Skip to content

/ graylog2-server

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Roles/user groups #1321

Closed
kroepke opened this issue Jul 23, 2015 · 2 comments
Closed

Roles/user groups #1321

kroepke opened this issue Jul 23, 2015 · 2 comments
Assignees
@kroepke
Milestone
1.2.0

Comments

@kroepke
Copy link
Member

@kroepke kroepke commented Jul 23, 2015

In order to support a more usable permission model we need to implement roles to group permissions and assign them to users.
@kroepke kroepke changed the title User groups Roles/user groups Jul 23, 2015
@kroepke kroepke self-assigned this Jul 23, 2015
@kroepke kroepke added this to the 1.2.0 milestone Jul 23, 2015
@kroepke
Copy link
Member Author

@kroepke kroepke commented Jul 23, 2015

related to #951 and graylog-labs/graylog2-web-interface#629
kroepke added a commit that referenced this issue Jul 23, 2015
@kroepke
initial support for roles and LDAP groups
Loading status checks…
5cdfbd3 
- LDAP group mapping is incomplete and doesn't work in this commit yet
- roles CRUD API is complete
- Shiro support is complete
- no UI support yet

related to #1321 #951
@kroepke kroepke mentioned this issue Jul 23, 2015
Merged
kroepke added a commit that referenced this issue Jul 24, 2015
@kroepke
implement LDAP groups to role mapping
Loading status checks…
0f68df3 
 - add /system/ldap/settings/groups endpoints for managing the mapping
 - correctly resolve a user's roles to permissions when retrieving the user (so that the web interface gets the correct set of permissions)
 - some cleanup regarding bindings
 - add new permissions for reading/editing ldap group mappings, which can be done independently of configuring ldap system settings
 - group mapping uses the objectid of roles, not their names, so they work correct after role renames

 issue #1321 #951
kroepke added a commit that referenced this issue Jul 24, 2015
@kroepke
include a user's roles in GET /user/{name} response
Loading status checks…
0abcf22 
 - so we can list each user's roles in the overview

issue #1321 #951
kroepke added a commit that referenced this issue Aug 4, 2015
@kroepke
adding roles to user classes, added description property to Role
Loading status checks…
80de41d 
issue #1321 #951
kroepke added a commit that referenced this issue Aug 4, 2015
@kroepke
adding roles to user classes, added description property to Role
Loading status checks…
6898c84 
issue #1321 #951

(cherry picked from commit 80de41d)

Conflicts:
	graylog2-server/src/main/java/org/graylog2/users/RoleImpl.java
	graylog2-shared/src/main/java/org/graylog2/shared/users/Role.java
kroepke added a commit that referenced this issue Aug 5, 2015
@kroepke
bump version for development
c1a8d5e 
issue #1321 #951
kroepke added a commit that referenced this issue Aug 5, 2015
@kroepke
make description in RoleResponse optional
Loading status checks…
2c347e0 
add web interface service class

issue #1321 #951
@bernd bernd mentioned this issue Aug 6, 2015
Closed
kroepke added a commit that referenced this issue Aug 10, 2015
@kroepke
support updating roles in rest client
Loading status checks…
e7eb9f2 
fix exception when using Optional.get()

issue #1321 #951
kroepke added a commit that referenced this issue Aug 10, 2015
@kroepke
add read only flag to roles
Loading status checks…
ac1cb52 
ensure the Reader and Admin roles are always present during start

 - reader role does not contain the user-specific permissions needed to edit and change the password of the current user, these need to be set during user creation in that entity
 - admin is simply "*"

both built-in roles cannot be edited/deleted or otherwise changed.

fixes missing description when creating a role

issue #1321 #951
This was referenced Aug 11, 2015
Closed
Closed
Closed
Closed
Closed
@bernd
Copy link
Member

@bernd bernd commented Aug 31, 2015

Closing this because it's done.
@bernd bernd closed this Aug 31, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kroepke kroepke

Labels
None yet
Projects
None yet
Milestone
1.2.0
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants
@bernd @kroepke