Skip to content

v3.0.0: Site roles, program authz, user authz

Latest
Latest
Compare
Choose a tag to compare
@daisieh daisieh released this 02 May 17:50
· 49 commits to develop since this release
v3.0.0
a989584
This commit was created on github.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

Highlights

  • Site roles, including site admin, now defined in Opa
  • Program authorizations are defined in Opa's vault secret store
  • User-specific program authorizations are defined in Opa's vault secret store
  • Refactored rego policies and created unit tests

What's Changed

  • DIG-1520: Site admin is a role defined in Opa, not in jwt by @daisieh in #51
  • DIG-1518: Rego policies now based on ProgramAuthorizations by @daisieh in #52
  • Interpolate default usernames from .env file instead of hardcoding by @daisieh in #53
  • DIG-1546: Opa unit tests by @daisieh in #54
  • DIG-1502: Opa implements user-specific authorizations by @daisieh in #55
  • DIG-898: allow service_token to view user_key by @daisieh in #56

Full Changelog: v2.1.0...v2.2.0

Contributors

daisieh
Assets 2
Loading