-
-
Notifications
You must be signed in to change notification settings - Fork 3.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement permission policies in the API #22384
base: auditus
Are you sure you want to change the base?
Conversation
Co-authored-by: Daniel Biegler <DanielBiegler@users.noreply.github.com>
Co-authored-by: Daniel Biegler <DanielBiegler@users.noreply.github.com>
…ccess) and policy updates (directus_policies) and permissions updates (directus_permissions)
throw new ForbiddenError({ | ||
reason: `You don't have permission to access collection "${collection}" or it does not exist. Queried in ${pathSuffix}.`, | ||
}); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Even though this, and the other errors are really helpful, they do expose that the collection + field exists, as it differs from the standard ForbiddenError
in case of a non-existent collection.
…imilar to /users/me
…us-21765 # Conflicts: # api/src/services/users.ts # api/src/telemetry/lib/get-report.test.ts # api/src/telemetry/lib/get-report.ts # api/src/telemetry/utils/get-user-count.test.ts # api/src/telemetry/utils/get-user-count.ts
# Conflicts: # api/src/services/users.ts
router.search('/', validateBatch('read'), readHandler, respond); | ||
|
||
router.get( | ||
'/me/flags', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would just /me
work? 👀
api/src/controllers/roles.ts
Outdated
const query = { ...req.sanitizedQuery, limit: -1 }; | ||
|
||
const roles = await service.readMany(req.accountability.roles, query); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we add the same comment as per other usages of this limit: -1
query?
const query = { ...req.sanitizedQuery, limit: -1 }; | |
const roles = await service.readMany(req.accountability.roles, query); | |
// TODO fix this at the service level | |
const temporaryQuery = { ...req.sanitizedQuery, limit: -1 }; | |
const roles = await service.readMany(req.accountability.roles, temporaryQuery); |
if (this.accountability?.admin) { | ||
return mapValues(this.schema.collections, () => | ||
Object.fromEntries( | ||
['create', 'read', 'update', 'delete', 'share'].map((action) => [ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could we extract this array as a constant? This array will be used in the App as well.
const query = { ...req.sanitizedQuery, limit: -1 }; | ||
|
||
try { | ||
const roles = await service.readMany(req.accountability.roles, query); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we include this comment about it being temporary to be consistent with other usages?
const query = { ...req.sanitizedQuery, limit: -1 }; | |
try { | |
const roles = await service.readMany(req.accountability.roles, query); | |
// TODO fix this at the service level | |
const temporaryQuery = { ...req.sanitizedQuery, limit: -1 }; | |
try { | |
const roles = await service.readMany(req.accountability.roles, temporaryQuery); |
Co-authored-by: Hannes Küttner <4376726+hanneskuettner@users.noreply.github.com>
api/src/database/run/run.ts
Outdated
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should this file be run-ast.ts
?
Scope
What's changed:
api/src/permissions
folderroles
flag to accountability object. This is an ordered array of all the parent roles of the current userget-ast-from-query
by splitting it into multiple filescases
andwhenCase
. This allows us to dynamically generate the case/when SQL to have dynamic field output per item.run-ast
by splitting it up into smaller filesPotential Risks / Drawbacks
Review Notes / Questions
Todos
whenCases
inrun-ast
clear
method in memory/cache/permissions
endpointdirectus_access
changesdirectus_roles
changesdirectus_permissions
changesdirectus_policies
changesdown
migrationwithCache
to the known keysapp_access
andadmin_access
false
Closes #21778, closes #21765, closes #22163, closes #21769, closes #21768, closes #21767, closes #21766
Footnotes
Eg check to make sure there's still >=1 admin left after the mutation is done ↩