Strolch
/
strolch
mirror of https://github.com/strolch-li/strolch.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,630 Commits 11 Branches 174 Tags 63 MiB
Commit Graph

1630 Commits

Author SHA1 Message Date
Robert von Burg 91a08057c1 [Minor] fixed session timeout not being audit action timeout 2015-04-05 01:27:50 +02:00
Robert von Burg 4383e8a1ab [Minor] fixed wrong actions for audits of locale,pw,state change of user 2015-04-05 01:20:54 +02:00
Robert von Burg bd4291b483 [Major] Moved privilege management into separate services 
- instead of just calling the methods from the REST API, now we call
services
- this allows auditing who changes which privileges
 2015-04-05 01:11:54 +02:00
Robert von Burg 4c6434f475 [Major] Setting user password, locale and state are now separate privs 2015-04-05 00:13:16 +02:00
Robert von Burg 6bd1ed58ad [New] Added limit and sorting to Audit query incl. REST API 2015-04-04 18:29:33 +02:00
Robert von Burg 5d7cf8469f [New] added elementSubType to REST API for querying Audits 2015-04-04 18:05:39 +02:00
Robert von Burg aa11f8098a [New] Added elementSubType to Audit 2015-04-04 17:53:54 +02:00
Robert von Burg e163237613 [Minor] fixed broken tests 2015-04-03 13:37:56 +02:00
Robert von Burg c307102e33 [Minor] added ComponentContainer.getRealm(Certificate) 
- instead of throwing an exception if the realm property is missing on
the certificate, we first see if the default realm is available
 2015-04-02 20:39:29 +02:00
Robert von Burg 318b186641 [Minor] Updated ch.eitchnet.utils submodule 2015-04-02 20:27:10 +02:00
Robert von Burg 30608ba99a [New] Added REST API to query Audits 2015-04-02 20:26:20 +02:00
Robert von Burg 9ca7b5f26f [New] Added audits for login and logout 2015-04-02 20:26:20 +02:00
Robert von Burg e123cbf47d [Minor] added ComponentContainer.getRealm(Certificate) 2015-04-02 20:26:20 +02:00
Robert von Burg 22ddb3bd74 [Bugfix] fixed brok Iso8601DateAdapter 2015-04-02 20:26:20 +02:00
Robert von Burg c7654e93a5 Added a Strolch 1.0.0 blog entry. 2015-03-31 22:12:18 +02:00
Robert von Burg 875947245d [Project] formatted blog.html 2015-03-31 17:55:18 +02:00
Robert von Burg 82fae1a16c Updated download page to link to release 1.0.0 2015-03-31 17:49:16 +02:00
Robert von Burg da329c6e46 [New] Added new constructors to Result for ServiceResults 2015-03-22 00:34:31 +01:00
Robert von Burg 6338690ad2 [New] Added StringHelper.getExceptionMessage(Throwable) 2015-03-22 00:33:59 +01:00
Robert von Burg 01963c7c20 [New] removed need for StrolchPrivilegeAdmin role (user privileges!) 2015-03-18 20:40:41 +01:00
Robert von Burg 2607bbef3f [Bugfix] fixed bug where stream was not configured correctly 2015-03-18 20:40:10 +01:00
Robert von Burg 82c7417bdd [Minor] updated submodule ch.eitchnet.privilege 2015-03-18 20:12:04 +01:00
Robert von Burg 3f7636428d [Minor] added JavaDoc to new policies 2015-03-18 20:11:45 +01:00
Robert von Burg 2076675ca5 [Minor] fixed broken tests 2015-03-17 21:47:22 +01:00
Robert von Burg 47bbafba22 [Minor] fixed broken test 2015-03-17 21:43:10 +01:00
Robert von Burg 296054cf55 [Major] refactored LoginResult - now return sessionId as well 
- thus the previous sessionId was renamed to authToken, which is what it
is from certificate
- added sessionId to as we need it to handle session specific data
- also return firstname and lastname on LoginResult
 2015-03-17 21:40:08 +01:00
Robert von Burg 172f384680 [New] Implemented UserSessionsService methods properly 2015-03-15 23:45:43 +01:00
Robert von Burg c07d4553a1 [Project] update submodules 2015-03-15 22:58:02 +01:00
Robert von Burg e076ced839 [New] Added UsernameFromCertificatePrivilege policy 2015-03-15 11:03:37 +01:00
Robert von Burg 6ccb4425cc [New] changed session ID to be a UUID 2015-03-15 11:03:23 +01:00
Robert von Burg 8e75a7651a [Bugfix] fixed exception formatting bug in StringHelper 2015-03-15 11:02:57 +01:00
Robert von Burg e0b2f32b4f [New] Added UserSession querying and modifying 2015-03-14 21:24:18 +01:00
Robert von Burg 2ee0d2fb4e [New] Added UserSession querying and modifying 2015-03-14 21:23:10 +01:00
Robert von Burg c2f4d7468b [Major] changed Certificate to use Date and not long 2015-03-14 21:22:20 +01:00
Robert von Burg 85e34cabe1 [Minor] synchronized submodule ch.eitchnet.privilege 2015-03-14 00:20:17 +01:00
Robert von Burg 9870513beb [New] Added new param "privilegeConflictResolution" 
- privilegeConflictResolution is used to configure how conflicts of
privileges on multiple roles are handled.
- Implemented is STRICT where if a privilege with the same name exists
on a role used by the same user occurs, then an exception is thrown.
- Next is MERGE where if a conflict occurs, then the privileges are
merged: allAllowed overrides, allow and deny list are merged
 2015-03-14 00:18:59 +01:00
Robert von Burg 33041f2b06 [Major] refactored privileges returned on LoginResult 2015-03-12 22:59:12 +01:00
Robert von Burg 7ff8ba6779 [Bugfix] Fixed bad parsing of Allow on multiple privileges per Role 2015-03-12 18:31:14 +01:00
Robert von Burg 819ae53708 [Minor] added missing PrivilegePolicies: 
<Policy name="RoleAccessPrivilege"
    class="ch.eitchnet.privilege.policy.RoleAccessPrivilege" />
<Policy name="UserAccessPrivilege" 
    class="ch.eitchnet.privilege.policy.UserAccessPrivilege" />
 2015-03-12 18:05:46 +01:00
Robert von Burg 5ffc03f115 [Minor] removed reference to non existing role PrivilegAdmin in users 2015-03-12 18:01:02 +01:00
Robert von Burg fa3fe89237 [Minor] removed requirement for PrivilegeAdmin role in priv. handler 2015-03-12 17:44:46 +01:00
Robert von Burg 5675027f6c [Minor] removed the PrivilegeAdmin role from all PrivilegeModel.xml 2015-03-12 17:43:42 +01:00
Robert von Burg fa40671b8c [Major] removed the need for a role PrivilegeAdmin - now use privileges 
- this solves the situation where a user might be allowed to add a user
with a specific role, but not change a role and other such use cases

