synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-08 11:39:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,019 Commits 363 Branches 234 Tags
08412fd1afb4a9dd997f3b54607b44899c4b5afb
Commit Graph

21 Commits

Author SHA1 Message Date
Steven Masley
b678309fc9 chore: Authz should support non-named roles (#5855) 
* chore: Authz should support non-named roles

Named roles are a construct for users to assign/interact with roles.
For authzlayer implementation, we need to create "system" users.
To enforce strict security, we are making specific roles with
the exact required permissions for the system action.
These new roles should not be available to the user. There is a
clear code divide with this implementation that allows a RoleNames
implemenation for users to user, and system users can create their
own implementation
 2023-01-25 10:54:16 -06:00
Jon Ayers
47805643f7 fix: allow user admins to manage groups (#4498) 2022-10-12 14:33:03 -05:00
Jon Ayers
3120c94c22 feat: add template RBAC/groups (#4235) 2022-10-10 15:37:06 -05:00
Steven Masley
4919975f13 chore: Remove template-admin can create/update/delete workspaces (#4280) 
Cannot crud someone else's workspace
 2022-10-02 18:54:57 -04:00
Colin Adler
3d6d51fbd0 feat: audit log api (#3898) 2022-09-07 16:38:19 +00:00
Kyle Carberry
b0fe9bcdd1 chore: Upgrade to Go 1.19 (#3617) 
This is required as part of #3505.
 2022-08-21 22:32:53 +00:00
Steven Masley
4be61d9250 fix: Role assign ui fixes (#3521) 
Co-authored-by: Kira Pilot <kira@coder.com>
 2022-08-16 10:39:42 -05:00
Steven Masley
01dd35f1ba chore: Rename 'admin' to 'owner' (#3498) 
Co-authored-by: Colin Adler <colin1adler@gmail.com>
 2022-08-15 14:40:19 -05:00
Steven Masley
40e68cb80b feat: Add template-admin + user-admin role for managing templates + users (#3490) 
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
 2022-08-12 17:27:48 -05:00
Steven Masley
3ae42f4de9 chore: Update rego to be partial execution friendly (#3449) 
- Improves performance of batch authorization calls
- Enables possibility to convert rego auth calls into SQL WHERE clauses
 2022-08-11 22:07:48 +00:00
Kira Pilot
6122df6f1f feature: gate audit log by permissions (#3464) 
* pairing

* restricting audit route

resolvees #3460

* updated tests

* fixing lint

* useSelector instead of useActor
 2022-08-11 09:34:45 -04:00
Steven Masley
db665e7261 chore: Drop resource_id support in rbac system (#3426) 2022-08-09 18:16:53 +00:00
Steven Masley
cc87a0cf6b feat: Implied 'member' roles for site and organization (#1917) 
* feat: Member roles are implied and never exlpicitly added
* Rename "GetAllUserRoles" to "GetAuthorizationRoles"
* feat: Add migration to remove implied roles
* rename user auth role middleware
 2022-06-01 09:07:50 -05:00
Steven Masley
c04d045279 feat: RBAC provisionerdaemons and parameters (#1755) 
* chore: Remove org_id from provisionerdaemons
 2022-05-26 11:20:54 -05:00
Steven Masley
eea8dc6c16 feat: Add rbac to templateversion+orgmember endpoints (#1713) 2022-05-25 11:00:59 -05:00
Steven Masley
363b16af38 fix: Add template read permission node to members (#1712) 2022-05-24 16:35:34 +00:00
Steven Masley
2638c274cb fix: User's should be able to read what roles available (#1575) 2022-05-18 20:47:43 +00:00
Steven Masley
4ad5ac2d4a feat: Rbac more coderd endpoints, unit test to confirm (#1437) 
* feat: Enforce authorize call on all endpoints
- Make 'request()' exported for running custom requests
* Rbac users endpoints
* 401 -> 403
 2022-05-17 13:43:19 -05:00
Bruno Quaresma
00806580f5 refactor: Return the display_name and name in the roles endpoint (#1328) 2022-05-06 19:18:00 +00:00
Steven Masley
d0293e4d33 feat: Implement list roles & enforce authorize examples (#1273) 2022-05-03 16:10:19 -05:00
Steven Masley
35211e2190 feat: Add user roles, but do not yet enforce them (#1200) 
* chore: Rework roles to be expandable by name alone
 2022-04-29 09:04:19 -05:00