Skip to content
This repository has been archived by the owner on Jul 12, 2022. It is now read-only.

Validate resources with other ids #681

Merged
merged 107 commits into from
Feb 25, 2021
Merged

Validate resources with other ids #681

merged 107 commits into from
Feb 25, 2021

Conversation

barbararochazup
Copy link
Contributor

@barbararochazup barbararochazup commented Nov 17, 2020
edited

Problem:

It is possible for a non-root user with access to the consumed resource to access information / change information available only to another user, if that user has the same profile as him

Solution:
When non-root users to consume resources that have as input other ids (hypothesisId, buildId, deploymentId, etc.) to validate permission according to x-workspace-id

eduardomiyoshizup and others added 8 commits November 11, 2020 17:48
@eduardomiyoshizup
endpoint: GET /v2/circles/{id}/components filtered by workspace id
3c42ba7 
Signed-off-by: e-km <eduardo.miyoshi@zup.com.br>
@eduardomiyoshizup
include workspace id when find circle by id
89f55bc 
Signed-off-by: e-km <eduardo.miyoshi@zup.com.br>
@barbararochazup
refactor classes to security tasks
c82175d 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@barbararochazup
refactor(moove): adding wokspaceId validation to build resources
f396797 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@barbararochazup
tests(moove): fixing build tests
9c85056 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@barbararochazup
refactor(moove): adding wokspaceId validation to circle resources
bfef4f4 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@barbararochazup
fixing tests and removind resource metric-configurations/provider-status
410968f 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@barbararochazup
adapting resource findAllWorkspaceUsers to get workspaceId by param n…
7b6499c 
…ot header

Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@boring-cyborg boring-cyborg bot added the moove Improvements/additions/fixes for moove module. label Nov 17, 2020
@barbararochazup barbararochazup marked this pull request as draft November 17, 2020 13:19
@barbararochazup
fixing lint
3652afe 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@codecov
Copy link

codecov bot commented Nov 17, 2020
edited

Codecov Report

Merging #681 (94084ec) into main (b415d38) will increase coverage by 6.23%.
The diff coverage is 97.43%.

Impacted file tree graph

@@             Coverage Diff              @@
##               main     #681      +/-   ##
============================================
+ Coverage     70.91%   77.14%   +6.23%     
- Complexity     1874     1978     +104     
============================================
  Files          1207     1208       +1     
  Lines         17612    16619     -993     
  Branches       1638     1524     -114     
============================================
+ Hits          12489    12821     +332     
+ Misses         4649     3318    -1331     
- Partials        474      480       +6
Flag Coverage Δ Complexity Δ
ui 79.61% <90.00%> (+0.06%) 0.00 <0.00> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ Complexity Δ
...tlin/io/charlescd/moove/application/UserService.kt 100.00% <ø> (ø) 13.00 <0.00> (-2.00)
...oove/legacy/moove/service/KeycloakServiceLegacy.kt 100.00% <ø> (ø) 4.00 <0.00> (ø)
...o/charlescd/moove/metrics/api/MetricsController.kt 100.00% <ø> (ø) 4.00 <0.00> (ø)
ui/src/core/utils/query.ts 90.90% <75.00%> (-9.10%) 0.00 <0.00> (ø)
.../integration/registry/configuration/AwsConfig.java 87.50% <87.50%> (ø) 2.00 <2.00> (?)
...in/io/charlescd/moove/application/CircleService.kt 100.00% <100.00%> (ø) 8.00 <1.00> (ø)
...o/charlescd/moove/application/DeploymentService.kt 100.00% <100.00%> (+42.85%) 9.00 <2.00> (+4.00)
...o/charlescd/moove/application/HypothesisService.kt 100.00% <100.00%> (ø) 2.00 <1.00> (ø)
...in/io/charlescd/moove/application/ModuleService.kt 100.00% <100.00%> (+15.38%) 11.00 <1.00> (+1.00)
...pplication/build/impl/CreateBuildInteractorImpl.kt 94.44% <100.00%> (+5.55%) 11.00 <0.00> (+2.00)
... and 66 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b415d38...7e42109. Read the comment docs.

