mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-02-01 01:41:21 -05:00
Code Issues Packages Projects Releases Wiki Activity
12,741 Commits 51 Branches 41 Tags
80098161b915030e711c2bc6bb7101de3872c9f5
Commit Graph

12 Commits

Author SHA1 Message Date
Michael Barz
794f6cd07c add constraints to permissions listing (#5594) 2023-02-17 13:45:47 +01:00
Jörn Friedrich Dreyer
92923f6801 Add http endpoint to list permissions (#5571) 
* Add http endpoint to list permissions

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* extract handler registration

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* use generated protobuf

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* update permissions mock in graph service

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* add unit test

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* return correct userid

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* assert error message type in tests

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

---------

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2023-02-15 14:24:19 +01:00
David Christofas
7c17ddb0b0 add a permission check to the logo upload 2023-02-13 13:48:39 +01:00
Jörn Friedrich Dreyer
078698fdf4 graph: add appRoleAssignments and minimal application resource (#5318) 
* bump libregraph-go lib

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* add appRoleAssignment stubs

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* add get application stub

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* fetch appRoles for application from settings service

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* initial list appRoleAssignments implementation

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* initial create appRoleAssignment implementation, extract assignmentToAppRoleAssignment, configurable app id and displayname

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* initial delete appRoleAssignment implementation, changed error handling and logging

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* initial expand appRoleAssignment on users

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* test user expand appRoleAssignment

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* test appRoleAssignment

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* fix education test by actually using the mocked roleManager

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* test getapplication

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* list assignments

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* use common not exists error handling

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* default to just 'ownCloud Infinite Scale' as application name

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* fix store_test

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* roll application uuid on init

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* fix tests

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* extract method

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* Apply suggestions from code review

Co-authored-by: Michael Barz <mbarz@owncloud.com>

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
Co-authored-by: Michael Barz <mbarz@owncloud.com>
 2023-01-12 16:09:34 +01:00
Ralf Haferkamp
07a78287a7 Allow initial self-assignemnt of UserRole 
When using an external user management we need to allow users to self-assign
the default role. This adds an explicit check for that to the settings service.
This also means we no longer need to fiddle with the account id in the proxy
upon first login.

Fixes: #5045
 2022-11-16 16:23:32 +01:00
Jörn Friedrich Dreyer
7443a9a225 Make permission and role ids unique (#5051) 
* make permission ids unique

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* deduplicate roleids after listing permissions

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2022-11-15 16:51:49 +01:00
David Christofas
3125459415 [full-ci]fallback to stored roles (#4890) 
* fallback to stored roles

If there are no roles in the current context load the user's roles from the storage.

* some code clean up
 2022-11-03 13:25:21 +01:00
David Christofas
73e50ae84b prohibit users form setting and listing other user's values 2022-10-25 14:13:47 +02:00
Ralf Haferkamp
87eaf72020 Forbid to edit/remove own role assignements 
And admin user is no longer allowed to edit/remove its own assignments.
This to prevent admins from locking themselves out.

Fixes: #3713
 2022-09-23 09:13:46 +02:00
Ralf Haferkamp
b4a90b132b Demote demo user "moss" from admin to space-admin 
Fixes: #3625
 2022-07-22 16:47:04 +02:00
Christian Richter
f8f1320501 refactor extensions -> services 
Signed-off-by: Christian Richter <crichter@owncloud.com>
 2022-06-27 14:05:36 +02:00
Christian Richter
78064e6bab rename folder extensions -> services 
Signed-off-by: Christian Richter <crichter@owncloud.com>
 2022-06-27 14:05:36 +02:00