in central place ― allow to protect by account role
2 participants
@nhoening @Flix6x