-
Notifications
You must be signed in to change notification settings - Fork 3
Conversation
This comment has been minimized.
This comment has been minimized.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
looking at https://github.com/owncloud/ocis-accounts/pull/100/files#diff-1bc5586c5f4afccf828e3161c29aa9f2 I wonder if there is a cleaner way to check the permissions. googling led me to https://github.com/ory/ladon?branch=master#conditions and since we are aiming for fine grained permissions here, I think this is the right direction.
UI tests need to be adjusted. The accounts list can only be viewed by admin accounts now, so we need to have an admin user in the test suite. |
61405f4
to
f689eff
Compare
Rebased to current master |
821a348
to
e2a7a9f
Compare
Tests are failing, because the accounts service is starting faster than the settings service: https://cloud.drone.io/owncloud/ocis-accounts/466/2/6 |
53fc17e
to
92dcb08
Compare
…-accounts into manage-account-permissions
@kulmann I tried running in this branch locally but for me, the user
Seems like that is why the UI tests are failing |
Can you delete |
@kulmann that worked. But now if I go to the accounts page, the account service panics
|
Here is an overview of what got changed by this pull request: Complexity increasing per file
==============================
- pkg/service/v0/permissions.go 3
- pkg/service/v0/accounts.go 1
Clones added
============
- pkg/service/v0/permissions.go 4
Clones removed
==============
+ pkg/service/v0/settings.go -2
See the complete overview on Codacy |
Kudos, SonarCloud Quality Gate passed! 0 Bugs |
CI is green now. It was again an issue with drone running on an ocis version that doesn't have all the features needed for this PR. |
We make use of the roles cache from ocis-pkg to enforce permission checks in the accounts handler.