-
Notifications
You must be signed in to change notification settings - Fork 135
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Refactor auth feature flag #1089
Conversation
[REVIEW NOTIFICATION] This pull request has not been approved. To complete the pull request process, please ask the reviewers in the list to review by filling The full list of commands accepted by this bot can be found here. Reviewer can indicate their review by submitting an approval review. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some further code reorg can be performed for shared
.
import "github.com/pingcap/tidb-dashboard/util/featureflag" | ||
|
||
type UserFeatureFlags struct { | ||
NonRootLogin *featureflag.FeatureFlag |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think this is something shared. It is SQL sign-in specific thing. I would rather see SSO to rely on something of SQL sign-in, instead of introducing SQL sign-in for all authenticators via shared
.
ErrUnsupportedUser = ErrNS.NewType("unsupported_user") | ||
ErrNSSignIn = ErrNS.NewSubNamespace("signin") | ||
ErrSignInOther = ErrNSSignIn.NewType("other") | ||
ErrInsufficientPrivs = ErrNSSignIn.NewType("insufficient_priv") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is SQL sign-in specific and should not be put in shared
You have too many wild open PRs. Recommend to focus on what you are really working hard with, instead of switching here and there, while none of the PR is complete. I will close this PR. You can pick it back when you want to focus on resolving this. Considering that this is actually a bug fix, it means we need to track it anyway, instead of not picking it up all the time. So here is the tracking issue: #1100 |
This PR add backend protection for non root login.
Merge #1057 first to get a nice diff.