1
0
mirror of https://github.com/Unleash/unleash.git synced 2025-01-25 00:07:47 +01:00
unleash.unleash/.gitignore

110 lines
1.7 KiB
Plaintext
Raw Permalink Normal View History

2015-01-27 11:10:29 +01:00
node_modules
2016-06-18 09:19:57 +02:00
lerna-debug
npm-debug
2015-01-27 11:10:29 +01:00
.DS_Store
/dist
Fix/project role permission grant (#8084) ## Background In #6380 we fixed a privilege escalation bug that allowed members of a project that had permission to add users to the project with roles that had a higher permission set than themselves. The PR linked essentially constricts you only be able to assign users to roles that you possess yourself if you are not an Admin or Project owner. This fix broke expectations for another customer who needed to have a project owner without the DELETE_PROJECT permission. The fix above made it so that their custom project owner role only was able to assign users to the project with the role that they posessed. ## Fix Instead of looking directly at which role the role granter has, this PR addresses the issue by making the assessment based on the permission sets of the user and the roles to be granted. If the granter has all the permissions of the role being granted, the granter is permitted to assign the role. ## Other considerations The endpoint to get roles was changed in this PR. It previously only retrieved the roles that the user had in the project. This no-longer makes sense because the user should be able to see other project roles than the one they themselves hold when assigning users to the project. The drawback of returning all project roles is that there may be a project role in the list that the user does not have access to assign, because they do not hold all the permissions required of the role. This was discussed internally and we decided that it's an acceptable trade-off for now because the complexities of returning a role list based on comparing permissions set is not trivial. We would have to retrieve each project role with permissions from the database, and run the same in-memory check against the users permission to determine which roles to return from this endpoint. Instead we opted for returning all project roles and display an error if you try to assign a role that you do not have access to. ## Follow up When this is merged, there's no longer need for the frontend logic that filters out roles in the role assignment form. I deliberately left this out of the scope for this PR because I couldn't wrap my head around everything that was going on there and I thought it was better to pair on this with @chriswk or @nunogois in order to make sure we get this right as the logic for this filtering seemed quite complex and was touching multiple different components. --------- Co-authored-by: Fredrik Strand Oseberg <fredrikstrandoseberg@Fredrik-sin-MacBook-Pro.local>
2024-09-10 20:35:45 +02:00
.vscode
2015-01-27 11:10:29 +01:00
2014-09-29 14:50:46 +02:00
# Logs
logs
*.log
# Runtime data
pids
*.pid
*.seed
# Directory for instrumented libs generated by jscoverage/JSCover
lib-cov
# Coverage directory used by tools like istanbul
2022-05-20 11:14:41 +02:00
# coverage
coverage/lcov-report
2014-09-29 14:50:46 +02:00
# Compiled binary addons (http://nodejs.org/api/addons.html)
build/Release
2014-10-31 16:35:35 +01:00
# liquibase stuff
/sql
unleash-db.jar
unleash-server.tar.gz
# idea stuff:
2016-05-03 12:12:37 +02:00
.idea/*
2015-06-19 14:11:02 +02:00
.vagrant/
# Visual Studio Code
jsconfig.json
2016-04-30 22:11:16 +02:00
typings
2016-11-13 15:41:35 +01:00
.nyc_output
2017-11-04 12:09:12 +01:00
# Emacs, nix, devenv, pijul
# Only Thomas uses this and he doesn't want to add it to the repo
.devenv
.devenv.flake.nix
.dir-locals.el
.envrc
shell.nix
# Pijul + ignore
.ignore
.pijul
# Custom hooks in husky directory
.husky/pre-push
.husky/prepare-commit-msg
2017-11-04 12:09:12 +01:00
# We use yarn.lock
package-lock.json
# Website stuff
/website/build
/website/backers.json
/website/node_modules
/website/translated_docs
/website/i18n/*
.env
# Ignore frontend build
frontend/build
docs: auto-generate remaining server-side SDK docs (#2858) This PR builds on the preceding doc auto-generation PRs and generates documentation for the remaining server-side SDKs. ## Why Refer to https://github.com/Unleash/unleash/pull/2809 for more context about generating SDK docs. ## What - Adds generation for the remaining server-side SDKs - Moves generated docs from the `/reference/sdks` directory to `/generated` directory. - Makes sure that the URLs do not change because of the move by using the `slug` frontmatter property. - replaces relative github links in the markdown documents so that they become absolute github links. (refer to the next section) - Updates some image styling so that it doesn't apply to readme badges (we don't need them using `display: block`) ### On link replacing: This PR adds handling of links in the generated documentation. Specifically, it changes links in one case: Relative links to github. Links to code and other files in the repository. These are prefixed with the repository's URL. While this should work in most cases, it will fail in cases where the links to the files are not on the repository's primary branch. (typically main, but could also be "v3", for instance). In these cases, the links will get a double branch in the URL and will fail. However, I see no easy way around this (though suggestions are definitely accepted!), and think it's a fair tradeoff. It takes the links from "definitely failing" to "will work in the vast majority of cases". Note: I originally also wanted to handle the case where the link is an absolute link to docs.getunleash.io. We could turn these into relative urls to avoid full page reloads and enjoy a smoother experience. However, the client-side redirects don't work correctly if the relative URL goes to a redirect page, so you end up with a 404 page. As such, I think it's better to leave the links as absolute for now.
