-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
#960 feat(UAC): change default ownership to admins for externally created resources #2137
Conversation
Deprecated AdministratorsOnly js and go backend
Update swagger definition changing AdministratorsOnly to Public
…tions On stacks, containers networks, services , tasks and volumes.
The administrator resources are deleted and Public resources are now managed by admins
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks a lot for this @ricardona and sorry for the late review.
Small changes required and a question, see my comments.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ricardona I've request other changes, mainly to make the codebase a bit more easier to read. Please have look at my comments.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
@ncresswell played with this a bit, looks OK. Thing to note: all public resources will be updated to administrator restricted (be it default policy or assigned by the user). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Thanks @ricardona 👍 |
Hi We just migrated to 1.19.2 and, as expected, all our resources have migrated to admin only instead of public (we deploy apps outside of portainer) As a workaroud, i'll soon write a batch process to change admin ownership to public, so that newly deployed apps are set to public Thanx |
There is none. Although, we're planning on introducing UAC related labels in the next release, see: #1257 (comment) Would that be of any help to you? |
Yes it should be nice with that |
@WTFKr0 Your use case is similar to #2190 Segregate logically Portainer resources using projects and it will be included in the next release too. Could that help? @deviantony #1257 and #2190 are trying to solve the same problem "declare access privileges in the compose file or from docker CLI". Does that mean that one should be discarded? |
@ricardona I don't think so. #1257 aims to provide the ability to set-up access control policies via labels. #2190 aims to introduce a new |
* EE-3915 ui fixes on docker container pages * Update createcontainer.html Update label
This change includes GUI, rest API, DB and migration
The default ownership will be:
Closes #960