Lenient shield builder #315
Merged
+513
−88
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…to ac/mix_persona_and_accounts_in_factor_instances_provider
…allowed FactorSourceKind - add query methods which can query which kinds are supported/if a kind is supported
…r' into ac/shield_upgrade_validate_kind_for_rola_and_more_lenient_add_factors
CyonAlexRDX
requested review from
GhenadieVP,
danvleju-rdx and
sergiupuhalschi-rdx
CyonAlexRDX
commented
Dec 20, 2024
| { | ||
| return duplicates_err; | ||
| } | ||
| // but if threshold contains it, we're good (since mode is lenient) |
There was a problem hiding this comment.
With Lenient, we allow a factor which is in override to be added to threshold (and vice versa)
CyonAlexRDX
commented
Dec 20, 2024
| } | ||
| } | ||
| SecurityShieldBuilderMode::Lenient => {} |
There was a problem hiding this comment.
for Lenient we do not count the number of Device FactorSource, we allow many.
CyonAlexRDX
commented
Dec 20, 2024
| @@ -707,6 +829,10 @@ impl<const ROLE: u8> RoleBuilder<ROLE> { | |||
| ); | |||
| } | |||
|
|
|||
| if mode == SecurityShieldBuilderMode::Lenient { | |||
| return Ok(()); | |||
There was a problem hiding this comment.
For Lenient we allow password by itself.
danvleju-rdx
approved these changes
Dec 20, 2024
|
pushing a fix for swift tests now |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #315 +/- ##
=======================================
- Coverage 93.3% 93.3% -0.1%
=======================================
Files 1111 1111
Lines 24064 24182 +118
Branches 79 79
=======================================
+ Hits 22464 22570 +106
- Misses 1585 1597 +12
Partials 15 15
Flags with carried forward coverage won't be shown. Click here to find out more.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Allows for more lenient
SecurityShieldBuilder, by passingSecurityShieldBuilderMode::LenientasmodetoSecurityShieldBuilder.Changes
The
RoleBuilderandMatrixBuilderhave got a new variant of almost all their methods, having the suffix_with_modewhich takes amode: SecurityShieldBuilderMode. The reason why this is not a field on theMatrixBuilderandrole_builderis because it requires bigger changes toAbstractRoleBuilderOrBuiltandAbstractMatrixBuilderOrBuilt- which we can do but a bit more intrusive change. We could potentially add a serde_skipped extra field which we set to()forBuiltbut toSecurityShieldBuilderMode(which we might rename toFactorBuilderModeto fit more intoRoleBuilder) for non-Built (i.e. builders).The SecurityShield builder than pass
self.modeto all required methods.The RoleBuilder has been updated to make use of
modepassed as method argument to be more lenient - when applicable.