4dce8f9496
perf(authorizer): preload access control lists ( #1640 )
...
* adjust session refresh to always occur (for disabled users)
* feat: adds filtering option for Request Method in ACL's
* simplify flow of internal/authorization/authorizer.go's methods
* implement query string checking
* utilize authorizer.Object fully
* make matchers uniform
* add tests
* add missing request methods
* add frontend enhancements to handle request method
* add request method to 1FA Handler Suite
* add internal ACL representations (preparsing)
* expand on access_control next
* add docs
* remove unnecessary slice for network names and instead just use a plain string
* add warning for ineffectual bypass policy (due to subjects)
* add user/group wildcard support
* fix(authorization): allow subject rules to match anonymous users
* feat(api): add new params
* docs(api): wording adjustments
* test: add request method into testing and proxy docs
* test: add several checks and refactor schema validation for ACL
* test: add integration test for methods acl
* refactor: apply suggestions from code review
* docs(authorization): update description
2021-03-05 15:18:31 +11:00
81e34d84de
[MISC] Validate all sections of ACLs on startup ( #1595 )
...
* [MISC] Validate all sections of ACLs on startup
This change ensure that all sections of the `access_control` key are validated on startup.
* Change error format to clearly identify values
2021-01-16 21:05:41 +11:00
9ca0e940da
[FEATURE] Validate ACLs and add network groups ( #1568 )
...
* adds validation to ACL's
* adds a new networks section that can be used as aliases in other sections (currently access_control)
2021-01-04 21:55:23 +11:00
3b2d733367
Move source code into internal directory to follow standard project layout.
...
https://github.com/golang-standards/project-layout
2019-11-17 16:30:33 +01:00
James Elliott
Amir Zarrinkafsh
Clement Michaud