huanld/speckle-server
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
8,254 Commits 2 Branches 0 Tags
b4cf23f8568d2a67ea13f615af63ccf1ce4efc41
Commit Graph

11 Commits

Author SHA1 Message Date
Kristaps Fabians Geikins b29331705e chore(server): get rid of duplicate gql TS types (#5065) 2025-07-14 11:31:12 +03:00
Kristaps Fabians Geikins 4db1531064 feat: "workspace" project visibility (#4704) 
* WIP new visi

* test fixes

* visibility seems to work

* authz policies & authorizeResolver updated

* various test fixes

* users tests

* frontend changes

* minor adjustments

* shared test fix

* test fixes

* force rerun CI
 2025-05-14 15:20:26 +03:00
Iain Sproat f8b0ce34b3 tests(server): do not run Workspace SSO tests if not enabled 2025-05-13 14:27:14 +01:00
Kristaps Fabians Geikins c54d15fd93 feat: authz frontend foundation + reworked errors (#4275) 
* feat: authz frontend foundation + reworked errors

* lint fixes

* test fix

* fixed noCache() util
 2025-03-27 16:13:35 +02:00
Gergő Jedlicska 968d2f2520 auth/lib (#4242) 
* wip

* wip

* feat(authz): wip policy shape

* wip

* fix(authz): canReadProject with latest pattern

* wip

* feat(shared): simplify authz checks and policies

* feat(shared): port role weights into shared

* test(shared): some more tests for authz

* test(shared): more query project tests

* typo!

* feat(shared): ff loading refinements

* feat(shared): example authorization policy integration

* authz loaders init

* chore(authz): naming etc

* wip

* fix(authz): authz error objects

Co-authored-by: Kristaps Fabians Geikins <fabis94@users.noreply.github.com>
Co-authored-by: Gergő Jedlicska <gjedlicska@users.noreply.github.com>

* fix(authz): use correct role weights

* chore(authz): use codes from errors in tests

* chore(authz): wow

* chore(authz): fix more tests, add more tests

* chore(authz): fix some tests, add some tests (again)

* fix(authz): fix tests again

* fix(server): you need to await !!!! otherwise it crashes the server.

---------

Co-authored-by: Charles Driesler <chuck@speckle.systems>
Co-authored-by: Kristaps Fabians Geikins <fabis94@users.noreply.github.com>
Co-authored-by: Gergő Jedlicska <gjedlicska@users.noreply.github.com>
 2025-03-21 16:37:36 +01:00
Chuck Driesler 66da283a79 Revert "feat(authz): shared authz pipeline (#4151)" (#4241) 
This reverts commit cb8aa31b66.
 2025-03-21 15:41:17 +01:00
Chuck Driesler cb8aa31b66 feat(authz): shared authz pipeline (#4151) 
* wip

* wip

* feat(authz): wip policy shape

* wip

* fix(authz): canReadProject with latest pattern

* wip

* feat(shared): simplify authz checks and policies

* feat(shared): port role weights into shared

* test(shared): some more tests for authz

* test(shared): more query project tests

* typo!

* feat(shared): ff loading refinements

* feat(shared): example authorization policy integration

* authz loaders init

* chore(authz): naming etc

* wip

* fix(authz): authz error objects

Co-authored-by: Kristaps Fabians Geikins <fabis94@users.noreply.github.com>
Co-authored-by: Gergő Jedlicska <gjedlicska@users.noreply.github.com>

* fix(authz): use correct role weights

* chore(authz): use codes from errors in tests

* chore(authz): wow

* chore(authz): fix more tests, add more tests

* chore(authz): fix some tests, add some tests (again)

* fix(authz): fix tests again

---------

Co-authored-by: Gergő Jedlicska <gergo@jedlicska.com>
Co-authored-by: Kristaps Fabians Geikins <fabis94@users.noreply.github.com>
Co-authored-by: Gergő Jedlicska <gjedlicska@users.noreply.github.com>
 2025-03-21 14:45:36 +01:00
Kristaps Fabians Geikins 2643d32d0a Merge branch 'main' into fabians/multiregion-testing3 2024-11-11 14:53:53 +02:00
Kristaps Fabians Geikins d02ca824c3 test fixes 2024-11-11 14:51:54 +02:00
Kristaps Fabians Geikins d0acdbcb8b test fix 2024-11-07 10:18:16 +02:00
Chuck Driesler d42bf7c3f9 feat(sso): protect access with sso sessions (#3441) 
* feat(workspaces): add workspace sso feature flag

* feat(workspaceSso): wip validate sso

* feat(workspaces): validate and add sso provider to the workspace with user sso sessions

* feat(workspaces): validate and add sso provider to the workspace with user sso sessions

* WIP

* fix(sso): restructure to handle all branches at end of flow

* fix(sso): add and validate emails used for sso

* fix(sso): park progress

* chore(workspaces): review sso login/valdate

* fix(sso): adjust validate url

* chore(sso): auth header puzzle

* fix(sso): happy-path config

* chore(gql): gqlgen

* fix(sso): almost almost

* fix(sso): auth endpoint

* a lil more terse

* fix(sso): light at the end of the tunnel

* fix(sso): improve catch block error messages

* fix(sso): session lifespan => validUntil

* fix(sso): I think we've got it

* feat(sso): limited workspace values for public sso login

* fix(sso): use factory functions

* fix(sso): til decrypt is single-use

* fix(sso): correct usage of access codes

* fix(sso): use finalize middleware in all routes

* chore(sso): cheeky tweak

* fix(sso): move some types around

* fix(sso): stencil final shape I'm sleepy

* fix(sso): more factories more factories

* fix(sso): on to final boss of factories

* fix(sso): needs a haircut but she works

* fix(sso): init rest w function, not side-effects

* fix(sso): /authn => /sso

* chore(sso): errors

* chore(sso): test test test

* chore(sso): test all the corners

* feat(sso): list workspace sso memberships

* chore(sso): tests, expose in rest

* fix(sso): sketch active user auth

* fix(sso): expose search via gql

* fix(sso): active user session information

* chore(sso): sso session test utils

* chore(sso): test sso session repo/services

* chore(sso): gqlgen

* feat(sso): throw error on missing or expired sso session

* chore(sso): tests for SSO access protection

---------

Co-authored-by: Gergő Jedlicska <gergo@jedlicska.com>
Co-authored-by: Mike Tasset <mike.tasset@gmail.com>
 2024-11-05 17:36:51 +01:00