Added /orgs/org/users/user/keys(/key) endpoints and changed default perms on org scoped key GETs. #769
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
tylercloke
force-pushed
the
SPOOL-71/read-on-org-scoped-keys
branch
from
3d741dc to
fad01e9
Compare
tylercloke
changed the title
tylercloke
force-pushed
the
SPOOL-71/read-on-org-scoped-keys
branch
from
fad01e9 to
b50073e
Compare
| {object_name, ParentName} = lists:keyfind(object_name, 1, Args), | ||
| {name, Name} = lists:keyfind(name, 1, Args), | ||
| {BaseURI, Org} = extract_from_req(Req), | ||
| Template = template_for_type(client_key), |
There was a problem hiding this comment.
Should this be template_for_type(org_user_key)?
tylercloke
force-pushed
the
SPOOL-71/read-on-org-scoped-keys
branch
from
d7bfb0f to
93cde1b
Compare
|
I'm 👍 on the existing changes; however, per our chat discussion this needs a mover migration for existing orgs/users. |
tylercloke
force-pushed
the
SPOOL-71/read-on-org-scoped-keys
branch
from
2ecd8f1 to
4063d60
Compare
tylercloke
force-pushed
the
SPOOL-71/read-on-org-scoped-keys
branch
from
4063d60 to
1d07f08
Compare
tylercloke
force-pushed
the
SPOOL-71/read-on-org-scoped-keys
branch
from
1d07f08 to
409707c
Compare
tylercloke
force-pushed
the
SPOOL-71/read-on-org-scoped-keys
branch
from
4528a6e to
d656799
Compare
tylercloke
force-pushed
the
SPOOL-71/read-on-org-scoped-keys
branch
from
d656799 to
bccb903
Compare
tylercloke
force-pushed
the
SPOOL-71/read-on-org-scoped-keys
branch
from
bccb903 to
0acd73c
Compare
tylercloke
force-pushed
the
SPOOL-71/read-on-org-scoped-keys
branch
from
0acd73c to
ad6b51e
Compare
| status: 200, | ||
| body_exact: [ | ||
| list_client_keys(org_name, org_client_name, current_requestor).should look_like({ | ||
| :status => 200, |
|
|
||
| -record(org, {name, id, authz_id}). | ||
| -record(group, {name, id, authz_id}). | ||
| -define(GLOBAL_PLACEHOLDER_ORG_ID, <<"00000000000000000000000000000000">>). |
There was a problem hiding this comment.
I am pretty sure we have this available in an hrl we can pull in from somewhere?
|
On the whole 👍 with minor comments. The only outstanding question (currently under discussion) is whether this would be better as an org-owned group instead of a global group, since the constraints that led us to creating global_read (global_admins) don't necessarily apply here. I don't think it would be a major change to the PR to switch it over, but we're in process of talking this through. |
|
After further discussion, we’ve decided to make the group a normal org group, with permissions to prevent deletion. This allows membership to be edited as needed in situations where the customer has concerns about exposing public key and expiration data to clients. |
When passing a custom org, it was posting to the default org.
Added tests around desired behavior related to allowing clients and users to access the public keys of other clients and users within the same org.
tylercloke
force-pushed
the
SPOOL-71/read-on-org-scoped-keys
branch
from
896b814 to
78f29b1
Compare
tylercloke
force-pushed
the
SPOOL-71/read-on-org-scoped-keys
branch
from
78f29b1 to
e32cda0
Compare
…erms on org scoped key GETs. Now, all org scoped key GETs will allow access to any requestor within the same org (and the superuser). The endpoints affected are + /orgs/org/clients/client/keys + /orgs/org/clients/client/keys/key + /orgs/org/users/user/keys + /orgs/org/users/user/keys/key of which the latter two are new endpoints. The new permissions where implemented by overriding default permissions for those GETs and checking if the requestor is a memeber of the public_key_read_access group instead. This is a new group that, by default, contains the users and clients group. Org admins can edit who is in this group, which changes who is allowed to view the org scoped user public keys. The existing user key endpoints + /users/user/keys + /users/user/keys/key were not modified and contain the same permissions as beforehand. Changelog-Entry: Added /orgs/org/users/user/keys(/key) endpoint and changed default perms on org scoped key GETs. The following endpoints' GET methods can now be accessed by any requestor that is a member of the same organization: + /organizations/:org/clients/:client/keys + /organizations/:org/clients/:client/keys/:key + /organizations/:org/users/:user/keys + /organizations/:org/users/:user/keys/:key The above org-scoped user keys endpoints are new and access to them can be controlled by an admin by editing memebership of the public_key_read_access group.
tylercloke
force-pushed
the
SPOOL-71/read-on-org-scoped-keys
branch
from
e32cda0 to
5ab02f8
Compare
| @@ -87,6 +88,7 @@ | |||
| {add_acl, | |||
| [mk_tl(container, ?CONTAINERS), mk_tl(group, [admins, clients, users]), {organization}], | |||
| ?ALL_PERMS, [{group, admins}]}, | |||
| {add_acl, [{group, public_key_read_access}], [read, update], [{group, admins}]}, | |||
There was a problem hiding this comment.
These changes look good to me. I prefer read, update over adding read, grant. There probably would be no harm in adding others to the read list, but I'm fine with where it is.
There was a problem hiding this comment.
Sweet, I think read, update is the right thing too.
|
👍 with changes to make it org owned. |
tylercloke
added a commit
that referenced
this pull request
Mar 17, 2016
Added /orgs/org/users/user/keys(/key) endpoints and changed default perms on org scoped key GETs.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Merge chef/chef-zero#205 and re-run Travis once two 👍 acquired.
Now, all org-scoped key GETs will allow access to any requestor within the same org (and the superuser).
The endpoints affected are
of which the latter two are new endpoints.
The new permissions where implemented by overriding default permissions for those GETs and checking if the requestor of actor_keys_access_group instead (which is a global group that exists per org that contains the users and clients groups, similar to the existing read_access_group).
The existing user key endpoints
were not modified and contain the same permissions as beforehand.
A large part of the diff is just tests being reorganized.
Passing Build