mirror of
https://github.com/Unleash/unleash.git
synced 2024-11-01 19:07:38 +01:00
7e9069e390
https://linear.app/unleash/issue/2-1155/refactor-permissions - Our `rbac-middleware` now supports multiple OR permissions; - Drops non-specific permissions (e.g. CRUD API token permissions without specifying the token type); - Makes our permission descriptions consistent; - Drops our higher-level permissions that basically mean ADMIN (e.g. ADMIN token permissions) in favor of `ADMIN` permission in order to avoid privilege escalations; This PR may help with https://linear.app/unleash/issue/2-1144/discover-potential-privilege-escalations as it may prevent privilege escalations altogether. There's some UI permission logic around this, but in the future https://linear.app/unleash/issue/2-1156/adapt-api-tokens-creation-ui-to-new-permissions could take it a bit further by adapting the creation of tokens as well. --------- Co-authored-by: Gastón Fournier <gaston@getunleash.io> |
||
|---|---|---|
| .. | ||
| admin-api | ||
| auth | ||
| client-api | ||
| edge-api | ||
| proxy-api | ||
| backstage.test.ts | ||
| backstage.ts | ||
| controller.ts | ||
| health-check.test.ts | ||
| health-check.ts | ||
| index.ts | ||
| logout.test.ts | ||
| logout.ts | ||
| public-invite.test.ts | ||
| public-invite.ts | ||
| unleash-types.ts | ||
| util.ts | ||