2023-01-13 12:40:28 +01:00
# Ignore orval apis
frontend/src/openapi/apis
frontend/src/openapi/index.ts
docs: auto-generate remaining server-side SDK docs (#2858) This PR builds on the preceding doc auto-generation PRs and generates documentation for the remaining server-side SDKs. ## Why Refer to https://github.com/Unleash/unleash/pull/2809 for more context about generating SDK docs. ## What - Adds generation for the remaining server-side SDKs - Moves generated docs from the `/reference/sdks` directory to `/generated` directory. - Makes sure that the URLs do not change because of the move by using the `slug` frontmatter property. - replaces relative github links in the markdown documents so that they become absolute github links. (refer to the next section) - Updates some image styling so that it doesn't apply to readme badges (we don't need them using `display: block`) ### On link replacing: This PR adds handling of links in the generated documentation. Specifically, it changes links in one case: Relative links to github. Links to code and other files in the repository. These are prefixed with the repository's URL. While this should work in most cases, it will fail in cases where the links to the files are not on the repository's primary branch. (typically main, but could also be "v3", for instance). In these cases, the links will get a double branch in the URL and will fail. However, I see no easy way around this (though suggestions are definitely accepted!), and think it's a fair tradeoff. It takes the links from "definitely failing" to "will work in the vast majority of cases". Note: I originally also wanted to handle the case where the link is an absolute link to docs.getunleash.io. We could turn these into relative urls to avoid full page reloads and enjoy a smoother experience. However, the client-side redirects don't work correctly if the relative URL goes to a redirect page, so you end up with a 404 page. As such, I think it's better to leave the links as absolute for now.
2023-01-13 12:40:28 +01:00
# Generated docs
website/docs/reference/api/**/sidebar.ts
website/docs/reference/api/**/**.info.mdx
docs: auto-generate remaining server-side SDK docs (#2858) This PR builds on the preceding doc auto-generation PRs and generates documentation for the remaining server-side SDKs. ## Why Refer to https://github.com/Unleash/unleash/pull/2809 for more context about generating SDK docs. ## What - Adds generation for the remaining server-side SDKs - Moves generated docs from the `/reference/sdks` directory to `/generated` directory. - Makes sure that the URLs do not change because of the move by using the `slug` frontmatter property. - replaces relative github links in the markdown documents so that they become absolute github links. (refer to the next section) - Updates some image styling so that it doesn't apply to readme badges (we don't need them using `display: block`) ### On link replacing: This PR adds handling of links in the generated documentation. Specifically, it changes links in one case: Relative links to github. Links to code and other files in the repository. These are prefixed with the repository's URL. While this should work in most cases, it will fail in cases where the links to the files are not on the repository's primary branch. (typically main, but could also be "v3", for instance). In these cases, the links will get a double branch in the URL and will fail. However, I see no easy way around this (though suggestions are definitely accepted!), and think it's a fair tradeoff. It takes the links from "definitely failing" to "will work in the vast majority of cases". Note: I originally also wanted to handle the case where the link is an absolute link to docs.getunleash.io. We could turn these into relative urls to avoid full page reloads and enjoy a smoother experience. However, the client-side redirects don't work correctly if the relative URL goes to a redirect page, so you end up with a 404 page. As such, I think it's better to leave the links as absolute for now.
2023-01-13 12:40:28 +01:00
website/docs/generated
reports/jest-junit.xml
# Yarn (https://yarnpkg.com/getting-started/qa#which-files-should-be-gitignored)
.pnp.*
.yarn/*
!.yarn/patches
!.yarn/plugins
!.yarn/releases
!.yarn/sdks
!.yarn/versions
frontend/.yarn/*
!frontend/.yarn/patches
!frontend/.yarn/plugins
!frontend/.yarn/releases
!frontend/.yarn/sdks
!frontend/.yarn/versions
docker/.yarn/*
!docker/.yarn/patches
!docker/.yarn/plugins
!docker/.yarn/releases
!docker/.yarn/sdks
!docker/.yarn/versions
website/.yarn/*
!website/.yarn/patches
!website/.yarn/plugins
!website/.yarn/releases
!website/.yarn/sdks
!website/.yarn/versions