New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Advanced Access Control Layer (AACL) #2576

Merged

adrians5j merged 120 commits into next from aacl

Jun 23, 2023

Member

adrians5j commented Aug 10, 2022 •

edited

Loading

Changes

This PR integrates the new ACL-related requirements.

With this PR, open-source projects will be limited when it comes to choosing permissions in the Security Groups / API keys forms. From now, users will only be able to select No access or Full access. The only way they'll be able to choose Custom access is by linking their project with WCP and enabling the Advanced Access Control Layer (AACL) add-on.

Note: existing Webiny projects will keep working as is.

Additionally, we're introducing Teams. A new feature that enables users to assign a user to a team, which consists of one or more security groups, enabling users to be even more flexible when it comes to defining permissions for users.

Finally, groups are being renamed to roles.

How Has This Been Tested?

Jest / Cypress.

Documentation

Changelog.

adrians5j added 12 commits

August 5, 2022 18:27


          feat: add createdOn to System

f535bb4


          feat: add SecurityContext

e6f98af


          feat: allow custom permissions only for WCP/AACL-activated projects

453466f


          fix: add fm to WBY_APPS_PERMISSIONS_PREFIXES

2b44caa


          test: create test for filterOutCustomWbyAppsPermissions

a263829


          fix: use TenancyContext

708d7ae


          test: update Jest configs

76805e8


          fix: finalize all custom permissions-related checks

e5f2c5d


          test: add AACL / custom permissions tests

14beda1


          feat: export useWcp

bf51b82


          wip: disable custom permissions sections if they cannot be used

f347779


          feat: add createdOn to system records

63dde48

adrians5j self-assigned this

adrians5j added 17 commits

August 11, 2022 13:24


          fix: update dependencies

4dddb94


          Merge remote-tracking branch 'origin/next' into aacl

ae24952

# Conflicts:
#	packages/api-wcp/package.json
#	packages/app-page-builder/package.json
#	yarn.lock


          fix: update dependencies

ff0d023


          fix: add app-serverless-cms package

32af70b


          fix: move AACL checks into the api-security package

35bde4a


          chore: update yarn.lock

25c1e45


          fix: import WCP from app-admin

dbcaeb8


          feat: add advancedAccessControlLayer

68275a7


          fix: update deps

d648b41


          Merge remote-tracking branch 'origin/next' into aacl

5fa8194


          fix: update deps

5ff3743


          test: update assertions (take wcp permissions into consideration)

9bc2a49


          fix: remove extra @webiny/api-wcp

00fdd05


          fix: rename createdOn to installedOn

b5da93e


          chore: remove redundant Jest configs

9a65dee


          feat: add AACL_RELEASE_DATE const (update before merge)

cbf9e7b


          feat: add WcpPermission type

4a5be42

wip

02a4e4a

Member Author

adrians5j commented Jun 22, 2023

/cypress

github-actions bot commented Jun 22, 2023

Cypress E2E tests have been initiated (for more information, click here). ✨

adrians5j added 6 commits

June 22, 2023 14:19

wip

f55cfe9

wip

3659b96

wip

8a7cad3

wip

7664bfc

wip

fe4833f

wip

792d65f

Member Author

adrians5j commented Jun 22, 2023

/cypress

github-actions bot commented Jun 22, 2023

Cypress E2E tests have been initiated (for more information, click here). ✨

wip

e616f1c

Member Author

adrians5j commented Jun 23, 2023

/cypress

github-actions bot commented Jun 23, 2023

Cypress E2E tests have been initiated (for more information, click here). ✨

adrians5j added 4 commits

June 23, 2023 10:31

wip

b49e6b8

wip

6a4d071

wip

dfc1ddd

wip

a27c6c9

Member Author

adrians5j commented Jun 23, 2023

/cypress

github-actions bot commented Jun 23, 2023

Cypress E2E tests have been initiated (for more information, click here). ✨


          ci: trigger workflows

b8aa83f

Member Author

adrians5j commented Jun 23, 2023

/cypress

github-actions bot commented Jun 23, 2023

Cypress E2E tests have been initiated (for more information, click here). ✨


          wip [no ci]

8dc3318

adrians5j merged commit 811e972 into next

adrians5j added this to the 5.37.0 milestone

adrians5j added needs-migration project-upgrade-ready and removed needs-migration labels

adrians5j deleted the aacl branch

July 5, 2023 07:02

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

project-upgrade-ready