Implement permission policies in the API #22384
Draft
+11,416
−6,318
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Co-authored-by: Daniel Biegler <[email protected]>
Co-authored-by: Daniel Biegler <[email protected]>
licitdev
reviewed
Jun 11, 2024
This was referenced Jun 11, 2024
…xistence for admin users as well
* Changes to user counting and integrity checks * Ensure that user validation happens in both create one and create many * Rename `checkType` to `flags` * Update api/src/permissions/modules/validate-remaining-admin/validate-remaining-admin-count.ts Co-authored-by: Daniel Biegler <[email protected]> * Update to enum usage Co-authored-by: Daniel Biegler <[email protected]> * A few more changes to enum instead of number * One more enum type update * Make sure to correctly override the callback when combining options * Clean up option type * Update api/src/services/users.ts Co-authored-by: ian <[email protected]> * Only take validation shortcut for users We can only be sure that the deletion of users does not increase any other access types count, so in all other cases we need to verify that for example the App or API users have not increased over the limit * Make both app and admin users count against app access limit * Update api/src/permissions/modules/validate-remaining-admin/validate-remaining-admin-count.ts Co-authored-by: Pascal Jufer <[email protected]> * One post-merge fix, two small fixes * Simplify flag updating and callback calling * Changing app access in a policy only requires user limit checking, not full check * Only the status of a created user should matter to determine if a check is neccessary * Add count alias to count query --------- Co-authored-by: Daniel Biegler <[email protected]> Co-authored-by: ian <[email protected]> Co-authored-by: Pascal Jufer <[email protected]> Co-authored-by: Rijk van Zanten <[email protected]>
* Initial app changes * Fix getRelationsForField * Add changeset * Remove app-permissions from role settings * Make sure access row uuids are auto generated * Move a few things around, set up policies m2m properly * Show roles as tree in sidebar Change avatar field query for user * Show user and role count in policy table * Default to not adding app access for a policy, makes composability less annoying * Correctly fall back to 0 for counts * Change the structure of current user permissions * Start bringing back the public role * Make the public role a real role rather than a virtual one * Revert public role changes * Extend list-m2m to allow for very custom junction matching and a primary key of `null` * Remove unused * Fix public role policy update payload * Fix app access for users without role (which is a thing now apparently) * Make sure that the /me endpoints always return minimal information, similar to /users/me * Tweak nav icons * Pull policy id from constants * Update permissions interface design to match New design language in figma * Some minor adjustments - Make chip hover border more consistent - Add "Remove" button to remove a full row of permissions, as in the UI mockup - Fix table layout * Clean up a few more things * Fix `setFullAccess` * Align collection view icons with navigation * Don't query 'admin_access' for role * Fix relation extraction and permissions for `$FOLLOW` fields * Don't show `0 Items` for child rows, but `--` instead * Make policy detail work in nested policy creating use case * Remove unused v-icon override * Move system collections to separate visual table * Navigate before refresh Prevents a flash of the previous value to be visible in the table * Move composable to separate file --------- Co-authored-by: Daniel Biegler <[email protected]> Co-authored-by: Rijk van Zanten <[email protected]>
…are not allowed at all
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Scope
What's changed:
api/src/permissionsfolderrolesflag to accountability object. This is an ordered array of all the parent roles of the current userget-ast-from-queryby splitting it into multiple filescasesandwhenCase. This allows us to dynamically generate the case/when SQL to have dynamic field output per item.run-astby splitting it up into smaller filesPotential Risks / Drawbacks
Review Notes / Questions
Todos
whenCasesinrun-astclearmethod in memory/cache/permissionsendpointdirectus_accesschangesdirectus_roleschangesdirectus_permissionschangesdirectus_policieschangesdownmigrationwithCacheto the known keys -> Handled in Use ip in global access and stabilize accountability keys #22727$FOLLOWfield key for filters (Fixed in c00ff5d)app_accessandadmin_accessfalseCloses #21778, closes #21765, closes #22163, closes #21769, closes #21768, closes #21767, closes #21766
Footnotes
Eg check to make sure there's still >=1 admin left after the mutation is done ↩