-
Notifications
You must be signed in to change notification settings - Fork 546
feat: access manager #6377
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
feat: access manager #6377
Changes from 9 commits
Commits
Show all changes
95 commits
Select commit
Hold shift + click to select a range
322dce7
specs
Shivam-nagar23 138105a
specs
Shivam-nagar23 c2840c2
specs for generic api
Shivam-nagar23 18fbf7e
specs for generic api update
Shivam-nagar23 78c62db
access manager generic apis
Shivam-nagar23 d4e37fb
enforcements
Shivam-nagar23 e8ef17b
version changed to alpha1
Shivam-nagar23 9babb91
specs udpate
Shivam-nagar23 e80919b
version
Shivam-nagar23 2a06a3d
sql scripts
Shivam-nagar23 2e8d88a
role group service refactoring
Shivam-nagar23 a4f3e5d
role group service
Shivam-nagar23 355d506
sql script chnages
Shivam-nagar23 2e45765
sql scripts chnages
Shivam-nagar23 04a7385
refactoring iss
Shivam-nagar23 91bd157
reafctoring and rbac changes
Shivam-nagar23 cf99d8b
get rbac changes
Shivam-nagar23 8e8ec51
policy moved to bean
Shivam-nagar23 3dc10bb
removed unnecessary code
Shivam-nagar23 bc1954c
v2 routes in oss
Shivam-nagar23 e97436f
Merge branch 'feat-access-manager-1' into feat-access-manager-2
Shivam-nagar23 80392b1
Merge branch 'feat-access-manager-2' into feat-access-manager-3
Shivam-nagar23 24c88af
sql script chnaged
Shivam-nagar23 9407b53
sql script changes
Shivam-nagar23 431835a
sql script changeS
Shivam-nagar23 85ad553
fetch role group chnages
Shivam-nagar23 cb6ef50
set keys
Shivam-nagar23 fcf20cf
description update
Shivam-nagar23 83e0946
description update
Shivam-nagar23 1b16787
actuion
Shivam-nagar23 d30c610
Merge branch 'develop' into feat-access-manager
Shivam-nagar23 5a0c578
Merge branch 'feat-access-manager' into feat-access-manager-1
Shivam-nagar23 2c78ddb
Merge branch 'feat-access-manager-1' into feat-access-manager-2
Shivam-nagar23 0b59ea4
Merge branch 'feat-access-manager-2' into feat-access-manager-3
Shivam-nagar23 85614cd
review comments
Shivam-nagar23 89e86db
review comments
Shivam-nagar23 c3df8a0
idempotent
Shivam-nagar23 05155f2
hide permissions set
Shivam-nagar23 bef1dae
Merge pull request #6404 from devtron-labs/feat-access-manager-3
Shivam-nagar23 3fa8b46
Merge branch 'feat-access-manager-1' into feat-access-manager-2
Shivam-nagar23 118b9b5
Merge pull request #6403 from devtron-labs/feat-access-manager-2
Shivam-nagar23 c4bd448
Merge branch 'feat-access-manager' into feat-access-manager-1
Shivam-nagar23 5cda912
Merge pull request #6400 from devtron-labs/feat-access-manager-1
Shivam-nagar23 0309eb6
Merge branch 'develop' into feat-access-manager
Shivam-nagar23 ba27a06
oss ent sync
Shivam-nagar23 9a11c16
oss change
Shivam-nagar23 cce2e63
oss sync
Shivam-nagar23 210669b
sync
Shivam-nagar23 f836c4f
self register bean
Shivam-nagar23 5da69c8
user bean import
Shivam-nagar23 8b576c6
oss merge
Shivam-nagar23 ce3748b
signature changes
Shivam-nagar23 1526d6a
oss sync
Shivam-nagar23 4a106a9
oss refactoring
Shivam-nagar23 8fb2539
oss ent sync
Shivam-nagar23 1cf3888
final role filters to be considered
Shivam-nagar23 a955875
sync changes
Shivam-nagar23 be29ab1
audit creation oss
Shivam-nagar23 82a23ea
user service
Shivam-nagar23 1d51d6c
oss sycn
Shivam-nagar23 b057ed1
osse nt sync
Shivam-nagar23 d972d37
cluster entity
Shivam-nagar23 ebf3157
user service refactoring
Shivam-nagar23 79ceb16
oss sync
Shivam-nagar23 01aea38
user service refactoring
Shivam-nagar23 9936acd
user common service chnages
Shivam-nagar23 06819c4
oss sync
Shivam-nagar23 f5c61e9
user services chnages
Shivam-nagar23 1f41460
oss refactoing
Shivam-nagar23 4d4a835
token
Shivam-nagar23 42b6dee
subaction
Shivam-nagar23 f04bf91
oss ent sync
Shivam-nagar23 9da2876
update oss sync
Shivam-nagar23 c41bbe5
oss sync
Shivam-nagar23 2234c63
user service
Shivam-nagar23 c2fb678
user service
Shivam-nagar23 67b19e5
user response
Shivam-nagar23 34d2060
sync
Shivam-nagar23 a74eb7a
approver
Shivam-nagar23 9e2ee91
oss ent sync
Shivam-nagar23 e08ad15
oss
Shivam-nagar23 5059299
user service
Shivam-nagar23 84cf514
review comments
Shivam-nagar23 6fb8fbf
Merge pull request #6414 from devtron-labs/feat-access-manager-oss-en…
Shivam-nagar23 53f94cd
Merge branch 'develop' into feat-access-manager
Shivam-nagar23 05a1ae5
sql script chnage
Shivam-nagar23 3422fad
get flow
Shivam-nagar23 f38e973
nul data in case of unauthroised
