Strolch
/
strolch
mirror of https://github.com/strolch-li/strolch.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,358 Commits 11 Branches 174 Tags 63 MiB
Commit Graph

32 Commits

Author SHA1 Message Date
Robert von Burg cba8bcf335 [Project] Added missing secretKey in PrivilegeConfig.xml 2019-03-09 19:49:01 +01:00
Robert von Burg b6819c4b47 [Major] Removed serializable and reformatted all code 2018-10-05 09:17:13 +02:00
Robert von Burg 20632279f9 [Project] Updated Strolch model files to include schema definition 2018-06-26 18:20:07 +02:00
Robert von Burg 2907df815a [Project] Added privilege StrolchSearch 2018-03-20 07:46:50 +01:00
Robert von Burg 86b65f8697 [Major] Removed petitparser, using StrolchSearch in REST API 2018-03-20 07:46:28 +01:00
Robert von Burg 2cb799dfb4 [Major] Removed the need for javax.xml.bind.* imports. Using gson 2017-09-29 15:57:21 +02:00
Robert von Burg 3f28d9aa9f [New] Allow to set if type is allowed in QueryParser 2017-08-18 11:48:09 +02:00
Robert von Burg 1183000520 [Major] Implemented privilege checking for DAO 
Now the PrivilegeConfig.xml must include:

	<Policies>
		<Policy name="ModelPrivilege"
class="li.strolch.runtime.privilege.ModelPrivilege" />
	</Policies>

And PrivilegeRoles.xml must include:

	<Role>
		<Privilege name="GetResource" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="GetOrder" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="GetActivity" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="AddResource" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="AddOrder" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="AddActivity" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="UpdateResource" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="UpdateOrder" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="UpdateActivity" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="RemoveResource" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="RemoveOrder" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="RemoveActivity" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
	</Role>
 2017-07-24 20:07:10 +02:00
Reto Breitenmoser a3b7a08aaf [Minor] set default memory for jersey entity logging 2017-05-30 14:26:03 +02:00
Robert von Burg 96771b40ba [Project] Update to Jersey 2.25.1 2017-05-26 11:37:38 +02:00
Robert von Burg 4c9e66876a [Major] Privilege passwords are now salted! 2017-05-22 14:37:48 +02:00
Robert von Burg f87c42f399 [Project] switched tests to use logback-classic 2017-05-22 09:50:48 +02:00
Robert von Burg 0e5176df62 [Major] Inspector now has offset/limit for queries 2017-02-08 20:16:05 +01:00
Robert von Burg 1d25a2a46b [Major] Json Tags are now in Tags.Json and are drinking camel-case 2017-02-02 11:58:59 +01:00
Robert von Burg dd227c65d0 [Major] Refactored SystemAction in privileges 
Simplified the API, removed the privileged user - now always use the
agent system user for running system actions. One method has no return
value and one has a return value. Now it is easy to perform a system
action using:

    runAsAgent(ctx -> {
      // do work			
    });

    String result = runAsAgentWithResult(ctx -> {
      // do work
      return "done";
    });

    // execute a SystemAction
    runAsAgent(action);

    // execute a SystemActionWithResult
    String result = runAsAgentWithResult(actionWithResult);
 2016-09-29 12:26:27 +02:00
Robert von Burg b8834b9b82 [Major] Refactored to not use JAXB in PrivilegeUsersService 2016-09-08 20:06:38 +02:00
Robert von Burg bcc0bf4a10 [Major] Now users can reset their own passwords 
- built in User Challenge feature (currently only console)
- extended REST API to allow user to initiate a challenge and then use
the challenge to authenticate for a one time change password session
 2016-09-07 14:41:16 +02:00
Robert von Burg d25e7577f7 [New] QueryParser can now handle parameters incl. without prefixes 2016-08-30 11:44:55 +02:00
Robert von Burg 11ba7eb1de [Major] Moved ch.eitchnet to li.strolch 2016-06-26 11:38:41 +02:00
Robert von Burg 9294711639 [Major] Now using a nice query parser for resource querying in planning 2016-04-06 09:25:55 +02:00
Robert von Burg 5f71427d33 [New] Added a QueryParser to parse String queries to Strolch queries 2016-04-05 08:30:07 +02:00
Robert von Burg 0cadf66f3f [Major] Refactored Privilege to use separate mode files 
So now users and roles are in their own files. This makes it far easier
to add new privileges without needing to take care if the user changed
their data.
 2016-02-28 19:54:17 +01:00
Robert von Burg 8e76e5658e [New] AuthenticationService now uses byte array for password 2015-10-25 11:55:28 +01:00
Robert von Burg 503bdbe4d6 [Major] refactored SystemUserActions in privilege 
Now a SystemUserAction is defined as follows:
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" 
    policy="DefaultPrivilege">
  <Allow>li.strolch.agent.impl.StartRealms</Allow>
</Privilege>
 2015-06-03 23:32:23 +02:00
Robert von Burg bd4291b483 [Major] Moved privilege management into separate services 
- instead of just calling the methods from the REST API, now we call
services
- this allows auditing who changes which privileges
 2015-04-05 01:11:54 +02:00
Robert von Burg 296054cf55 [Major] refactored LoginResult - now return sessionId as well 
- thus the previous sessionId was renamed to authToken, which is what it
is from certificate
- added sessionId to as we need it to handle session specific data
- also return firstname and lastname on LoginResult
 2015-03-17 21:40:08 +01:00
Robert von Burg 819ae53708 [Minor] added missing PrivilegePolicies: 
<Policy name="RoleAccessPrivilege"
    class="ch.eitchnet.privilege.policy.RoleAccessPrivilege" />
<Policy name="UserAccessPrivilege" 
    class="ch.eitchnet.privilege.policy.UserAccessPrivilege" />
 2015-03-12 18:05:46 +01:00
Robert von Burg 5ffc03f115 [Minor] removed reference to non existing role PrivilegAdmin in users 2015-03-12 18:01:02 +01:00
Robert von Burg 5675027f6c [Minor] removed the PrivilegeAdmin role from all PrivilegeModel.xml 2015-03-12 17:43:42 +01:00
Robert von Burg 5602f56c15 [Major] allow user to change their own locale incl. auto persist 2015-03-08 21:44:35 +01:00
Robert von Burg 32c17858e1 [Major] Added Session timeout handling 
SessionHandler now has a timer checking to make sure that sessions which haven’t been accessed for a time defined by ‘session.ttl.minutes’ are invalidated
 2014-09-27 12:30:35 +02:00
Robert von Burg c64421a0d7 moved everything to a subdirectory for repo merge 2014-09-16 08:52:52 +02:00