Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Refactor auth feature flag #1089

Closed
wants to merge 24 commits into from
Closed

Conversation

shhdgit
Copy link
Member

@shhdgit shhdgit commented Dec 8, 2021

This PR add backend protection for non root login.

Merge #1057 first to get a nice diff.

@ti-chi-bot
Copy link
Member

[REVIEW NOTIFICATION]

This pull request has not been approved.

To complete the pull request process, please ask the reviewers in the list to review by filling /cc @reviewer in the comment.
After your PR has acquired the required number of LGTMs, you can assign this pull request to the committer in the list by filling /assign @committer in the comment to help you merge this pull request.

The full list of commands accepted by this bot can be found here.

Reviewer can indicate their review by submitting an approval review.
Reviewer can cancel approval by submitting a request changes review.

@shhdgit shhdgit marked this pull request as ready for review December 8, 2021 04:43
@shhdgit shhdgit requested review from breezewish and removed request for breezewish December 9, 2021 02:47
@shhdgit shhdgit requested review from baurine and breezewish December 9, 2021 02:47
@breezewish breezewish self-assigned this Dec 14, 2021
Copy link
Member

@breezewish breezewish left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some further code reorg can be performed for shared.

import "github.com/pingcap/tidb-dashboard/util/featureflag"

type UserFeatureFlags struct {
NonRootLogin *featureflag.FeatureFlag
Copy link
Member

@breezewish breezewish Dec 14, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think this is something shared. It is SQL sign-in specific thing. I would rather see SSO to rely on something of SQL sign-in, instead of introducing SQL sign-in for all authenticators via shared.

ErrUnsupportedUser = ErrNS.NewType("unsupported_user")
ErrNSSignIn = ErrNS.NewSubNamespace("signin")
ErrSignInOther = ErrNSSignIn.NewType("other")
ErrInsufficientPrivs = ErrNSSignIn.NewType("insufficient_priv")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is SQL sign-in specific and should not be put in shared

@breezewish
Copy link
Member

You have too many wild open PRs. Recommend to focus on what you are really working hard with, instead of switching here and there, while none of the PR is complete. I will close this PR. You can pick it back when you want to focus on resolving this.

Considering that this is actually a bug fix, it means we need to track it anyway, instead of not picking it up all the time. So here is the tracking issue: #1100

@breezewish breezewish closed this Dec 14, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants