mirror of
https://github.com/Unleash/unleash.git
synced 2025-01-06 00:07:44 +01:00
7e9069e390
https://linear.app/unleash/issue/2-1155/refactor-permissions - Our `rbac-middleware` now supports multiple OR permissions; - Drops non-specific permissions (e.g. CRUD API token permissions without specifying the token type); - Makes our permission descriptions consistent; - Drops our higher-level permissions that basically mean ADMIN (e.g. ADMIN token permissions) in favor of `ADMIN` permission in order to avoid privilege escalations; This PR may help with https://linear.app/unleash/issue/2-1144/discover-potential-privilege-escalations as it may prevent privilege escalations altogether. There's some UI permission logic around this, but in the future https://linear.app/unleash/issue/2-1156/adapt-api-tokens-creation-ui-to-new-permissions could take it a bit further by adapting the creation of tokens as well. --------- Co-authored-by: Gastón Fournier <gaston@getunleash.io> |
||
|---|---|---|
| .. | ||
| apiToken | ||
| auth | ||
| billing | ||
| cors | ||
| groups | ||
| instance-admin | ||
| invoice | ||
| maintenance | ||
| menu | ||
| network | ||
| roles | ||
| serviceAccounts | ||
| users | ||
| Admin.tsx | ||
| AdminRedirect.tsx | ||
| LazyAdmin.tsx | ||
| LazyAdminExport.tsx | ||