[midPoint-git] [Evolveum/midpoint] 890e1e: Make REST authorizations finer-grained

mederly noreply at github.com
Tue Feb 20 17:37:35 CET 2024


  Branch: refs/heads/support-4.4
  Home:   https://github.com/Evolveum/midpoint
  Commit: 890e1e52e7d2707590ee73eff33a2c530ae07988
      https://github.com/Evolveum/midpoint/commit/890e1e52e7d2707590ee73eff33a2c530ae07988
  Author: Pavol Mederly <mederly at evolveum.com>
  Date:   2024-02-20 (Tue, 20 Feb 2024)

  Changed paths:
    M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/BasicWebSecurityConfig.java
    M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/MidPointGuiAuthorizationEvaluator.java
    M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/MidpointAllowAllAuthorizationEvaluator.java
    M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/MidpointHttpAuthorizationEvaluator.java
    M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/PageUrlMapping.java
    M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/module/HttpBasicModuleWebSecurityConfig.java
    M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/module/HttpClusterModuleWebSecurityConfig.java
    M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/module/HttpSecurityQuestionsModuleWebSecurityConfig.java
    M gui/admin-gui/src/test/java/com/evolveum/midpoint/web/TestIntegrationSecurity.java
    M model/model-api/src/main/java/com/evolveum/midpoint/model/api/ModelAuthorizationAction.java
    M model/rest-impl/src/main/java/com/evolveum/midpoint/rest/impl/AbstractRestController.java
    M model/rest-impl/src/main/java/com/evolveum/midpoint/rest/impl/ClusterRestController.java
    M model/rest-impl/src/main/java/com/evolveum/midpoint/rest/impl/ExtensionSchemaRestController.java
    M model/rest-impl/src/main/java/com/evolveum/midpoint/rest/impl/ModelRestController.java
    A repo/security-api/src/main/java/com/evolveum/midpoint/security/api/RestAuthorizationAction.java
    A repo/security-api/src/main/java/com/evolveum/midpoint/security/api/RestHandlerMethod.java
    M repo/security-enforcer-api/src/main/java/com/evolveum/midpoint/security/enforcer/api/SecurityEnforcer.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/SecurityEnforcerImpl.java
    M testing/rest/src/test/java/com/evolveum/midpoint/testing/rest/RestServiceInitializer.java
    M testing/rest/src/test/java/com/evolveum/midpoint/testing/rest/TestAbstractRestService.java
    M testing/rest/src/test/resources/repo/json/script-modify-validTo.json
    A testing/rest/src/test/resources/repo/role-rest-limited.xml
    A testing/rest/src/test/resources/repo/user-rest-limited.xml
    M testing/rest/src/test/resources/repo/xml/script-modify-validTo.xml
    M testing/rest/src/test/resources/repo/yaml/script-modify-validTo.yml

  Log Message:
  -----------
  Make REST authorizations finer-grained

While "rest-3#all" authorization still exists, it is no longer
required to use it when only a subset of REST methods is to be
accessed by particular client. Each method has now its own
authorization.

(cherry picked from commit b0d8b1548dce20f00977316aa0ed9db56b52078f)



To unsubscribe from these emails, change your notification settings at https://github.com/Evolveum/midpoint/settings/notifications


More information about the midPoint-svn mailing list