Mirrors/unleash.unleash
1
0
Fork 0
mirror of https://github.com/Unleash/unleash.git synced 2025-05-08 01:15:49 +02:00
Code Issues Projects Releases Wiki Activity
8,489 Commits 524 Branches 880 Tags 364 MiB
89cf16f915
Commit Graph

10 Commits

Author SHA1 Message Date
Gastón Fournier
89cf16f915
Feat/more granular permissions check in create apitoken (#4072) 
## About the changes
This PR enables or disables create API token button based on the
permissions.

**Note:** the button is only displayed if you have READ permissions on
some API token. This is a minor limitation as having CREATE permissions
should also grant READ permissions, but right now this is up to the user
to set up the custom role with the correct permissions

**Note 2:** Project-specific API tokens are also ruled by the
project-specific permission to create API tokens in a project (just
having the root permissions to create a client token or frontend token
does not grant access to create a project-specific API token). The
permissions to access the creation of a project-specific API token then
rely on the root permissions to allow the user to create either a client
token or a frontend token.

---------

Co-authored-by: David Leek <david@getunleash.io>
 2023-06-23 10:57:08 +02:00
Nuno Góis
7e9069e390
refactor: token permissions, drop admin-like permissions (#4050) 
https://linear.app/unleash/issue/2-1155/refactor-permissions

- Our `rbac-middleware` now supports multiple OR permissions;
- Drops non-specific permissions (e.g. CRUD API token permissions
without specifying the token type);
- Makes our permission descriptions consistent;
- Drops our higher-level permissions that basically mean ADMIN (e.g.
ADMIN token permissions) in favor of `ADMIN` permission in order to
avoid privilege escalations;

This PR may help with
https://linear.app/unleash/issue/2-1144/discover-potential-privilege-escalations
as it may prevent privilege escalations altogether.

There's some UI permission logic around this, but in the future
https://linear.app/unleash/issue/2-1156/adapt-api-tokens-creation-ui-to-new-permissions
could take it a bit further by adapting the creation of tokens as well.

---------

Co-authored-by: Gastón Fournier <gaston@getunleash.io>
 2023-06-22 08:35:54 +01:00
Fredrik Strand Oseberg
f8c826450e
Fix/decouple api token list (#3171) 
Decouples the API token list and adds tracking.
 2023-02-21 14:27:46 +01:00
andreas-unleash
350b55644a
Feat/project api token permissions (#3065) 
<!-- Thanks for creating a PR! To make it easier for reviewers and
everyone else to understand what your changes relate to, please add some
relevant content to the headings below. Feel free to ignore or delete
sections that you don't think are relevant. Thank you! ❤️ -->

## About the changes
<!-- Describe the changes introduced. What are they and why are they
being introduced? Feel free to also add screenshots or steps to view the
changes if they're visual. -->
Define and implements Project api token permissions
Assign permissions to existing roles
Adjust UI to support them 
Adjust BE to implement

---------

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com>
 2023-02-17 12:15:36 +02:00
olav
25c25c9206 refactor: port tokens list to react-table (#1026) 
* refactor: extract ApiTokenDocs component

* refactor: extract CreateApiTokenButton component

* refactor: extract RemoveApiTokenButton component

* refactor: extract CopyApiTokenButton component

* refactor: port tokens list to react-table

* refactor: remove unused imports

* fix: api token table default sort order

* fix: updates to table of api tokens

* fix: add highlighting when searching

Co-authored-by: Tymoteusz Czech <tymek+gpg@getunleash.ai>
Co-authored-by: Nuno Góis <github@nunogois.com>
 2022-05-27 08:48:01 +01:00
Tymoteusz Czech
44c579f7a8 Refactor: page container (#967) 
* refactor: page container

* refactor: table page header
 2022-05-09 14:38:12 +02:00
olav
d8143c6ff4 chore: update react-router to v6 (#946) 
* refactor: fix child selector warnings

* refactor: update react-router-dom

* refactor: use BrowserRouter as in react-router docs

* refactor: replace Redirect with Navigate

* refactor: replace Switch with Routes

* refactor: replace useHistory with useNavigate

* refactor: replace useParams types with useRequiredPathParam

* refactor: replace NavLink activeStyle with callback

* refactor: fix matchPath arg order

* refactor: Remove unused link state

* refactor: delete broken snapshot test

* refactor: render 404 page without redirect

* refactor: normalize path parameter names

* refactor: fix Route component usage
 2022-05-05 13:42:18 +02:00
olav
24c11332b5 chore: update MUI to v5 (#923) 
* refactor: update mui packages

* refactor: run mui codemods

* refactor: format files after codemods

* refactor: fix broken types

* refactor: clean up theme

* refactor: fix broken tests

* refactor: replace @mui/styles with tss-react

* refactor: move breakpoints into classes for tss

* refactor: fix crash on missing feature description

* refactor: remove void classNames

* refactor: adjust styles to new defaults

* refactor: remove broken rollout slider e2e test

* refactor: fix duplicate e2e testid

* refactor: update makeStyles after rebase

* refactor: add missing snapshot after rebase

* refactor: fix TableCellSortable focus styles

* refactor: use 1.4 as the default line-height

* refactor: hide webkit search field icons

* refactor: fix select box label

* refactor: make AutocompleteBox smaller

* refactor: make heading smaller

* refactor: fix toast close icon color

* refactor: update snapshots

* refactor: add missing test event awaits

* refactor: fix default button line-height
 2022-05-02 15:52:41 +02:00
Tymoteusz Czech
23a874d051 Refactor: convert jsx files to typescript (#881) 
* refactor: convert remaining js files to typescript

* refactor: conditionally render remove index

* refactor: dialog component to tsx

* refactor: migrate some files from jsx to tsx

* refactor: convert dropdown element to tsx

* refactor: feature toggle list to tsx

* refactor: update context name in use overrides

* refactor: variant overrides to tsx

refactor: remove unused strategy constraint file

* fix: tsx imports

* fix: update refectored components after rebase

* refactor: rename report list files to tsx

* fix: project health list types

* refactor: addon form - add types

* refactor: copy feature component types

* fix: projects toggle style after tsx refactor

* refactor: update ts types from openapi

* fix: ts refactor changes after review

* fix: header title prop

* fix: update after PR comments

* add test to useoverrides hook

* fix conditionally render time ago

* fix: toggle list empty tooltip

* fix: remove unused variable

* remove unused variable

* fix: remove faulty snapshot
 2022-05-02 12:52:33 +02:00
olav
f6e42f99f9 feat: use READ_API_TOKEN permission (#906) 
* refactor: extract AdminAlert component

* refactor: split ApiTokenPage from ApiTokenList

* refactor: display AdminMenu based on path instead of permissions

* feat: use the new READ_API_TOKEN permission
 2022-04-26 10:24:26 +02:00