feat(rbac)!: improve validation from source #1643
Open
+1,060
−600
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
PatAKnight
force-pushed
the
rbac-source-validatation
branch
from
9449822
to
c493707
Compare
PatAKnight
force-pushed
the
rbac-source-validatation
branch
from
c493707
to
c3a750b
Compare
PatAKnight
changed the title
PatAKnight
force-pushed
the
rbac-source-validatation
branch
from
c3a750b
to
85fca0b
Compare
PatAKnight
force-pushed
the
rbac-source-validatation
branch
from
85fca0b
to
c2de512
Compare
|
We had an issue with main branch and it was fixed in the latest main:
Can you make rebase one more time? |
plugins/rbac-backend/src/file-permissions/csv-file-watcher.test.ts
Outdated
Show resolved
Hide resolved
PatAKnight
force-pushed
the
rbac-source-validatation
branch
3 times, most recently
from
181cada
to
6346c61
Compare
PatAKnight
force-pushed
the
rbac-source-validatation
branch
2 times, most recently
from
83f4653
to
01844e1
Compare
BREAKING CHANGE: This will lead to more strict validation on the source of permission policies and roles based on the where the first role is defined. Improves the validation of the different sources of permission policies and roles. Aims to make policy definition more consistent. Now checks if a permission policy or role with new member matches the originating role's source and prevents any action if the sources do not match. Exception includes the event of adding new permission policies to the RBAC Admin role defined by the configuration file. Sources include 'REST, 'CSV', 'Configuration', and 'legacy'. Before updating, ensure that you have attempted to migrate all permission policies and roles to a single source. This can be done by checking source information through the REST API and by querying the database. Make updates through one of the available avenues: REST API, CSV file, and the database. To view the originating source for a particular role, query the role-metadata table or use the GET roles endpoint.
PatAKnight
force-pushed
the
rbac-source-validatation
branch
from
01844e1
to
537a493
Compare
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Improves the validation of the different sources of permission policies and roles. Aims to make policy definition more consistent.
Now checks if a permission policy or role with new member matches the originating role's source and prevents any action if the sources do not match. Exception includes the event of adding new permission policies to the RBAC Admin role defined by the configuration file. Sources include 'REST, 'CSV', 'Configuration', and 'legacy'.
Fixes