Skip to content

Adding Casbin for User Roles #123

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
stoopidJSON merged 19 commits into from
May 1, 2020
Merged

Adding Casbin for User Roles #123

stoopidJSON merged 19 commits into from
May 1, 2020

Conversation

@stoopidJSON
Copy link
Member

@stoopidJSON stoopidJSON commented Apr 24, 2020
edited
Loading

We are using Casbin to administer user roles and privvies. This work
will add Casbin integration as well as Casbin/Sequelize integration.
This includes model, migrate, and seeder.

Additionally we are adding brute force protections with this PR.
resolves #100
resolves #101

Todos

  • Tests
  • Documentation

Deploy Notes

This will require a re-creation and re-seeding of the db.

Impacted Areas in Application

List general components of the application that this PR will affect:

  • roles
  • security

@stoopidJSON
feat: Adding User Roles
24a5590 
This will add userRoles back into the API and create a default admin role.
resolves #100
@stoopidJSON
Merge branch 'master' into revjtanton/issue-100
11f3b3a
@stoopidJSON
Temp commit for casbin
15e283a
@stoopidJSON
fixing merge conflict
b690cbf
@stoopidJSON
Adding Casbin for User Roles
f998747 
We are using Casbin to administer user roles and privvies. This work
will add Casbin integration as well as Casbin/Sequelize integration.
This includes model, migrate, and seeder.

Additionally we are adding brute force protections with this PR.
resolves #100
@stoopidJSON stoopidJSON requested review from a team and seancrim23 April 24, 2020 02:42
@codecov
Copy link

codecov bot commented Apr 24, 2020
edited
Loading

Codecov Report

Merging #123 into master will decrease coverage by 0.36%.
The diff coverage is 81.30%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #123      +/-   ##
==========================================
- Coverage   69.31%   68.94%   -0.37%     
==========================================
  Files          14       15       +1     
  Lines         378      454      +76     
==========================================
+ Hits          262      313      +51     
- Misses        116      141      +25
Impacted Files Coverage Δ
src/routes/user.js 54.32% <65.00%> (-0.91%) ⬇️
src/utils/index.js 80.85% <72.72%> (-15.71%) ⬇️
src/routes/user-role.js 82.05% <82.05%> (ø)
src/index.js 100.00% <100.00%> (+4.76%) ⬆️
src/models/index.js 81.48% <100.00%> (+2.91%) ⬆️
src/models/user-role.js 100.00% <100.00%> (ø)
src/models/user.js 75.00% <100.00%> (-21.30%) ⬇️
src/routes/index.js 100.00% <100.00%> (ø)
src/utils/login.js 100.00% <100.00%> (ø)
... and 2 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update a855c19...54fca93. Read the comment docs.

@stoopidJSON
Copy link
Member Author

stoopidJSON commented Apr 24, 2020

@allcontributors add @blakenan-bellese for ideas

@allcontributors allcontributors bot mentioned this pull request Apr 24, 2020
Merged
@allcontributors
Copy link
Contributor

allcontributors bot commented Apr 24, 2020

@revjtanton

I've put up a pull request to add @blakenan-bellese! 🎉

c-w-allen
c-w-allen reviewed Apr 27, 2020
View reviewed changes
sequelize/data/user-role.json
@@ -1,6 +1,73 @@
[
{
"role": "admin",
Copy link
Contributor

@c-w-allen c-w-allen Apr 27, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there an easier way to just let an admin do everything here? Just curious

Copy link
Member Author

@stoopidJSON stoopidJSON Apr 27, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unfortunately from what I've seen with Casbin you cannot wildcard the method, it has to be explicit.

c-w-allen
c-w-allen reviewed Apr 27, 2020
View reviewed changes
c-w-allen
c-w-allen previously approved these changes Apr 29, 2020
View reviewed changes
@stoopidJSON stoopidJSON merged commit c9ce461 into master May 1, 2020
@stoopidJSON stoopidJSON deleted the revjtanton/issue-100 branch May 1, 2020 01:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@c-w-allen c-w-allen c-w-allen left review comments

@seancrim23 seancrim23 Awaiting requested review from seancrim23

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Login restrictions User roles and restrictions

3 participants

@stoopidJSON @c-w-allen