Shivam-nagar23 30b758a
user admin
Shivam-nagar23 4489227
Merge branch 'develop' into feat-access-manager
Shivam-nagar23 c873624
get group policy
Shivam-nagar23 cf9b997
Merge branch 'develop' into feat-access-manager
Shivam-nagar23 0a48005
naming
Shivam-nagar23 ed1488e
sql scripts
Shivam-nagar23 915d1e0
Merge branch 'develop' into feat-access-manager
Shivam-nagar23 File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,73 @@ | ||
| package userResource | ||
|
|
||
| import ( | ||
| "encoding/json" | ||
| "github.com/devtron-labs/devtron/api/restHandler/common" | ||
| "github.com/devtron-labs/devtron/api/userResource/adapter" | ||
| apiBean "github.com/devtron-labs/devtron/api/userResource/bean" | ||
| "github.com/devtron-labs/devtron/pkg/auth/user" | ||
| "github.com/devtron-labs/devtron/pkg/userResource" | ||
| "github.com/gorilla/mux" | ||
| "go.uber.org/zap" | ||
| "net/http" | ||
| ) | ||
|
|
||
| type RestHandler interface { | ||
| GetResourceOptions(w http.ResponseWriter, r *http.Request) | ||
| } | ||
| type RestHandlerImpl struct { | ||
| logger *zap.SugaredLogger | ||
| userService user.UserService | ||
| userResourceService userResource.UserResourceService | ||
| } | ||
|
|
||
| func NewUserResourceRestHandler(logger *zap.SugaredLogger, | ||
| userService user.UserService, | ||
| userResourceService userResource.UserResourceService) *RestHandlerImpl { | ||
| return &RestHandlerImpl{ | ||
| logger: logger, | ||
| userService: userService, | ||
| userResourceService: userResourceService, | ||
| } | ||
| } | ||
|
|
||
| func (handler *RestHandlerImpl) GetResourceOptions(w http.ResponseWriter, r *http.Request) { | ||
| userId, err := handler.userService.GetLoggedInUser(r) | ||
| if userId == 0 || err != nil { | ||
| common.WriteJsonResp(w, err, "Unauthorized User", http.StatusUnauthorized) | ||
| return | ||
| } | ||
|
|
||
| pathParams, caughtError := decodePathParams(w, r) | ||
| if caughtError { | ||
| return | ||
| } | ||
| decoder := json.NewDecoder(r.Body) | ||
| var reqBean apiBean.ResourceOptionsReqDto | ||
| err = decoder.Decode(&reqBean) | ||
| if err != nil { | ||
| handler.logger.Errorw("error in decoding request body", "err", err, "requestBody", r.Body) | ||
| common.WriteJsonResp(w, err, nil, http.StatusBadRequest) | ||
| return | ||
| } | ||
| token := r.Header.Get("token") | ||
| // rbac enforcement is managed at service level based on entity and kind | ||
| data, err := handler.userResourceService.GetResourceOptions(r.Context(), token, &reqBean, pathParams) | ||
| if err != nil { | ||
| handler.logger.Errorw("service error, GetResourceOptions", "err", err) | ||
| common.WriteJsonResp(w, err, nil, http.StatusInternalServerError) | ||
| return | ||
| } | ||
|
|
||
| common.WriteJsonResp(w, err, data, http.StatusOK) | ||
| return | ||
|
|
||
| } | ||
|
|
||
| func decodePathParams(w http.ResponseWriter, r *http.Request) (pathParams *apiBean.PathParams, caughtError bool) { | ||
| vars := mux.Vars(r) | ||
| kindVar := vars[apiBean.PathParamKind] | ||
| versionVar := vars[apiBean.PathParamVersion] | ||
| pathParams = adapter.BuildPathParams(kindVar, versionVar) | ||
| return pathParams, caughtError | ||
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| package userResource | ||
|
|
||
| import "github.com/gorilla/mux" | ||
|
|
||
| type Router interface { | ||
| InitUserResourceRouter(userResourceRouter *mux.Router) | ||
| } | ||
|
|
||
| type RouterImpl struct { | ||
| restHandler RestHandler | ||
| } | ||
|
|
||
| func NewUserResourceRouterImpl(restHandler RestHandler) *RouterImpl { | ||
| return &RouterImpl{ | ||
| restHandler: restHandler, | ||
| } | ||
| } | ||
|
|
||
| func (router *RouterImpl) InitUserResourceRouter(userResourceRouter *mux.Router) { | ||
| userResourceRouter.Path("/options/{kind:[a-zA-Z0-9/-]+}/{version:[a-zA-Z0-9]+}"). | ||
| HandlerFunc(router.restHandler.GetResourceOptions).Methods("POST") | ||
|
|
||
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| package adapter | ||
|
|
||
| import ( | ||
| "github.com/devtron-labs/devtron/api/userResource/bean" | ||
| ) | ||
|
|
||
| func BuildPathParams(kind, version string) *bean.PathParams { | ||
| return &bean.PathParams{ | ||
| Kind: kind, | ||
| Version: version, | ||
| } | ||
| } |
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.