Add support for "expiry" of policy subjects #890
Milestone
Comments
yufei-cai
pushed a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
…SujectExpiry` Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
yufei-cai
pushed a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
…ct with SubjectExpiry Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
yufei-cai
pushed a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
…d up" passed in subject expiry * made the granularity to apply configurable in PolicyConfig * added unit tests for PolicyCommandStrategies for the affected strategies applying the rounding up of subject expiries * adjusted the PolicyValidator to make sure that configured subject expiries are not in the past Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
yufei-cai
pushed a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
* added "expiry" as well to Policy JsonSchema * did some cleanup in OpenAPI docs while at it (e.g. moving schemas to subfolders) Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
yufei-cai
pushed a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
* applied double checked locking in PolicyCommandStrategies * simplified adjusting a PolicyEntry with adjusted subjects * fixed that an already pre-"rounded/truncated" subject expiration was rounded up to the next unit where it should not have Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
yufei-cai
pushed a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
yufei-cai
pushed a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
…eteSubject event when * the next subject will expire * re-schedule when after the expired subject deletion there are still other subjects to expire * added tests, fixed etag calculation which must be done based on the adjusted command (e.g. with rounded up expiry timestamp) Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
yufei-cai
pushed a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
…imezones correctly Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
yufei-cai
pushed a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
* added unit test for correct expiration after actor restart/recovery Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
yufei-cai
pushed a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
yufei-cai
pushed a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
…never the PolicyPersistenceActor publishes a PolicyTag message * this PolicyTag message is published when an in the concierge processed PolicyCommand did not result already in a cache validation * as a result, the "DeleteSubject" event which is created in the background by the expiry feature will cause the concierge policy enforcer cache to invalidate Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
yufei-cai
pushed a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
…icy enforcer caches in concierge whenever the PolicyPersistenceActor publishes a PolicyTag message Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
yufei-cai
added a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
…iption; fix broken link in cloudevent openapi. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
yufei-cai
added a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
…ned expiry; add TODO. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
yufei-cai
added a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
…as warning. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
yufei-cai
added a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
…ctDeleted events; optimize PolicyEventForwarder to not query database in the absence of policy changes. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
yufei-cai
added a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
…ix PolicyCommandEnforcementTest. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
yufei-cai
added a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
…ctsStrategyTest. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
yufei-cai
pushed a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
yufei-cai
pushed a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
* return status code 400 instead of 403 when trying to use an expiry TS from the past * ensure that a recovery first removes expired subjects before applying further commands * cope with expiry timestamps in a distant future (>8 months from now) as those caused long-overflow exceptions: reschedule checking after 1 day in such cases Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
yufei-cai
pushed a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
* simplified scheduling of next expiry check * added missing javadoc * deduplicated scheduling Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
yufei-cai
pushed a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
* further simplified scheduling of next expiry check * added unit test ensuring that an already expired subject is deleted during persistence recovery Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
yufei-cai
added a commit
to bosch-io/ditto
that referenced
this issue
Dec 23, 2020
…xpiryIsCleanedUpAfterRecovery - Kill the persistence actor right away, so that it has no chance to delete the expired subject before termination - Test the persistence actor in a shard region in order for SudoRetrievePolicy to be the first message the actor processes when restored. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In order to give access for a certain "authorized subject" only until a fixed timestamp, a
Policysubject shall be optionally provided with an"expiry"timestamp (being an ISO-8601 string).Once the
"expiry"timestamp was reached, the subject shall be automatically removed from the policy (that change being persisted) and as a result this subject would immediately no longer have access.Example Policy:
{ "policyId": "my.namespace:policy-a", "entries": { "owner": { "subjects": { "nginx:house-owner-user": { "type": "This is the owner of the house" }, "nginx:neighbor-user": { "type": "This is the neighbor which shall manage the smart house during a vacation", "expiry": "2020-11-26T11:00Z" } }, "resources": { "thing:/": { "grant": [ "READ", "WRITE" ], "revoke": [] }, "policy:/": { "grant": [ "READ", "WRITE" ], "revoke": [] }, "message:/": { "grant": [ "READ", "WRITE" ], "revoke": [] } } } } }The text was updated successfully, but these errors were encountered: