Commit Graph

34 Commits

Author SHA1 Message Date
Christoph Kluge
f37e7c26f6 Rework roles as enum, change AuthSource to enum 2023-03-06 11:44:38 +01:00
Christoph Kluge
8bd72ce807 Small fixes after full file review
- Remove unnecessary field 'project' from GQl and regenerate
- Add newlines to file ends
- Fix command-line manager user addition
2023-02-23 12:33:14 +01:00
Christoph Kluge
e0e51813ad Merge branch 'master' into 40_45_82_update_roles 2023-02-21 17:17:41 +01:00
8ffb562d6b Introduce db migration support 2023-02-21 10:57:22 +01:00
Christoph Kluge
397ab08b3b Add support for multiple projects per manager
- Handled like roles in admin view
- !! NEW COLUMN CHANGED TO "projects"
2023-02-17 15:45:31 +01:00
033598a656 Remove loglevel notice 2023-02-15 11:50:51 +01:00
Christoph Kluge
a2ebebd7f6 Remove role label array from frontend
- made centralized role array uncentralized again
2023-02-01 14:49:10 +01:00
Christoph Kluge
a885e69125 Adapt loglevel for logs, shorten strings, fix formats, streamline
- Switched to Warn for most errors, reduces bloat, improves log control
2023-02-01 11:58:27 +01:00
Christoph Kluge
b77bd078e5 Add log messages to error events w/o log message, primaryly error level
- "log spam" to be controlled via loglevel flag on startup
2023-01-31 18:28:44 +01:00
Christoph Kluge
7fb94c33cf Add API call for frontend to fetch list of valid roles from backend
- only relevant for admin config (addUser, editRole)
- admin only (double-checked)
2023-01-30 17:01:11 +01:00
Christoph Kluge
b2aed2f16b Add 'project' to user table, add 'manager' role, conditional web render
- Addresses issues #40 #45 #82
- Reworked Navigation Header for all roles
- 'Manager' role added, can be assigned a project-id in config by admins
- BREAKING! -> Added 'project' column in SQLite3 table 'user'
- Manager-Assigned project will be added to all graphql filters: Only show Jobs and Users of given project
- 'My Jobs' Tab for all Roles
- Switched from Bool "isAdmin" to integer authLevels
- Removed critical data frontend logging
- Reworked repo.query.SecurityCheck()
2023-01-27 18:36:58 +01:00
Christoph Kluge
834f9d9085 Add role helper functions, add project role barebone, add valid role arr
- HasAnyRoles([]string): Checks if user has *one* of the roles
- HasAllRoles([]string): Cheks if user has *all* of the roles
- HasNotRoles([]string): Checks if user has *none* of the roles
- IsValidRole(string): Checks if given string is known valid role
2023-01-25 16:59:16 +01:00
Christoph Kluge
79a949b55e Rework pkg/log, add 'loglevel' and 'logdate' flags, streamline
- removes some previously added manual location strings: now handled by pkg/log depending on loglevel
- kept manual string locations on fmt print functions
- add 'notice' and 'critical' loglevels
- add 'Panic' and 'Panicf' functions to log panics
- adresses issue #26
2023-01-23 18:48:06 +01:00
Christoph Kluge
24a4244f19 add more information to existing errors logs and panics
- '$ROOT/$FILE' for better localization in the code
- add text where none was given
- fix unnecessary sprintf nesting in influxv2 and prometheus metricrepo logging
2023-01-19 16:59:14 +01:00
Pay Gießelmann
e5573a9b29
Fix remove role support 2022-11-30 11:46:32 +01:00
Michael Schwarz
f817ac5240 Accept externally generated JWTs provided via cookie
If there is an external service like an AuthAPI that can generate JWTs and
  hand them over to ClusterCockpit via cookies, CC can be configured to
  accept them
2022-10-19 13:36:13 +02:00
Jan Eitzinger
918a07735d
Merge branch 'master' into dev-job-archive-module 2022-09-26 15:12:46 +02:00
Jan Eitzinger
adc22f6bc1
Merge branch 'master' into config-component 2022-09-13 09:05:07 +02:00
Jan Eitzinger
d8aaa26c27 Cleanup and small fixes 2022-09-13 07:38:18 +02:00
Jan Eitzinger
8856f26fb0 Reformat and Refactor packages. Rebuild GraphQL. 2022-09-07 12:24:45 +02:00
Jan Eitzinger
b7907d33aa Move data structures to config package 2022-09-06 15:43:57 +02:00
Christoph Kluge
c9954787c1 Add admin function to remove roles, rename addroles to editroles 2022-08-26 15:15:36 +02:00
Michael Schwarz
84bac7e520 Add new role support. This enables designated users to see all jobs. 2022-08-25 12:45:11 +02:00
Jan Eitzinger
26df1e7c14 Add copyright and license header. Update license year 2022-07-29 06:29:21 +02:00
Lou Knauer
d4b1b32ca0 token based login: fix re-logins 2022-07-26 13:50:54 +02:00
Lou Knauer
dc0bf80742 Fix auth.AddUser method 2022-07-26 11:00:41 +02:00
Lou Knauer
dc4c7f0033 bugfix: LDAP is optional 2022-07-25 17:27:42 +02:00
Lou Knauer
e500c1515e Allow login via token in URL 2022-07-25 10:36:20 +02:00
Lou Knauer
a48e94ab3e bugfixes in auth/ 2022-07-25 09:33:36 +02:00
Lou Knauer
2d57e4cfe8 Change to HS256 as login token alg 2022-07-25 09:03:48 +02:00
Lou Knauer
f0530f2908 Different keypair for token based login 2022-07-13 15:04:11 +02:00
Lou Knauer
04574db32f Integrate new auth interface 2022-07-07 14:08:37 +02:00
Lou Knauer
65f7e5e6c8 load config.json in current directory by default (issue #17) 2022-07-05 10:23:26 +02:00
Jan Eitzinger
81819db436 Refactor directory structure 2022-06-21 17:52:36 +02:00