Now there are privileges for every use case with two new
PrivilegePolicies:
- RoleAccessPrivilege
- UserAccessPrivilege
both of these policies expect a ch.eitchnet.utils.collections.Tuple as
privilege value. The Tuple is a simple wrapper for two values: first and
second. Each privilege has its own requirement on the actual values

Special privilege actions:
- PrivilegeAction -> privilege vlaue: String
  - Persist (required Allow)
  - Reload (required Allow)
  - GetPolicies (required Allow)

Role specific privileges:
- PrivilegeGetRole -> privilege value: Tuple(null, newRole)
- PrivilegeAddRole -> privilege value: Tuple(null, newRole)
- PrivilegeRemoveRole -> privilege value: Tuple(null, newRole)
- PrivilegeModifyRole -> privilege value: Tuple(oldRole, newRole)

Use specific privileges:
- PrivilegeGetUser -> privilege value: Tuple(null, newUser)
- PrivilegeAddUser -> privilege value: Tuple(null, newUser)
- PrivilegeRemoveUser -> privilege value: Tuple(null, newUser)
- PrivilegeModifyUser -> privilege value: Tuple(oldUser, newUser)
  - NOTE: without modifying roles, only fields and properties!
- PrivilegeAddRoleToUser -> privilege value: Tuple(oldUser, roleName)
- PrivilegeRemoveRoleFromUser -> privilege value: Tuple(oldUser,
	roleName)
 2015-03-12 17:32:06 +01:00
Robert von Burg 638cebe01e [New] Added new Tuple to collections 2015-03-12 13:18:20 +01:00
Robert von Burg 5602f56c15 [Major] allow user to change their own locale incl. auto persist 2015-03-08 21:44:35 +01:00
Robert von Burg a3d76d4cd8 [Major] allow user to change their own locale incl. auto persist 2015-03-08 21:44:21 +01:00
Robert von Burg 86895c7aa5 [New] Implemented Rest API for user management 2015-03-08 20:51:46 +01:00
Robert von Burg 5ef43eaebe [Major] All methods in PrivilegeHandler now return a value after op 
- also fixed JAXB (un)marshalling of list values on UserRep and RoleRep
 2015-03-08 20:51:10 +01:00
Robert von Burg 3136049bda [Minor] Updated ch.eitchnet.privilege submodule 2015-03-08 13:39:45 +01:00
Robert von Burg eeb3356372 [Minor] fixed broken test 2015-03-08 13:39:27 +01:00