Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

flesh out authz policy #405

Merged
merged 15 commits into from
Nov 22, 2021
Merged

flesh out authz policy #405

merged 15 commits into from
Nov 22, 2021

Conversation

davepacheco
Copy link
Collaborator

@davepacheco davepacheco commented Nov 19, 2021
edited
Loading

This change:

  • fleshes out the authz policy with something I hope will be sufficient for the MVP (though even if not, I think it's a good next step)
  • protects GET /organizations with authz
  • protects DELETE /organizations/$org/projects/$project/disks/$disk. I did this one because it exercises the project-level authz in the policy.

The next step will be to protect more endpoints using this policy. As it is, the policy file is largely not used, but I thought it was better to do this as a smaller change and then protect more endpoints in follow-on changes.

I'm happy to do a code walk-style review if that's helpful.

Some of this is a little janky right now but I hope we can clean it up as we iterate on more endpoints.

@davepacheco davepacheco changed the title flesh out authz policy and protect GET /organizations flesh out authz policy Nov 19, 2021
@davepacheco
Copy link
Collaborator Author

For anybody interested: I'll do an interactive review / walk-through on Monday 11/22 at 10am PT. Let me know and I'll add you to the invite. We'll also record it.

@davepacheco davepacheco marked this pull request as ready for review November 22, 2021 22:56
@davepacheco davepacheco merged commit 6a58d58 into main Nov 22, 2021
@davepacheco davepacheco deleted the authz-prototyping branch November 22, 2021 23:47
@davepacheco davepacheco mentioned this pull request Nov 23, 2021
Closed
71 tasks
@david-crespo david-crespo mentioned this pull request Dec 6, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@david-crespo david-crespo david-crespo approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@davepacheco @david-crespo