-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Introduce PublicInstancePermission
#850
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
BREAKING CHANGE: This changes a crucial security setting an might need adjustments in projects.
KaiVolland
force-pushed
the
public-entity
branch
from
April 24, 2024 13:41
c22e7d8
to
9a1d35e
Compare
dnlkoch
reviewed
Apr 25, 2024
shogun-config/src/main/java/de/terrestris/shogun/config/DefaultWebSecurityConfig.java
Outdated
Show resolved
Hide resolved
shogun-lib/src/main/java/de/terrestris/shogun/lib/model/security/permission/PublicEntity.java
Outdated
Show resolved
Hide resolved
...main/java/de/terrestris/shogun/lib/security/access/entity/BaseEntityPermissionEvaluator.java
Outdated
Show resolved
Hide resolved
shogun-lib/src/main/java/de/terrestris/shogun/lib/security/access/BasePermissionEvaluator.java
Outdated
Show resolved
Hide resolved
shogun-boot/src/main/resources/db/migration/V0.13.0__add_publicentities_table.sql
Outdated
Show resolved
Hide resolved
This was referenced Apr 25, 2024
- Refines DefaultWebSecurityConfig to be more strict - Updates migration file and adds revision table
Thanks for the review @dnlkoch. I gonna add some tests regarding the public topic. |
hwbllmnn
approved these changes
Apr 26, 2024
...n/java/de/terrestris/shogun/lib/controller/security/permission/BasePermissionController.java
Show resolved
Hide resolved
dnlkoch
approved these changes
Apr 29, 2024
🎉 This PR is included in version 19.0.0 🎉 The release is available on:
Your semantic-release bot 📦🚀 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This introduces the
PublicInstancePermission
.It allows to create a one to one relation to any BaseEntity via the
PublicInstancePermissionService
and theBasePermissionController
.If a
BaseEntity
is aPublicInstancePermission
it is accesible for anyone, so no Authorization or User is required.To be able to check for this permission it was needed to adapt the
DefaultWebSecurityConfig
and theBaseCrudRepository
.❗ As theses changes might be impactful this PR should be considered as a breaking and change. ❗
So it is marked with commit 90474d0.
To set/unset an entity as public you can use the new
BasePermissionController
endpoint:Just send an empty
POST
request to add the entity to thepublicinstancepermissions
table or aDELETE
request to remove it.This superseeds the approaches for the PRs of public applications #848 and public imagefiles #849 .
Related issues or pull requests
Pull request type
Do you introduce a breaking change?
Checklist
Apache Licence Version 2.0.
mvn test
locally).