[midPoint-git] [Evolveum/midpoint] ebdee9: MID-9638 removed referencedBy query when fetching ...
Viliam Repan
noreply at github.com
Thu May 2 09:44:07 CEST 2024
Branch: refs/heads/feature/tree-delta
Home: https://github.com/Evolveum/midpoint
Commit: ebdee96f4547a5fbdbe47257bdd4fe05c959508b
https://github.com/Evolveum/midpoint/commit/ebdee96f4547a5fbdbe47257bdd4fe05c959508b
Author: Viliam Repan <vilo.repan at evolveum.com>
Date: 2024-04-30 (Tue, 30 Apr 2024)
Changed paths:
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/self/requestAccess/RoleCatalogPanel.java
Log Message:
-----------
MID-9638 removed referencedBy query when fetching role catalog by teammate assignments because of authorization problems. Roles will be fetched in two steps as for non-native repository
Commit: 4cd16d59cc0c49c1aec61263eb151ed53816e7b7
https://github.com/Evolveum/midpoint/commit/4cd16d59cc0c49c1aec61263eb151ed53816e7b7
Author: Pavol Mederly <mederly at evolveum.com>
Date: 2024-04-30 (Tue, 30 Apr 2024)
Changed paths:
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/eval/FilteringContext.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/TestExpressionProfiles.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/AbstractInitializedSecurityTest.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityBasic.java
M model/model-intest/src/test/resources/logback-test.xml
A model/model-intest/src/test/resources/security/role-deny-read-assignment-and-roleMembershipRef.xml
A model/model-intest/src/test/resources/security/user-alex.xml
A model/model-intest/src/test/resources/security/user-betty.xml
M model/model-intest/testng-integration-full.xml
M repo/security-enforcer-api/src/main/java/com/evolveum/midpoint/security/enforcer/api/PositiveNegativeItemPaths.java
M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/EnforcerFilterOperation.java
R repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/QueryAutzItemPaths.java
A repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/QueryObjectAutzCoverage.java
A repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/QueryObjectsAutzCoverage.java
M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/SecurityTraceEvent.java
Log Message:
-----------
Improve authorization for filter items
In order to evaluate a filter, one has to be authorized to access
items (and their values) used for filter evaluation. The support
for this feature was present but a bit incomplete. "Deny"
authorizations were not taken into account, and authorizations
for unrelated types (required e.g. by the referencedBy filter)
were ignored.
This commit partially fixes that: "deny" authorizations are now
supported in the same way as "allow" ones, and some filter items
are checked, at least at a rudimentary level. To be improved later.
(Also adding forgotten TestExpressionProfiles to test suite.)
Related to MID-9638 and MID-9670.
Commit: 200af1955522cd7b833c0854efc63dc0c2937916
https://github.com/Evolveum/midpoint/commit/200af1955522cd7b833c0854efc63dc0c2937916
Author: Pavol Mederly <mederly at evolveum.com>
Date: 2024-04-30 (Tue, 30 Apr 2024)
Changed paths:
M docs/concepts/query/midpoint-query-language/introduction.adoc
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/component/MainObjectListPanel.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/util/WebComponentUtil.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/component/search/wrapper/DeadShadowSearchItemWrapper.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/admin/simulation/SimulationResultsPanel.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/self/requestAccess/RoleCatalogPanel.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/certification/PageCertDefinitions.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/visualizer/Resolver.java
Log Message:
-----------
Merge remote-tracking branch 'origin/master'
Commit: a8bec57b277129af694c50d75a500241a0a3f528
https://github.com/Evolveum/midpoint/commit/a8bec57b277129af694c50d75a500241a0a3f528
Author: KaterynaHonchar <honchar at evolveum.com>
Date: 2024-05-01 (Wed, 01 May 2024)
Changed paths:
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/self/credentials/PropagatePasswordPanel.java
Log Message:
-----------
fix for self credentials
Commit: dd953140fa62859a74877d9f887a719a09b47603
https://github.com/Evolveum/midpoint/commit/dd953140fa62859a74877d9f887a719a09b47603
Author: Viliam Repan <vilo.repan at evolveum.com>
Date: 2024-05-02 (Thu, 02 May 2024)
Changed paths:
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/self/credentials/PropagatePasswordPanel.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/self/requestAccess/RoleCatalogPanel.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/eval/FilteringContext.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/TestExpressionProfiles.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/AbstractInitializedSecurityTest.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityBasic.java
M model/model-intest/src/test/resources/logback-test.xml
A model/model-intest/src/test/resources/security/role-deny-read-assignment-and-roleMembershipRef.xml
A model/model-intest/src/test/resources/security/user-alex.xml
A model/model-intest/src/test/resources/security/user-betty.xml
M model/model-intest/testng-integration-full.xml
M repo/security-enforcer-api/src/main/java/com/evolveum/midpoint/security/enforcer/api/PositiveNegativeItemPaths.java
M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/EnforcerFilterOperation.java
R repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/QueryAutzItemPaths.java
A repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/QueryObjectAutzCoverage.java
A repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/QueryObjectsAutzCoverage.java
M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/SecurityTraceEvent.java
Log Message:
-----------
Merge remote-tracking branch 'origin/master' into feature/tree-delta
Compare: https://github.com/Evolveum/midpoint/compare/b989e28b46b4...dd953140fa62
To unsubscribe from these emails, change your notification settings at https://github.com/Evolveum/midpoint/settings/notifications
More information about the midPoint-svn
mailing list