mirror of
https://github.com/Unleash/unleash.git
synced 2025-10-27 11:02:16 +01:00
7e9069e390
https://linear.app/unleash/issue/2-1155/refactor-permissions - Our `rbac-middleware` now supports multiple OR permissions; - Drops non-specific permissions (e.g. CRUD API token permissions without specifying the token type); - Makes our permission descriptions consistent; - Drops our higher-level permissions that basically mean ADMIN (e.g. ADMIN token permissions) in favor of `ADMIN` permission in order to avoid privilege escalations; This PR may help with https://linear.app/unleash/issue/2-1144/discover-potential-privilege-escalations as it may prevent privilege escalations altogether. There's some UI permission logic around this, but in the future https://linear.app/unleash/issue/2-1156/adapt-api-tokens-creation-ui-to-new-permissions could take it a bit further by adapting the creation of tokens as well. --------- Co-authored-by: Gastón Fournier <gaston@getunleash.io> |
||
|---|---|---|
| .. | ||
| bad-data-error.ts | ||
| content-type-error.ts | ||
| db-error.ts | ||
| disabled-error.ts | ||
| feature-has-tag-error.ts | ||
| from-legacy-error.ts | ||
| incompatible-project-error.ts | ||
| index.ts | ||
| invalid-operation-error.ts | ||
| invalid-token-error.ts | ||
| minimum-one-environment-error.ts | ||
| name-exists-error.ts | ||
| no-access-error.ts | ||
| not-implemented-error.ts | ||
| notfound-error.ts | ||
| operation-denied-error.ts | ||
| owasp-validation-error.ts | ||
| password-mismatch.ts | ||
| password-undefined.ts | ||
| project-without-owner-error.ts | ||
| role-in-use-error.ts | ||
| unauthorized-error.ts | ||
| unleash-error.test.ts | ||
| unleash-error.ts | ||
| used-token-error.ts | ||