[midPoint-git] [Evolveum/midpoint] 80facc: Make REST authorizations finer-grained

Lukas Skublik noreply at github.com
Tue Feb 20 16:22:46 CET 2024 

  Branch: refs/heads/support-4.7
  Home:   https://github.com/Evolveum/midpoint
  Commit: 80faccce38094f8a44e1885660bd23382705eb84
      https://github.com/Evolveum/midpoint/commit/80faccce38094f8a44e1885660bd23382705eb84
  Author: Pavol Mederly <mederly at evolveum.com>
  Date:   2024-02-20 (Tue, 20 Feb 2024)

  Changed paths:
    M model/authentication-impl/pom.xml
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/authorization/evaluator/MidPointGuiAuthorizationEvaluator.java
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/authorization/evaluator/MidpointAllowAllAuthorizationEvaluator.java
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/authorization/evaluator/MidpointHttpAuthorizationEvaluator.java
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/configuration/MidpointWebSecurityConfigurerAdapter.java
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/module/configurer/HttpBasicModuleWebSecurityConfigurer.java
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/module/configurer/HttpClusterModuleWebSecurityConfigurer.java
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/module/configurer/HttpSecurityQuestionsModuleWebSecurityConfigurer.java
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/module/configurer/OidcResourceServerModuleWebSecurityConfigurer.java
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/util/EndPointsUrlMapping.java
    M model/authentication-impl/src/test/java/com/evolveum/midpoint/authentication/TestIntegrationSecurity.java
    M model/model-api/src/main/java/com/evolveum/midpoint/model/api/ModelAuthorizationAction.java
    M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/SecurityHelper.java
    M model/rest-impl/src/main/java/com/evolveum/midpoint/rest/impl/AbstractRestController.java
    M model/rest-impl/src/main/java/com/evolveum/midpoint/rest/impl/ClusterRestController.java
    M model/rest-impl/src/main/java/com/evolveum/midpoint/rest/impl/ExtensionSchemaRestController.java
    M model/rest-impl/src/main/java/com/evolveum/midpoint/rest/impl/ModelRestController.java
    A repo/security-api/src/main/java/com/evolveum/midpoint/security/api/RestAuthorizationAction.java
    A repo/security-api/src/main/java/com/evolveum/midpoint/security/api/RestHandlerMethod.java
    M repo/security-enforcer-api/src/main/java/com/evolveum/midpoint/security/enforcer/api/SecurityEnforcer.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/SecurityEnforcerImpl.java
    M testing/rest/src/test/java/com/evolveum/midpoint/testing/rest/AbstractRestServiceInitializer.java
    M testing/rest/src/test/java/com/evolveum/midpoint/testing/rest/RestServiceInitializer.java
    M testing/rest/src/test/java/com/evolveum/midpoint/testing/rest/TestAbstractRestService.java
    M testing/rest/src/test/resources/repo/json/script-modify-validTo.json
    A testing/rest/src/test/resources/repo/role-rest-limited.xml
    A testing/rest/src/test/resources/repo/user-rest-limited.xml
    M testing/rest/src/test/resources/repo/xml/script-modify-validTo.xml
    M testing/rest/src/test/resources/repo/yaml/script-modify-validTo.yml

  Log Message:
  -----------
  Make REST authorizations finer-grained

While "rest-3#all" authorization still exists, it is no longer
required to use it when only a subset of REST methods is to be
accessed by particular client. Each method has now its own
authorization.

(cherry picked from commit b0d8b1548dce20f00977316aa0ed9db56b52078f)


  Commit: e6b56c320b29cec5d5bf9907afd986948d391e7c
      https://github.com/Evolveum/midpoint/commit/e6b56c320b29cec5d5bf9907afd986948d391e7c
  Author: skublik <lukas.skublik at gmail.com>
  Date:   2024-02-20 (Tue, 20 Feb 2024)

  Changed paths:
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/authorization/evaluator/MidPointGuiAuthorizationEvaluator.java
    M testing/rest/src/test/java/com/evolveum/midpoint/testing/rest/TestAbstractRestService.java

  Log Message:
  -----------
  fix resolving of rest method authorization


Compare: https://github.com/Evolveum/midpoint/compare/e1b85da0bd02...e6b56c320b29

To unsubscribe from these emails, change your notification settings at https://github.com/Evolveum/midpoint/settings/notifications

More information about the midPoint-svn mailing list