Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authorization V2: authorization for products #3926

Merged
merged 28 commits into from
Mar 9, 2021
Merged

Authorization V2: authorization for products #3926

merged 28 commits into from
Mar 9, 2021

Conversation

StefanFl
Copy link
Member

With this next step of the new authorization comes the authorization for products. Now we can have product members additionally to product type members. Almost every place where products or product types are used has been adapted to the new authorisation.

And I introduced a new flag in the settings. With this a staff user can get full authorization for all products and product types. This is close to the current behaviour and might be helpful for installations with only a small group of users that are a security team.

Further steps will see the new authorization for engagements, tests, findings and endpoints. There will be not a lot of new code anymore but changes in filters, forms, views and html templates

accesslint[bot]
accesslint bot suggested changes Feb 25, 2021
View reviewed changes
Copy link

@accesslint accesslint bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are accessibility issues in these changes.

dojo/templates/dojo/view_product_details.html Show resolved Hide resolved
@github-actions
Copy link
Contributor

github-actions bot commented Mar 2, 2021

This pull request has conflicts, please resolve those before we can evaluate the pull request.

@github-actions
Copy link
Contributor

github-actions bot commented Mar 2, 2021

Conflicts have been resolved. A maintainer will review the pull request shortly.

accesslint[bot]
accesslint bot suggested changes Mar 2, 2021
View reviewed changes
Copy link

@accesslint accesslint bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are accessibility issues in these changes.

dojo/templates/dojo/view_product_details.html Outdated Show resolved Hide resolved
dojo/templates/dojo/view_product_details.html Outdated Show resolved Hide resolved
accesslint[bot]
accesslint bot suggested changes Mar 2, 2021
View reviewed changes
Copy link

@accesslint accesslint bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are accessibility issues in these changes.

dojo/templates/dojo/view_product_details.html Show resolved Hide resolved
dojo/templates/dojo/view_product_details.html Show resolved Hide resolved
@github-actions
Copy link
Contributor

github-actions bot commented Mar 4, 2021

This pull request has conflicts, please resolve those before we can evaluate the pull request.

accesslint[bot]
accesslint bot suggested changes Mar 4, 2021
View reviewed changes
Copy link

@accesslint accesslint bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are accessibility issues in these changes.

dojo/templates/dojo/view_product_details.html Show resolved Hide resolved
dojo/templates/dojo/view_product_details.html Show resolved Hide resolved
@StefanFl StefanFl mentioned this pull request Mar 4, 2021
Closed
3 tasks
@github-actions
Copy link
Contributor

github-actions bot commented Mar 4, 2021

This pull request has conflicts, please resolve those before we can evaluate the pull request.

@github-actions
Copy link
Contributor

github-actions bot commented Mar 5, 2021

Conflicts have been resolved. A maintainer will review the pull request shortly.

accesslint[bot]
accesslint bot suggested changes Mar 5, 2021
View reviewed changes
Copy link

@accesslint accesslint bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are accessibility issues in these changes.

dojo/templates/dojo/view_product_details.html Show resolved Hide resolved
dojo/templates/dojo/view_product_details.html Show resolved Hide resolved
@StefanFl
Copy link
Member Author

StefanFl commented Mar 5, 2021

The commit b705f04 fixes #3997

accesslint[bot]
accesslint bot suggested changes Mar 5, 2021
View reviewed changes
Copy link

@accesslint accesslint bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are accessibility issues in these changes.

dojo/templates/dojo/view_product_details.html Show resolved Hide resolved
dojo/templates/dojo/view_product_details.html Show resolved Hide resolved
@github-actions
Copy link
Contributor

github-actions bot commented Mar 5, 2021

This pull request has conflicts, please resolve those before we can evaluate the pull request.

@github-actions
Copy link
Contributor

github-actions bot commented Mar 6, 2021

Conflicts have been resolved. A maintainer will review the pull request shortly.

accesslint[bot]
accesslint bot suggested changes Mar 6, 2021
View reviewed changes
Copy link

@accesslint accesslint bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are accessibility issues in these changes.

dojo/templates/dojo/view_product_details.html Show resolved Hide resolved
dojo/templates/dojo/view_product_details.html Show resolved Hide resolved
@madchap madchap self-requested a review March 7, 2021 16:45
madchap
madchap approved these changes Mar 7, 2021
View reviewed changes
Copy link
Collaborator

@madchap madchap left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm, I like to see these increments coming 👍

I am not merging right away to give a chance for others to review as well and maybe for @StefanFl to make some last changes if needed.

@madchap madchap added the settings_changes Needs changes to settings.py based on changes in settings.dist.py included in this PR label Mar 7, 2021
@StefanFl
Copy link
Member Author

StefanFl commented Mar 9, 2021

I don't see any changes to this PR. The core is pretty stable now and Products and Product Types are complete. When this PR is merged I will continue with Engagements, Tests and Findings.

@valentijnscholten valentijnscholten merged commit 734f1a9 into DefectDojo:dev Mar 9, 2021
SPoint42 added a commit to SPoint42/django-DefectDojo that referenced this pull request Mar 9, 2021
@SPoint42
Merge pull request #51 from DefectDojo/dev
9ef8e01 
Authorization V2: authorization for products (DefectDojo#3926)
@StefanFl StefanFl deleted the authorization-2 branch March 9, 2021 13:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@accesslint accesslint[bot] accesslint requested changes

@valentijnscholten valentijnscholten valentijnscholten approved these changes

@madchap madchap madchap approved these changes

Assignees
No one assigned
Labels
enhancement settings_changes Needs changes to settings.py based on changes in settings.dist.py included in this PR
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@StefanFl @valentijnscholten @madchap