mirror of
https://github.com/Unleash/unleash.git
synced 2025-02-09 00:18:00 +01:00
7e9069e390
https://linear.app/unleash/issue/2-1155/refactor-permissions - Our `rbac-middleware` now supports multiple OR permissions; - Drops non-specific permissions (e.g. CRUD API token permissions without specifying the token type); - Makes our permission descriptions consistent; - Drops our higher-level permissions that basically mean ADMIN (e.g. ADMIN token permissions) in favor of `ADMIN` permission in order to avoid privilege escalations; This PR may help with https://linear.app/unleash/issue/2-1144/discover-potential-privilege-escalations as it may prevent privilege escalations altogether. There's some UI permission logic around this, but in the future https://linear.app/unleash/issue/2-1156/adapt-api-tokens-creation-ui-to-new-permissions could take it a bit further by adapting the creation of tokens as well. --------- Co-authored-by: Gastón Fournier <gaston@getunleash.io> |
||
|---|---|---|
| .. | ||
| api-token-middleware.test.ts | ||
| api-token-middleware.ts | ||
| authorization-middleware.ts | ||
| catch-all-error-handler.ts | ||
| conditional-middleware.ts | ||
| content_type_checker.test.ts | ||
| content_type_checker.ts | ||
| cors-origin-middleware.test.ts | ||
| cors-origin-middleware.ts | ||
| demo-authentication.ts | ||
| index.ts | ||
| maintenance-middleware.ts | ||
| no-authentication.test.ts | ||
| no-authentication.ts | ||
| oss-authentication.test.ts | ||
| oss-authentication.ts | ||
| pat-middleware.test.ts | ||
| pat-middleware.ts | ||
| rbac-middleware.test.ts | ||
| rbac-middleware.ts | ||
| request-logger.ts | ||
| response-time-metrics.ts | ||
| secure-headers.ts | ||
| session-db.ts | ||
| unless-middleware.ts | ||