@eduardomiyoshizup
refactoring cicle controller to filter by workspace id
b3fe276 
Signed-off-by: e-km <eduardo.miyoshi@zup.com.br>
@eduardomiyoshizup
Merge branch 'validate-resources-with-other-ids' of github.com:ZupIT/…
ca4fe16 
…charlescd into validate-resources-with-other-ids
@eduardomiyoshizup
Merge branch 'api-authorization-refactor' of github.com:ZupIT/charles…
57fb95a 
…cd into validate-resources-with-other-ids
barbararochazup and others added 9 commits November 17, 2020 14:45
@barbararochazup
tests(moove) adding userservice groovy tests
a53289f 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@barbararochazup
Merge branch 'validate-resources-with-other-ids' of https://github.co…
1a01575 
…m/ZupIT/charlescd into validate-resources-with-other-ids
@barbararochazup
fixing broken test
78a2a40 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@eduardomiyoshizup
add unit test to workspace metric configuration connection
d31f828 
Signed-off-by: e-km <eduardo.miyoshi@zup.com.br>
@eduardomiyoshizup
Merge branch 'validate-resources-with-other-ids' of github.com:ZupIT/…
07da60a 
…charlescd into validate-resources-with-other-ids
@barbararochazup
improve codecov
aaea31b 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@barbararochazup
Merge branch 'master' of https://github.com/ZupIT/charlescd into vali…
26ba0b2 
…date-resources-with-other-ids
@barbararochazup
improve codecov
dbb091c 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@ifdouglas
Refactor workspaces/users endpoint
7e22c00
@eduardomiyoshizup
add unit test to FindAllRolesInteractorImpl
320a570 
Signed-off-by: e-km <eduardo.miyoshi@zup.com.br>
@eduardomiyoshizup
add unit test to UserServiceLegacy
d15217d 
Signed-off-by: e-km <eduardo.miyoshi@zup.com.br>
@eduardomiyoshizup
add unit test to UserServiceLegacy
0e607c6 
Signed-off-by: e-km <eduardo.miyoshi@zup.com.br>
barbararochazup and others added 19 commits February 17, 2021 12:25
@barbararochazup
Merge branch 'main' into validate-resources-with-other-ids
3ffb90c
@barbararochazup
codecov refactor
58c9dfe 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@monicaribeirozup
Merge branch 'main' into validate-resources-with-other-ids
de6e6ee
@barbararochazup
improve coverage
ce4d903 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@barbararochazup
improve coverage
fec5339 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@barbararochazup
improve coverage
3b50d43 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@barbararochazup
Merge branch 'main' into validate-resources-with-other-ids
8644b3c
@barbararochazup
improve coverage
9c7ab35 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@barbararochazup
Merge branch 'validate-resources-with-other-ids' of https://github.co…
758ba21 
…m/ZupIT/charlescd into validate-resources-with-other-ids
@barbararochazup
Merge branch 'main' into validate-resources-with-other-ids
c7cebce
@barbararochazup
improve coverage
13dd270 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@barbararochazup
Merge branch 'validate-resources-with-other-ids' of https://github.co…
1654d94 
…m/ZupIT/charlescd into validate-resources-with-other-ids
@barbararochazup
resolving merge
7cd1a94 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@barbararochazup
improve coverage
9ca549f 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@barbararochazup
resolving merge
d2d6715 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@barbararochazup
improve coverage
e6a96de 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@barbararochazup
improve tests
e258044 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@barbararochazup
improve coverage
70c8f0e 
Signed-off-by: barbararochazup <barbara.rocha@zup.com.br>
@monicaribeirozup
Merge branch 'main' into validate-resources-with-other-ids
7e42109
@monicaribeiro monicaribeiro merged commit f6ecfec into main Feb 25, 2021
@monicaribeiro monicaribeiro deleted the validate-resources-with-other-ids branch February 25, 2021 18:59
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@luanecavalcantizup luanecavalcantizup luanecavalcantizup left review comments

@monicaribeiro monicaribeiro Awaiting requested review from monicaribeiro

@Leandroqo Leandroqo Awaiting requested review from Leandroqo

Assignees

@eduardomiyoshizup eduardomiyoshizup

@barbararochazup barbararochazup

Labels
circle-matcher Improvements/additions/fixes for circle-matcher module. moove Improvements/additions/fixes for moove module. security TESTED QA
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
9 participants
@barbararochazup @monicaribeiro @Leandroqo @luanecavalcantizup @SchumaiquerZup @eduardomiyoshizup @ifdouglas @monicaribeirozup @iezadamascenozup