coder

mirror of https://github.com/coder/coder.git synced 2025-07-06 15:41:45 +00:00

Author	SHA1	Message	Date
Steven Masley	08cce81ac8	feat: Implement allow_list for scopes for resource specific permissions (#5769 ) * feat: Implement allow_list for scopes for resource specific permissions Feature that adds an allow_list for scopes to specify particular resources. This enables workspace agent tokens to use the same RBAC system as users. - Add ID to compileSQL matchers * Plumb through WithID on rbac objects * Rename Scope -> ScopeName * Update input.json with scope allow_list Co-authored-by: Cian Johnston <cian@coder.com>	2023-01-19 13:41:36 -06:00
Jon Ayers	3120c94c22	feat: add template RBAC/groups (#4235 )	2022-10-10 15:37:06 -05:00
Steven Masley	2e30d0512e	chore: Move scope into the same auth call (#4162 ) Scopes now are enforced in the same Authorize call as the roles. Vs 2 `Authorize()` calls	2022-09-23 11:07:30 -04:00
Kyle Carberry	ca342067b3	fix: Remove typo in policy.rego	2022-08-11 23:33:50 -05:00
Steven Masley	3ae42f4de9	chore: Update rego to be partial execution friendly (#3449 ) - Improves performance of batch authorization calls - Enables possibility to convert rego auth calls into SQL WHERE clauses	2022-08-11 22:07:48 +00:00
Steven Masley	db665e7261	chore: Drop resource_id support in rbac system (#3426 )	2022-08-09 18:16:53 +00:00
Ammar Bandukwala	19fcf60864	ci: add typo detection (#3327 ) And fix them.	2022-08-01 09:29:52 -04:00
Steven Masley	770c567123	feat: Add RBAC package for managing user permissions (#929 ) This PR adds an RBAC package for managing using permissions: - The top-level `authz.Authorize` function is the main user-facing entrypoint to the package. - Actual permission evaluation is handled in `policy.rego`. - Unit tests for `authz.Authorize` are in `authz_test.go` - Documentation for the package is in `README.md`. Co-authored-by: Cian Johnston <cian@coder.com>	2022-04-13 08:35:35 -05:00

8 Commits