RBAC integration #168
Merged
RBAC integration #168
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Vasyl-9
requested changes
May 14, 2024
rest/src/main/java/com/netflix/conductor/rest/rbac/RbacDbHandler.java
Outdated
Show resolved
Hide resolved
rest/src/main/java/com/netflix/conductor/rest/rbac/RbacHttpFilter.java
Outdated
Show resolved
Hide resolved
rest/src/main/java/com/netflix/conductor/rest/rbac/RbacHttpFilter.java
Outdated
Show resolved
Hide resolved
rest/src/main/java/com/netflix/conductor/rest/rbac/RbacHttpFilter.java
Outdated
Show resolved
Hide resolved
rest/src/main/java/com/netflix/conductor/rest/rbac/RbacProperties.java
Outdated
Show resolved
Hide resolved
rest/src/main/java/com/netflix/conductor/rest/rbac/RbacHttpFilter.java
Outdated
Show resolved
Hide resolved
rest/src/main/java/com/netflix/conductor/rest/rbac/RbacAccessAspect.java
Outdated
Show resolved
Hide resolved
rest/src/main/java/com/netflix/conductor/rest/rbac/RbacAccessAspect.java
Outdated
Show resolved
Hide resolved
Vasyl-9
requested changes
May 21, 2024
es6-persistence/src/main/java/com/netflix/conductor/es6/dao/index/ElasticSearchRestDAOV6.java
Outdated
Show resolved
Hide resolved
redis-persistence/src/main/java/com/netflix/conductor/redis/dao/RedisExecutionDAO.java
Outdated
Show resolved
Hide resolved
redis-persistence/src/main/java/com/netflix/conductor/redis/dao/RedisMetadataDAO.java
Outdated
Show resolved
Hide resolved
redis-persistence/src/main/java/com/netflix/conductor/redis/dao/RedisMetadataDAO.java
Outdated
Show resolved
Hide resolved
rest/src/main/java/com/netflix/conductor/rest/rbac/RbacAccessAspect.java
Outdated
Show resolved
Hide resolved
rest/src/main/java/com/netflix/conductor/rest/rbac/RbacProperties.java
Outdated
Show resolved
Hide resolved
rest/src/main/java/com/netflix/conductor/rest/rbac/UserType.java
Outdated
Show resolved
Hide resolved
Vasyl-9
requested changes
May 28, 2024
redis-persistence/src/main/java/com/netflix/conductor/redis/dao/RedisMetadataDAO.java
Outdated
Show resolved
Hide resolved
Vasyl-9
approved these changes
May 29, 2024
JumasJM
force-pushed
the
rbac_int
branch
3 times, most recently
from
60fe504
to
4dcaf94
Compare
PR includes: - RBAC integretion in 'rest' module - updated tests - added dependencies in build.gradle files - V3 schema in archive module for storing roles and groups from json_data into rbac_labels - javadoc Added new package 'rbac' to rest sub-module with sub-package 'annotations' for spring AOP. Added new classes: RbacHttpFilter First step of validation. Handles: - no validation healthcheck - stores all groups and roles values from request - creates object of type UserType for further processing - prevents triggering endpoints when request is not validated RbacAccessAspect Aspect class for handling annotated rest controller methods. Handles: - triggering methods only accessible by admin - triggering BulkResponse methods and modifing returned object - triggering methods that require certain parameters in path or in body of request - when user has not access, 403 is thrown RbacDbHandler Validation of certain parameteres before reaching endpoints and returning of certain object (omitting direct endpoints). Handles: - checks if certain parameters are present in db and if user has access due to provided values in groups and roles of header - returns all Task/Workflow definitions and SeachResult object with param Workflow/WorkflowSummary directly RbacProperties Properties class to return admin roles and groups specified in properties file. UserType POJO for creating user object. TYPE: Improvement JIRA: DEP-686 Signed-off-by: jmasar <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
TYPE: Improvement
JIRA: DEP-686