-
Notifications
You must be signed in to change notification settings - Fork 215
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
#926: inject configurable policy subjects into policies via new added JWT evaluating policy action #945
#926: inject configurable policy subjects into policies via new added JWT evaluating policy action #945
Commits on Dec 21, 2020
-
[eclipse-ditto#926] add ActivateSubject and ActivateSubjectResponse.
Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for c0f94d0 - Browse repository at this point
Copy the full SHA c0f94d0View commit details
Commits on Dec 23, 2020
-
Merge branch 'master' into feature/subject-activation
Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for a02b599 - Browse repository at this point
Copy the full SHA a02b599View commit details -
[eclipse-ditto#926] add a command to deactivate a token subject.
Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for b859f81 - Browse repository at this point
Copy the full SHA b859f81View commit details -
[eclipse-ditto#926] add a command to activate a subject on the policy…
… level. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for f60d865 - Browse repository at this point
Copy the full SHA f60d865View commit details -
[eclipse-ditto#926] add a command to deactivate a subject at the poli…
…cy level; relax timing requirement in ThingPersistenceActorSnapshottingTest. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 683ab71 - Browse repository at this point
Copy the full SHA 683ab71View commit details
Commits on Dec 24, 2020
-
[eclipse-ditto#926] add events for subject activation; rename Activat…
…eSubjectForPolicy to ActivateSubjects.
Configuration menu - View commit details
-
Copy full SHA for f595551 - Browse repository at this point
Copy the full SHA f595551View commit details -
[eclipse-ditto#926] add command and event strategies for ActivateSubj…
…ect. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for c9d1b91 - Browse repository at this point
Copy the full SHA c9d1b91View commit details -
[eclipse-ditto#926] add command and event strategies for ActivateSubj…
…ects. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 23d261f - Browse repository at this point
Copy the full SHA 23d261fView commit details
Commits on Dec 26, 2020
-
[eclipse-ditto#926] remove raw type usage in persistence actors.
Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for e9f270f - Browse repository at this point
Copy the full SHA e9f270fView commit details
Commits on Dec 27, 2020
-
[eclipse-ditto#926] add irrelevant signals to registry tests of polic…
…ies made visible due to ditto-model-placeholders. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 7a13c00 - Browse repository at this point
Copy the full SHA 7a13c00View commit details -
[eclipse-ditto#926] add SubjectDeactivated and SubjectsDeactivated ev…
…ents. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for f0b601b - Browse repository at this point
Copy the full SHA f0b601bView commit details
Commits on Dec 28, 2020
-
[eclipse-ditto#926] add command and event strategies for DeactivateSu…
…bject(s) Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 474f077 - Browse repository at this point
Copy the full SHA 474f077View commit details
Commits on Dec 29, 2020
-
[eclipse-ditto#926] extend authentication result to include JWT.
Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for a2b7f19 - Browse repository at this point
Copy the full SHA a2b7f19View commit details -
[eclipse-ditto#926] add HTTP API for activateTokenIntegration and dea…
…ctivateTokenIntegration. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 3fc926d - Browse repository at this point
Copy the full SHA 3fc926dView commit details
Commits on Dec 30, 2020
-
[eclipse-ditto#926] Replace issuer 'integration' by token issuer in t…
…he default token integration subject ID. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 0df160e - Browse repository at this point
Copy the full SHA 0df160eView commit details -
[eclipse-ditto#926] remove raw types from enforcements.
Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for ca8349c - Browse repository at this point
Copy the full SHA ca8349cView commit details -
[eclipse-ditto#926] add policy enforcement for policy action commands.
Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 097d6c6 - Browse repository at this point
Copy the full SHA 097d6c6View commit details
Commits on Jan 1, 2021
-
[eclipse-ditto#926] remove raw types from preEnforcer.
Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 6dc7cd7 - Browse repository at this point
Copy the full SHA 6dc7cd7View commit details -
[eclipse-ditto#926] make subject Id resolver of policy actions config…
…urable. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for e517083 - Browse repository at this point
Copy the full SHA e517083View commit details
Commits on Jan 2, 2021
-
[eclipse-ditto#926] fix deserialization of PolicyActionFailedExceptio…
…n; fix status code when executing an action on a nonexistent policy entry. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for edc5200 - Browse repository at this point
Copy the full SHA edc5200View commit details
Commits on Jan 3, 2021
-
[eclipse-ditto#926] document policy token integration.
Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 4cf48cc - Browse repository at this point
Copy the full SHA 4cf48ccView commit details
Commits on Jan 11, 2021
-
[eclipse-ditto#926] review: moved policy actions to own package in co…
…mmands * renamed classes to match the action name, e.g. "ActivateTokenIntegration" * don't let PolicyActionCommand inherit PolicyModifyCommand * added PolicyActionCommandResponse which the action responses implement * added new Command.Category enum value "ACTION" * moved PolicyActionFailedException to commands module * adjusted routes to not use the route path from constants in the PolicyActionFailedException but use it from the action's NAME constant Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 70849aa - Browse repository at this point
Copy the full SHA 70849aaView commit details
Commits on Jan 12, 2021
-
[eclipse-ditto#926] fixed command registry tests by adding action com…
…mand of new package Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 86723df - Browse repository at this point
Copy the full SHA 86723dfView commit details -
[eclipse-ditto#926] review: removed unnecessary action events
* renamed required action events to SubjectsDeletedPartially and SubjectsModifiedPartially * moved PolicyEntryPlaceholder to the "placeholders" module * added new SubjectIdFromActionResolver interface with a default implementation using the PolicyEntryPlaceholder * replaced Class.forName("") with loading classes via the Akka actorSystem Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 2a1d9c9 - Browse repository at this point
Copy the full SHA 2a1d9c9View commit details -
[eclipse-ditto#926] Fix default subject ID resolver class name.
Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 37b75c9 - Browse repository at this point
Copy the full SHA 37b75c9View commit details -
[eclipse-ditto#926] Remove unnecessary field subjectId from Activate-…
… and DeactivatePolicyTokenIntegrationResponse. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for b7ce02b - Browse repository at this point
Copy the full SHA b7ce02bView commit details
Commits on Jan 13, 2021
-
[eclipse-ditto#926] Reject activateTokenIntegration actions on entrie…
…s without READ permission for things. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 850f995 - Browse repository at this point
Copy the full SHA 850f995View commit details -
[eclipse-ditto#926] review: added unit test for OAuthTokenIntegration…
…SubjectIdFactory * added some javadoc fixes Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 510640f - Browse repository at this point
Copy the full SHA 510640fView commit details -
[eclipse-ditto#926] Mention in documentation the requirement for READ…
… permission granted on things by the policy action activateTokenIntegration. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 01e65e2 - Browse repository at this point
Copy the full SHA 01e65e2View commit details -
[eclipse-ditto#926] document status 404 for policy actions.
Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 676f25d - Browse repository at this point
Copy the full SHA 676f25dView commit details -
[eclipse-ditto#926] review: fixed "getResourcePath" of policy entry s…
…coped activation actions * added some missing javadoc for type params Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 3fa8e63 - Browse repository at this point
Copy the full SHA 3fa8e63View commit details -
[eclipse-ditto#926] adjust resource keys used to authorize top level …
…policy actions. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 90614b7 - Browse repository at this point
Copy the full SHA 90614b7View commit details -
[eclipse-ditto#926] review: added missing javadocs for projected cache
Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 67f872d - Browse repository at this point
Copy the full SHA 67f872dView commit details
Commits on Jan 14, 2021
-
[eclipse-ditto#926] review: changed status code of repsonses to 204 -…
… no content * removed subjectId from DeactivateTokenIntegrationResponse Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 5c3af06 - Browse repository at this point
Copy the full SHA 5c3af06View commit details -
[eclipse-ditto#926] review: added check that only policy entries with…
… a subject contained in the authorized subjects are considered for activate/deactivate tokenIntegration actions * removed check that only subjects containing an expiry should be deleted by the "deactivateTokenIntegration" action Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 9167eac - Browse repository at this point
Copy the full SHA 9167eacView commit details -
[eclipse-ditto#926] Add generic TopLevelActionCommand for policies.
Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 7004aa6 - Browse repository at this point
Copy the full SHA 7004aa6View commit details -
[eclipse-ditto#926] Merge branch 'origin/feature/subject-activation'
Signed-off-by: Yufei Cai <yufei.cai@bosch.io> Conflicts: services/policies/persistence/src/main/java/org/eclipse/ditto/services/policies/persistence/actors/strategies/commands/AbstractPolicyActionCommandStrategy.java services/policies/persistence/src/main/java/org/eclipse/ditto/services/policies/persistence/actors/strategies/commands/ActivatePolicyTokenIntegrationStrategy.java services/policies/persistence/src/main/java/org/eclipse/ditto/services/policies/persistence/actors/strategies/commands/ActivateTokenIntegrationStrategy.java services/policies/persistence/src/main/java/org/eclipse/ditto/services/policies/persistence/actors/strategies/commands/DeactivateTokenIntegrationStrategy.java services/policies/persistence/src/test/java/org/eclipse/ditto/services/policies/persistence/actors/strategies/commands/ActivatePolicyTokenIntegrationStrategyTest.java services/policies/persistence/src/test/java/org/eclipse/ditto/services/policies/persistence/actors/strategies/commands/ActivateTokenIntegrationStrategyTest.java
Configuration menu - View commit details
-
Copy full SHA for 74b2391 - Browse repository at this point
Copy the full SHA 74b2391View commit details -
[eclipse-ditto#926] fix PolicyCommandEnforcementTest.
Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 538172f - Browse repository at this point
Copy the full SHA 538172fView commit details
Commits on Jan 15, 2021
-
[eclipse-ditto#926] review: added factor "subject ID of authenticated…
… JWT must also be present in policy entry" to documentation * did some reformatting in the OpenAPI docs * fixed supported placeholders for the action Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for de0a06f - Browse repository at this point
Copy the full SHA de0a06fView commit details -
use ThreadSafeDittoLoggingAdapter for connectivity ConsumerActors
Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 3775fe9 - Browse repository at this point
Copy the full SHA 3775fe9View commit details -
[eclipse-ditto#926] Delete Activate- and DeactivatePolicyTokenIntegra…
…tion commands and responses. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for db46a6c - Browse repository at this point
Copy the full SHA db46a6cView commit details -
[eclipse-ditto#926] adjusted OpenAPI doc wording "the -> a" subject
Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for ce859dc - Browse repository at this point
Copy the full SHA ce859dcView commit details -
[eclipse-ditto#926] adjusted documentation wording about the action a…
…ctivateTokenIntegration Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 21fe605 - Browse repository at this point
Copy the full SHA 21fe605View commit details
Commits on Jan 16, 2021
-
[eclipse-ditto#926] Merge branch 'master' into feature/subject-activa…
…tion Signed-off-by: Yufei Cai <yufei.cai@bosch.io> Conflicts: services/concierge/enforcement/src/test/java/org/eclipse/ditto/services/concierge/enforcement/EnforcerRetrieverTest.java services/connectivity/messaging/src/main/java/org/eclipse/ditto/services/connectivity/messaging/mqtt/hivemq/AbstractMqttConsumerActor.java services/connectivity/messaging/src/main/java/org/eclipse/ditto/services/connectivity/messaging/rabbitmq/RabbitMQConsumerActor.java
Configuration menu - View commit details
-
Copy full SHA for 1f02f79 - Browse repository at this point
Copy the full SHA 1f02f79View commit details
Commits on Jan 18, 2021
-
[eclipse-ditto#926] improve type safety of AbstractCommandStrategies.
Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for cfa9145 - Browse repository at this point
Copy the full SHA cfa9145View commit details -
[eclipse-ditto#926] prevent random failing tests due to reordering of…
… policy entries. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 2c1aa95 - Browse repository at this point
Copy the full SHA 2c1aa95View commit details -
[eclipse-ditto#926] review: renamed TopLevelActionCommand to TopLevel…
…PolicyActionCommand * use HttpStatus instead of deprecated HttpStatusCode enum * policy routes method renamings * some javadoc enhancements Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 0a4d841 - Browse repository at this point
Copy the full SHA 0a4d841View commit details
Commits on Jan 20, 2021
-
[eclipse-ditto#926] added possibility to use JWT claims being a jsona…
…rray of strings instead of only plain strings * the JwtPlaceholder works the same * added "expansion" algorithm to expand inlines JsonArrays to multiple SubjectIds to TokenIntegrationSubjectIdFactory * adjusted PolicyActionCommands to work on multiple subjects/subjectIds * adjusted the default token-integration-subject to "integration:{{policy-entry:label}}:{{jwt:aud}}" Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 3b2163c - Browse repository at this point
Copy the full SHA 3b2163cView commit details -
added new Hono notification "application/vnd.eclipse-hono-device-prov…
…isioning-notification" to default blocklist of DittoMessageMapper * use ENABLE_PRE_AUTHENTICATION instead of deprecated DITTO_DUMMY_AUTH in deployment configs Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 9a6b7ad - Browse repository at this point
Copy the full SHA 9a6b7adView commit details
Commits on Jan 21, 2021
-
[eclipse-ditto#926] moved "isApplicable" logic from strategies to Pol…
…icyActionCommands * also moved building the PolicyActionFailedException when not applicable for a PolicyActionCommand to the PolicyActionCommands * added another test for a JWT with nested path Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for a1f6108 - Browse repository at this point
Copy the full SHA a1f6108View commit details -
[eclipse-ditto#926] added Blogpost about the new policy actions feature
* added "Authenticated subjects" section to basic-auth * adjusted the "Subjects" section in basic-policy to be more detailled * fixed links Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for af546e3 - Browse repository at this point
Copy the full SHA af546e3View commit details -
[eclipse-ditto#926] fixed internal server error cause by non-deserial…
…izable PolicyActionFailedException because of missing "message" in the exception JSON Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for ffb49b9 - Browse repository at this point
Copy the full SHA ffb49b9View commit details -
[eclipse-ditto#926] use LinkedHashMaps and LinkedHashSets in policies…
… model in order to keep order when e.g. modifying policies Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 5df4a8b - Browse repository at this point
Copy the full SHA 5df4a8bView commit details
Commits on Jan 22, 2021
-
[eclipse-ditto#926] fix copyright header year for added files which f…
…ail in license header year check Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 876276c - Browse repository at this point
Copy the full SHA 876276cView commit details -
[eclipse-ditto#926] javadoc error
Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 8d030e8 - Browse repository at this point
Copy the full SHA 8d030e8View commit details -
[eclipse-ditto#926] fix grammar.
Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for 3dfeb3e - Browse repository at this point
Copy the full SHA 3dfeb3eView commit details -
[eclipse-ditto#926] Prevent backtracking in TokenIntegrationSubjectId…
…Factory; fix policy action event aggregation. Changes 1. Replaced TokenIntegrationSubjectIdFactory.JSON_ARRAY_PATTERN by a regex using possessive qualifiers only. 2. Added a test for activating multiple subjects in multiple policy entries. Fixed it. Signed-off-by: Yufei Cai <yufei.cai@bosch.io>
Configuration menu - View commit details
-
Copy full SHA for a492eb4 - Browse repository at this point
Copy the full SHA a492eb4View commit details