Skip to content

Permissions#24

Merged
jonnypress merged 88 commits intomasterfrom
permissions
Jan 10, 2017
Merged

Permissions#24
jonnypress merged 88 commits intomasterfrom
permissions

Conversation

@toosuto-r
Copy link
Copy Markdown
Contributor

@toosuto-r toosuto-r commented Jan 10, 2017

Permissions branch - adds access control, user groups/roles for variable/function control, gateway control, return value size restriction.
Comes with default permissions to enable all processes to run on TorQ, but permissions disabled by default.

Hanso38 and others added 30 commits November 1, 2016 13:29
@Hanso38
Initial commit to add in permissions.q
bfd8440
@Hanso38
Added the same config that controlaccess.q has
c22b3de
@Hanso38
Added a statement to load permission files at the start of each process
22e8079
@Hanso38
The code runs, will need to test to see if it is working as intended …
9825249 
…and to see if the new code actually has an impact...Though it does run and that is enough for now. Also added default.q file with a systemuser role which is used for interprocess communication.
@Hanso38
Added Ryan's changes to permissions.q. Temporary branch to make the m…
215dc76 
…erge easier.
@Hanso38
Resolved conflict
5f457dd
@Hanso38
Merge branch 'permissions-merge' into permissions
c54177a
@toosuto-r
Updated permissions.q to cleaner version, included cloneuser method a…
a0ae143 
…nd public login
@Hanso38
small fix to controlaccess check
b9b8db0
@Hanso38
resolved merge conflicts
fea3bd0
@toosuto-r
added auto-drop of public users on disconnect
d33e6c7
@Hanso38
Couple of minor fixes
6681c06
@Hanso38
Merge branch 'permissions' of https://github.com/AquaQAnalytics/TorQ
ecc4378 
…into permissions
@Hanso38
Fixed an error in the loading of permissions data in each process.
0a818fa
@toosuto-r
fixed bug with multiple connections from the same public user causing…
f514e75 
… the public user entry to persist after disconnect
@Hanso38
Changed permissions.q to mimic behaviour of controlaccess.q. Now call…
b903628 
…s init when enabled = true. Therefore all .z. operators get overwritten at this stage.
@Hanso38
Removed a load statement. Was left in accidentally and throwing errors.
d40b758
@Hanso38
added more functions for the system user role
a024c1e
@Hanso38
Missing "
559c978
@Hanso38
Merge branch 'permissions' of https://github.com/AquaQAnalytics/TorQ
b214713 
…into permissions
@toosuto-r
updated permissions - bugfixes on admin control, passing allowed func…
5ca925e 
…tions now works in all forms
@Hanso38
Very close to working, added users for each process with passwords th…
2e7425e 
…at match those currently used. Moved initialisation to the default.q script.
@Hanso38
Merge branch 'permissions' of https://github.com/AquaQAnalytics/TorQ
631ed30 
…into permissions
@toosuto-r
fixed bug preventing operation with nested queries, allowed operation…
2bcf9c8 
… with qcon
@toosuto-r @Hanso38
updated permissions - bugfixes on admin control, passing allowed func…
a68710e 
…tions now works in all forms
@toosuto-r @Hanso38
fixed bug preventing operation with nested queries, allowed operation…
582f9e8 
… with qcon
@Hanso38
Added a line to catch functions being called on handle 0. ie processe…
a685a23 
…s calling themselves, if this happens it is allowed. Added the .ps.subscribe function to systemusers allowed functions. Finally, added a cheat line, if there are no parameter restrictions it will bypass the rest of the fchk method. For some reason this method is throwing an error for some arguments passed to it. Will investigate. This code works, though obviously limits functionality
@Hanso38
Merge branch 'permissions' of https://github.com/AquaQAnalytics/TorQ
29ed2f2 
…into permissions
@Hanso38
See previous commit
bfecd02
@Hanso38
Added lists that allow some users and functions to circumnavigate the…
eeb762b 
… argument checks. Getting an error in feed.q with feed.q loading so this is not properly functioning yet.
Hanso38 and others added 26 commits November 22, 2016 11:56
@Hanso38
Made some changes to execas and gateway so that it can cope with the …
272bf29 
…common code or handlers not being loaded. Removed some globals from permissions and added a default setting for .pm.enabled.
@Hanso38
Some intermediary changes to the gateway functions
f482fbe
@Hanso38
Small change to execas. gateway should now be working again
dee6562
@toosuto-r
fixed wrapping initial .z.pg and .z.ps to operate on .pm.requ and the…
22c30de 
… input message
@toosuto-r
removed leftover .pm.enabled from testing
fe49505
@toosuto-r
fixed wrapping on .z.pc to execute previous .z.pc after droppublic; f…
1163710 
…ixed incorrect no of args being passed to lamq
@Hanso38
Modified execas and gateway permissioning. Collapsed some checks to m…
f48c3c4 
…ake them simpler. Added a line to permission on the gateway.
@Hanso38
Added a function to check if a query will be executed and return a bool
e0430f7
@Hanso38
Merge
cab491c
@Hanso38
Fixed a problem in lamq where words were being combined when parsed l…
7bf811d 
…ater.
@Hanso38
Some things were overwritten somehow
fa5cc05
@toosuto-r
fixed indexing of function parameter check dict in fchk when passed a…
456e688 
… projection
@toosuto-r
Merge branch 'permissions' of https://github.com/AquaQAnalytics/TorQ
f2f280e 
…into permissions

Conflicts:
	code/handlers/permissions.q
@toosuto-r
fixed projection check bug in fchk
c6f78bd
@Hanso38
Fixed the problem with a user not being able to access things through…
6223d19 
… the gateway.
@Hanso38
Merged
44a6887
@Hanso38
Added back some accidentally removed code. Made runmode and permissiv…
bdfeafb 
…emode check to see if they have already been set.
@toosuto-r
Added size checking
66769a4
@Hanso38
Gateway permission check added, which allows for queries to be permis…
288a413 
…sioned on the gateway but not the syncexec statements etc. Switched to allowed instead of cando. Some comments added to the permessions config file.
@toosuto-r
fixed parse issue with lamdas
54dd41b
@Hanso38
Added permissions database loading into the gateway. It loads in the …
f1670ec 
…case the default permissioning is disabled but gateway permissioning is enabled
@Hanso38
Merge branch 'permissions' of https://github.com/AquaQAnalytics/TorQ
cd1ee01 
…into permissions
@Hanso38
Fixed lamq function to properly isolate keywords
2ea7321
@Hanso38
Fixed up a few things in the gateway
c093356
@toosuto-r
permissions now off by default
0e07b64
@toosuto-r
reinstated explicit admin access to all variables
d3db37c
jonnypress
jonnypress approved these changes Jan 10, 2017
View reviewed changes
Copy link
Copy Markdown
Contributor

@jonnypress jonnypress left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code looks good (was continuously reviewed throughout development)

@jonnypress jonnypress merged commit 9d63865 into master Jan 10, 2017
@jonnypress jonnypress deleted the permissions branch January 10, 2017 13:20
FlyingOE pushed a commit to FlyingOE/TorQ that referenced this pull request Mar 10, 2017
Merge branch 'master' of https://github.com/AquaQAnalytics/TorQ
a28fe7c 
* 'master' of https://github.com/AquaQAnalytics/TorQ: (95 commits)
  Fixed issue where eod would fail when wdb was set to partbyattr and t… (DataIntellectTech#42)
  Mergereplay (DataIntellectTech#41)
  Preventing tabsizes appearing in hdb (DataIntellectTech#39)
  Subcut (DataIntellectTech#38)
  Added fix to .email.senddefault to terminate if no connection to server (DataIntellectTech#37)
  added passwords dictionary for connecting to non torq processes and modified opencon function (DataIntellectTech#36)
  Blog page and short descriptions of previously unmentioned files (DataIntellectTech#35)
  Documentation kdbappcode (DataIntellectTech#34)
  updated to 3.0.0
  added ldap permissioning
  Ldap (DataIntellectTech#29)
  eodtime bugfix, improved error catching at rollover (DataIntellectTech#31)
  Update utilities.md with comments on API table generation (DataIntellectTech#33)
  Docsite (DataIntellectTech#32)
  Delete Documentation pdf (DataIntellectTech#30)
  Readme update (DataIntellectTech#28)
  Mkdocs site details (DataIntellectTech#27)
  Added permissions.q to the documentation (DataIntellectTech#25)
  Permissions (DataIntellectTech#24)
  Improved debugging features  (DataIntellectTech#23)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jonnypress jonnypress jonnypress approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@toosuto-r @jonnypress @Hanso38