jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
10,257 Commits 33 Branches 583 Tags
27db2c68559e8703bda18c6f335022b8188dfc03
Commit Graph

61 Commits

Author SHA1 Message Date
Girish Ramakrishnan
b579f7ae90 better error messages for 401 2021-06-05 21:26:43 -07:00
Girish Ramakrishnan
7bee7b9ef8 tokens: async'ify 2021-06-04 13:06:38 -07:00
Girish Ramakrishnan
176388111c tokens: add lastUsedTime 2021-03-16 16:04:17 -07:00
Girish Ramakrishnan
0e156b9376 migrate permissions and admin flag to user.role 2020-02-21 16:49:20 -08:00
Johannes Zellner
15cc1f92e3 Fix typo 2020-02-17 13:47:21 +01:00
Girish Ramakrishnan
00c6ad675e add usermanager tests 2020-02-14 14:34:29 -08:00
Girish Ramakrishnan
c537dfabb2 add manage user permission 2020-02-13 22:49:58 -08:00
Girish Ramakrishnan
fd8abbe2ab remove ROLE_USER 
every authenticated user has ROLE_USER. So, this role is superfluous
 2020-02-13 21:53:57 -08:00
Johannes Zellner
2854462e0e Remove token scope business 2020-02-06 16:44:46 +01:00
Johannes Zellner
12aa8ac0ad Remove passport 2020-02-06 14:56:28 +01:00
Girish Ramakrishnan
5c920fd200 never skip password verification 2019-11-07 13:10:12 -08:00
Girish Ramakrishnan
c3a5360a88 Add not implemented error code 2019-10-24 18:40:37 -07:00
Girish Ramakrishnan
4793eb9ef5 Finish UsersError removal 2019-10-24 15:19:07 -07:00
Girish Ramakrishnan
a017af41c5 Start moving db code to use BoxError as well 2019-10-24 14:09:53 -07:00
Girish Ramakrishnan
2df642000d Move ClientsError to BoxError 2019-10-22 21:16:49 -07:00
Girish Ramakrishnan
0ab6cad048 Add user enable/disable flag 2019-08-08 06:31:46 -07:00
Girish Ramakrishnan
9b74bb73aa config.js is dead, long live config.js 
we use settings now
 2019-07-26 14:51:51 -07:00
Girish Ramakrishnan
e553ade936 remove spaces support 
this feature is unused for too long now
 2019-05-04 18:34:28 -07:00
Girish Ramakrishnan
b4b3fd9ab6 Add appstore routes 2019-05-04 17:48:04 -07:00
Girish Ramakrishnan
3246edd5a8 rework cloudron registration flow 
we now route all the registration, login etc via the backend

subscription management are also in a separate scope now
 2019-05-03 19:47:20 -07:00
Girish Ramakrishnan
c15449492a settings: remove appstore scope 2019-02-22 09:43:26 -08:00
Girish Ramakrishnan
08bb8e3df9 Make token API id based 
we don't return the accessToken anymore
 2019-02-15 14:31:43 -08:00
Girish Ramakrishnan
e0cd7999eb Make spaces an edition instead of setting 2018-08-28 18:31:48 -07:00
Girish Ramakrishnan
a0a523ae71 spaces: verify app ownership in app management routes 2018-08-03 17:35:58 -07:00
Girish Ramakrishnan
47c8700d42 make scopesForUser async 2018-08-03 09:34:19 -07:00
Girish Ramakrishnan
78a2176d1d Make admin simply a boolean instead of group 
This simplifies a lot of logic. Keeping an admin group has no benefit
 2018-07-26 22:29:57 -07:00
Girish Ramakrishnan
b4d5def56d Revert role support 2018-07-26 13:23:06 -07:00
Girish Ramakrishnan
38977858aa When issuing token intersect with the existing user roles 
Also:
* Move token validation to accesscontrol.js
* Use clients.addTokenByUserId everywhere
 2018-06-28 00:07:43 -07:00
Girish Ramakrishnan
6510240c0a Fix accesscontrol.intersectScopes 2018-06-27 18:08:38 -07:00
Girish Ramakrishnan
d66dc11f01 Make canonicalScopeString return sorted array 2018-06-27 14:07:25 -07:00
Girish Ramakrishnan
6907475f7a Add app management scope 
This splits the apps API into those who have just 'read' access
and those who have 'manage' access.
 2018-06-26 08:56:30 -07:00
Girish Ramakrishnan
f932f8b3d3 Add user management scope 
This splits the user and groups API into those who have just 'read' access
and those who have 'manage' access.
 2018-06-25 16:10:00 -07:00
Girish Ramakrishnan
7ab5d5e50d Add domain management scope 
This splits the domains API into those who have just 'read' access
(i.e without configuration details) and those who have 'manage' access.
 2018-06-25 15:12:22 -07:00
Girish Ramakrishnan
60ed290179 validate role names against existing roles 2018-06-18 17:32:07 -07:00
Girish Ramakrishnan
6cd0601629 Map group roles to scopes 2018-06-18 14:52:39 -07:00
Girish Ramakrishnan
b6b7d08af3 Rename to accesscontrol.canonicalScopeString 2018-06-17 22:43:42 -07:00
Girish Ramakrishnan
6a2dacb08a Make intersectScopes take an array 2018-06-17 22:39:33 -07:00
Girish Ramakrishnan
1015b0ad9c validateScope -> validateScopeString 2018-06-17 22:29:17 -07:00
Girish Ramakrishnan
ad6bc191f9 Make hasScopes take an array 2018-06-17 21:06:17 -07:00
Girish Ramakrishnan
682f7a710c Add an appstore scope for subscription settings 2018-06-17 18:09:13 -07:00
Girish Ramakrishnan
156ffb40c9 Remove scope from users.get 2018-06-17 16:07:20 -07:00
Girish Ramakrishnan
24b0a96f07 Move passport logic to routes 2018-06-15 17:32:40 -07:00
Girish Ramakrishnan
a1ac7f2ef9 Remove support for authenticating non-oauth2 clients via BasicStrategy 
This is not used anywhere
 2018-06-15 15:38:58 -07:00
Girish Ramakrishnan
6aef9213aa Add notes on the various strategies 2018-06-15 15:38:53 -07:00
Girish Ramakrishnan
a77d45f5de Add rolesJson to groups table 
This will contain the roles ('role definition') of a group of
users. We will internally map these to our API scopes.
 2018-06-14 22:54:52 -07:00
Girish Ramakrishnan
8795da5d20 Allow subscopes 
We can now have scopes as apps:read, apps:write etc
 2018-06-14 20:56:04 -07:00
Girish Ramakrishnan
dc86b0f319 validateRequestedScopes -> hasScopes 2018-06-14 20:31:48 -07:00
Girish Ramakrishnan
f7089c52ff normalizeScope -> intersectScope 2018-06-14 20:23:56 -07:00
Girish Ramakrishnan
62793ca7b3 Add accesscontrol.canonicalScope tests 2018-06-14 20:17:59 -07:00
Girish Ramakrishnan
f09e8664d1 Return canonical scope in REST responses 
The '*' scope is purely an implementation detail. It cannot
be requested as such.
 2018-05-02 12:36:41 -07:00