Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-18 03:01:05 +01:00
Code Issues Packages Projects Releases Activity
9,267 Commits 32 Branches 207 Tags
e8074e7f7eb79b09d2bdd39b63404e51a7a7f88a
Commit Graph

244 Commits

Author SHA1 Message Date
Sebastian Sdorra
3bd1cbf53d added option to define extra groups for AccessToken 2019-01-21 14:27:14 +01:00
René Pfeuffer
cda8c59c2d Accept already assigned permissions even when they are not available 2019-01-21 10:01:29 +01:00
René Pfeuffer
6815634fad Fail assignment on not existing permission 2019-01-19 20:27:25 +01:00
René Pfeuffer
f781778908 Fix permission checks 2019-01-18 14:52:17 +01:00
René Pfeuffer
8000731ab7 Add REST resource for group permissions 2019-01-18 12:06:37 +01:00
Sebastian Sdorra
36ea444e69 fix assignment of administrator privileges by configuration 2019-01-18 08:35:34 +01:00
René Pfeuffer
783c425b1e Rename Permission -> RepositoryPermission 2019-01-17 14:25:49 +01:00
René Pfeuffer
ad65c8cd02 Use PermissionDescriptor instead of String 2019-01-17 13:21:20 +01:00
René Pfeuffer
7462613c16 Add permission for permissions 2019-01-16 16:55:24 +01:00
René Pfeuffer
5e364e1043 Do not expose StoredAssignedPermission 2019-01-16 16:03:02 +01:00
René Pfeuffer
f1692aa1c7 Cleanup security system 
- remove probably unused methods
- use sets instead of lists
- remove old REST resource
 2019-01-16 14:19:11 +01:00
René Pfeuffer
ada764fd8b Merge with 2.0.0-m3 2019-01-16 07:43:22 +01:00
Sebastian Sdorra
ac4a57f2f3 replace TokenClaimsValidator with not so generic AccessTokenValidator interface and fixed duplicated code of BearerRealm and JwtAccessTokenResolve 2018-12-21 08:35:18 +01:00
Johannes Schnatterer
32b0341649 Security System: Query permission.xmls from uber classloader. 
Allows for finding permission.xmls from plugins.
Adds an examplary permission.xml for git plugin.
 2018-12-20 17:56:28 +01:00
Sebastian Sdorra
af7e776fdd added getParentKey() to AccessToken interface 2018-12-17 13:06:11 +01:00
Sebastian Sdorra
306482094d move AccessTokenCookieIssue from scm-webapp to scm-core 2018-12-14 08:29:30 +01:00
René Pfeuffer
226dc75ddc Fix unit test 2018-12-06 08:56:57 +01:00
René Pfeuffer
c328a94147 Handle invalid tokens 
Eg. after deletion of user signing keys for JWT tokens, resolving
tokens throws an Authentication Exception. This must be caught.
 2018-12-06 08:13:55 +01:00
Sebastian Sdorra
16eb433618 Merged in feature/jwt_refresh (pull request #121) 
Feature JWT Refresh
 2018-12-05 09:14:16 +00:00
René Pfeuffer
3021bea65a Multiply floating store factories for type safety 2018-12-04 08:56:39 +01:00
René Pfeuffer
33f3216164 Make type optional 2018-12-03 16:30:19 +01:00
René Pfeuffer
44d99f55f2 Do no longer expose StoreParameters 2018-12-03 12:28:35 +01:00
René Pfeuffer
3638d3520f Use static method for new StoreParameters instance 2018-12-03 11:28:03 +01:00
René Pfeuffer
581e6a9bff Fix extension point injection 2018-12-03 08:20:41 +01:00
René Pfeuffer
58268f88db Fix refresh strategy 2018-11-30 17:19:59 +01:00
René Pfeuffer
aec5520e57 Implement simple JWT refresh filter 2018-11-30 16:57:04 +01:00
René Pfeuffer
57753e4de0 Add default refresh strategy 2018-11-30 11:35:20 +01:00
René Pfeuffer
205ca42e09 Introduce simple refresh strategy 2018-11-30 11:18:37 +01:00
René Pfeuffer
2e092b36cf Suppress warning 2018-11-30 10:20:12 +01:00
René Pfeuffer
e8672bbeff Keep refresh expiration 2018-11-30 10:15:12 +01:00
René Pfeuffer
46f9473083 Compute new expiration from old expiration 2018-11-30 10:05:43 +01:00
René Pfeuffer
0f6b9ba891 Inject clocks for tests 2018-11-30 09:43:13 +01:00
René Pfeuffer
2adcbe5d99 Set parent token id 2018-11-30 09:22:02 +01:00
René Pfeuffer
0b1edaab08 Fix time computations 2018-11-29 17:04:38 +01:00
René Pfeuffer
c85c0229c1 First steps for JWT refresh 2018-11-29 08:01:25 +01:00
Mohamed Karray
7a1de0f67b add the interface StoreFactory and refactor storeFactories 2018-11-27 11:35:02 +01:00
René Pfeuffer
04592521ee Apply peer review results 2018-11-14 07:55:22 +01:00
René Pfeuffer
541303b351 Move annotation to corresponding module 2018-11-13 11:12:16 +01:00
René Pfeuffer
716b49a039 Merge with 2.0.0-m3 2018-11-13 10:36:31 +01:00
René Pfeuffer
3e99709035 Replace method interceptor with request filter 2018-11-13 09:54:28 +01:00
René Pfeuffer
96c2114e53 Reduce SecurityFilter to user injection and enable SecurityInterceptor 
Remove all the unnecessary stuff and all endpoints that would be no
longer secure.
 2018-11-09 16:06:31 +01:00
René Pfeuffer
afbffa5978 Fix tests for default owner permission 
Therefore add explicit methods to change the permission collection
of a repository.
 2018-11-09 10:13:36 +01:00
René Pfeuffer
42bf785a42 Register interceptor for web request calls 2018-11-09 08:03:58 +01:00
Philipp Czora
a56aeca8d2 Merged in feature/ui_changeset_list (pull request #82) 
Feature/ui changeset list
 2018-10-17 15:38:47 +00:00
Sebastian Sdorra
95cb1e77fc merge with 2.0.0-m3 2018-10-17 15:54:25 +02:00
Sebastian Sdorra
380f199c0d use 60 minutes instead of 10 for jwt session timeout 2018-10-17 15:22:13 +02:00
René Pfeuffer
9bfb2cdadb Move password logic to manager 2018-10-17 11:58:37 +02:00
Mohamed Karray
023b362f68 add permission to modify the own password over the me and the user endpoints 2018-10-12 15:20:58 +02:00
Mohamed Karray
a23c497b3a merge + use the old search methods in the autocomplete feature 2018-10-09 11:11:25 +02:00
Mohamed Karray
ddcc21c1a8 add autocomplete endpoint 2018-10-08 13:39:33 +02:00