Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable HTTP-based authentication and authorisation ECFLOW-1960 #158

Draft
wants to merge 8 commits into
base: feature/support_http_comms
Choose a base branch
from
Draft

Enable HTTP-based authentication and authorisation ECFLOW-1960 #158

wants to merge 8 commits into from

Conversation

marcosbento
Copy link
Collaborator

No description provided.

@marcosbento marcosbento force-pushed the feature/authentication_and_authorization branch 2 times, most recently from 9e6094f to a79c5fc Compare February 24, 2025 14:37
@marcosbento marcosbento marked this pull request as draft February 26, 2025 13:42
@marcosbento marcosbento force-pushed the feature/support_http_comms branch from a58251f to 33743ed Compare February 26, 2025 13:44
@marcosbento marcosbento force-pushed the feature/authentication_and_authorization branch from a79c5fc to 5e5ff72 Compare February 26, 2025 13:45
@marcosbento marcosbento force-pushed the feature/support_http_comms branch from 33743ed to ad68056 Compare February 27, 2025 08:33
@marcosbento marcosbento force-pushed the feature/authentication_and_authorization branch from 5e5ff72 to 279d84d Compare February 27, 2025 08:33
@marcosbento
Refactor Access control
6d739e3 
- Separate Authentication (check for correct username and password),
from Authorization (check if use permissions allow to execute command)

Re ECFLOW-1960
@marcosbento marcosbento force-pushed the feature/support_http_comms branch from ad68056 to cdacefe Compare March 5, 2025 09:28
@marcosbento marcosbento force-pushed the feature/authentication_and_authorization branch from 279d84d to b3ffac2 Compare March 5, 2025 09:29
@marcosbento
Create AuthorisationService based on Permissions
d7896b9 
- Add scaffolding framework to perform Authorisation check

Re ECFLOW-1960
@marcosbento
Setup Authentication token file at .ecflowapirc
e84bae9 
- Update client to include token in request
- Update server to consider Secured User (i.e. user authenticated by
reverse-proxy, thus no need authentication by ecflow_server)

Note: this could eventually replace ECF_PASSWD file, on the client-side

Re ECFLOW-1960
@marcosbento marcosbento force-pushed the feature/authentication_and_authorization branch from b3ffac2 to dd61e16 Compare March 5, 2025 10:41
@marcosbento
Add algorithm to visit Server/Defs/Nodes on a path
4814fda 
This algorithm allows visiting the nodes on a given path and to collect
the applicable per node permission used for Authorisation

Re ECFLOW-1960
@marcosbento
Enable basic Authorisation mechanism
5cf05c3 
Re ECFLOW-1960
@marcosbento
Fix Linux specific compilation issues
f6c2024 
Re ECFLOW-1960
@marcosbento
Remove unused tests
c51bb70 
Re ECFLOW-1960
@marcosbento marcosbento force-pushed the feature/authentication_and_authorization branch 3 times, most recently from 5717867 to 86bedde Compare March 6, 2025 17:56
@codecov-commenter
Copy link

codecov-commenter commented Mar 6, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 83.04668% with 138 lines in your changes missing coverage. Please review.

Project coverage is 49.29%. Comparing base (cdacefe) to head (bd41e24).

Files with missing lines Patch % Lines
...ibs/client/src/ecflow/client/ClientEnvironment.cpp 33.96% 35 Missing ⚠️
...server/src/ecflow/server/AuthenticationService.cpp 71.15% 15 Missing ⚠️
...ibs/client/src/ecflow/client/ClientEnvironment.hpp 7.69% 12 Missing ⚠️
libs/base/src/ecflow/base/cts/task/TaskCmd.cpp 25.00% 9 Missing ⚠️
libs/core/src/ecflow/core/Identity.hpp 76.92% 9 Missing ⚠️
libs/base/src/ecflow/base/AuthorisationDetails.hpp 91.57% 8 Missing ⚠️
.../server/src/ecflow/server/AuthorisationService.cpp 81.39% 8 Missing ⚠️
libs/client/src/ecflow/client/ClientInvoker.cpp 50.00% 7 Missing ⚠️
libs/node/src/ecflow/node/Permissions.cpp 28.57% 5 Missing ⚠️
...bs/base/src/ecflow/base/cts/user/EditScriptCmd.cpp 0.00% 4 Missing ⚠️
... and 14 more
Additional details and impacted files 
@@                      Coverage Diff                       @@
##           feature/support_http_comms     #158      +/-   ##
==============================================================
+ Coverage                       48.97%   49.29%   +0.32%     
==============================================================
  Files                            1192     1210      +18     
  Lines                           98725    99198     +473     
  Branches                        14807    14814       +7     
==============================================================
+ Hits                            48346    48896     +550     
+ Misses                          50379    50302      -77

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@marcosbento marcosbento force-pushed the feature/authentication_and_authorization branch from 86bedde to bd41e24 Compare March 7, 2025 09:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@marcosbento @codecov-commenter