MF-1506 - Group-based Access Control (#1716) · AryanGodara/mainflux@55e09c1

Commit

MF-1506 - Group-based Access Control (absmach#1716)

* Move Things and Users to Clients

Signed-off-by: dusanb94 <[email protected]>
Signed-off-by: rodneyosodo <[email protected]>
Signed-off-by: dusanb94 <[email protected]>

* NOISSUE - Update Add and Delete Policies (absmach#1792)

* Remove Policy Action Ranks

Signed-off-by: rodneyosodo <[email protected]>

* Fix Rebase Issues

Signed-off-by: rodneyosodo <[email protected]>

* Fix CI Test Errors

Signed-off-by: rodneyosodo <[email protected]>

* Adding Check on Subject For Clients

Signed-off-by: rodneyosodo <[email protected]>

* Remove Check Client Exists

Signed-off-by: rodneyosodo <[email protected]>

* Check When Sharing Clients

Signed-off-by: rodneyosodo <[email protected]>

* Only Add User to Group When Sharing Things

Signed-off-by: rodneyosodo <[email protected]>

* Remove clientType

Signed-off-by: rodneyosodo <[email protected]>

* Minor Fix on ShareClient and Fix Tests

Signed-off-by: rodneyosodo <[email protected]>

* Fix Policies Tests

Signed-off-by: rodneyosodo <[email protected]>

* Clean Up Things Authorization

Signed-off-by: rodneyosodo <[email protected]>

* Fix Tests on RetrieveAll

Signed-off-by: rodneyosodo <[email protected]>

* Test ShareThing

Signed-off-by: rodneyosodo <[email protected]>

* Fix Merge Conflicts

Signed-off-by: rodneyosodo <[email protected]>

* Remove Adding Policies. Only Use Ownership

Signed-off-by: rodneyosodo <[email protected]>

* Check If Subject is same as Object

Signed-off-by: rodneyosodo <[email protected]>

* Move Back To Union As Sometimes Policy is Empty and Fails to Evaluate on Ownership

Signed-off-by: rodneyosodo <[email protected]>

* Fix Entity Type For Failing Tests

Signed-off-by: rodneyosodo <[email protected]>

* Fix BUG in policy evaluation

Signed-off-by: rodneyosodo <[email protected]>

* Fix Tests

Signed-off-by: rodneyosodo <[email protected]>

* Add Comments Regarding checkAdmin

Signed-off-by: rodneyosodo <[email protected]>

* Fix Tests On Rebase

Signed-off-by: rodneyosodo <[email protected]>

* Combine Authorize For Things and Users

Signed-off-by: rodneyosodo <[email protected]>

* Fix Tests On Rebase

Signed-off-by: rodneyosodo <[email protected]>

* Error on Things SVC `unsupported protocol scheme`

Signed-off-by: rodneyosodo <[email protected]>

---------

Signed-off-by: rodneyosodo <[email protected]>
Signed-off-by: dusanb94 <[email protected]>

* Fix Bug on Things Authorization Cache (absmach#1810)

Signed-off-by: rodneyosodo <[email protected]>
Signed-off-by: dusanb94 <[email protected]>

* Use Password instead of username in MQTT handler

Signed-off-by: dusanb94 <[email protected]>

* Simplify MQTT authorization

Signed-off-by: dusanb94 <[email protected]>

* Fix MQTT tests

Signed-off-by: dusanb94 <[email protected]>

* NOISSUE - Add More Functions to SDK (absmach#1811)

* Add More Functions to SDK

Signed-off-by: rodneyosodo <[email protected]>

* Add Examples to GoDoc

Signed-off-by: rodneyosodo <[email protected]>

* Update Unassign Interface

Signed-off-by: rodneyosodo <[email protected]>

* Pass Subject as ID and Not Token on List Channels By Thing

Signed-off-by: rodneyosodo <[email protected]>

* Fix Bootstrap Errors For Element Check

Signed-off-by: rodneyosodo <[email protected]>

* Add empty line Before Return

Signed-off-by: rodneyosodo <[email protected]>

* Reorder URLS in things mux

Signed-off-by: rodneyosodo <[email protected]>

* Fix Listing Things Policies

Signed-off-by: rodneyosodo <[email protected]>

* Fix Share Thing

Signed-off-by: rodneyosodo <[email protected]>

* Add Examples to CLI Docs

Signed-off-by: rodneyosodo <[email protected]>

* Fix Update Identity To Update Another User

Signed-off-by: rodneyosodo <[email protected]>

* Fix Identify an Update Policies on Things

Signed-off-by: rodneyosodo <[email protected]>

* Fix Update Things Policies

Signed-off-by: rodneyosodo <[email protected]>

* Fix GoDocs on Disconnect

Signed-off-by: rodneyosodo <[email protected]>

* Fix Tests

Signed-off-by: rodneyosodo <[email protected]>

* Change Authorize To Use AccessRequest

Signed-off-by: rodneyosodo <[email protected]>

---------

Signed-off-by: rodneyosodo <[email protected]>
Signed-off-by: dusanb94 <[email protected]>

* For Evaluate Policy Use AccessRequest (absmach#1814)

Signed-off-by: rodneyosodo <[email protected]>
Signed-off-by: dusanb94 <[email protected]>

* NOISSUE - Add SDK Tests (absmach#1812)

* Add Things Tests

Signed-off-by: rodneyosodo <[email protected]>

* Add Channel Tests

Signed-off-by: rodneyosodo <[email protected]>

* Add Certs Tests

Signed-off-by: rodneyosodo <[email protected]>

* Add Consumer Tests

Signed-off-by: rodneyosodo <[email protected]>

* Enrich Group Tests

Signed-off-by: rodneyosodo <[email protected]>

* Add Tests For Health

Signed-off-by: rodneyosodo <[email protected]>

* Add Tests For Tokens

Signed-off-by: rodneyosodo <[email protected]>

* Rename SDK for Tests

Signed-off-by: rodneyosodo <[email protected]>

* Add Policies Tests

Signed-off-by: rodneyosodo <[email protected]>

* Fix Linter

Signed-off-by: rodneyosodo <[email protected]>

* Fix Tests

Signed-off-by: rodneyosodo <[email protected]>

* Make Variable Defination Inline

Signed-off-by: rodneyosodo <[email protected]>

---------

Signed-off-by: rodneyosodo <[email protected]>
Signed-off-by: dusanb94 <[email protected]>

* NOISSUE - Make Cache Key Duration Configurable (absmach#1815)

* Make Cache Key Duration Configurable

Signed-off-by: rodneyosodo <[email protected]>

* Rename ENV Var

Signed-off-by: rodneyosodo <[email protected]>

---------

Signed-off-by: rodneyosodo <[email protected]>
Signed-off-by: dusanb94 <[email protected]>

* NOISSUE - Update GoDocs (absmach#1816)

* Add GoDocs

Signed-off-by: rodneyosodo <[email protected]>

* Add Missing GoDoc Files

Signed-off-by: rodneyosodo <[email protected]>

* Enable godot

Signed-off-by: rodneyosodo <[email protected]>

* Add License Information

Signed-off-by: rodneyosodo <[email protected]>

---------

Signed-off-by: rodneyosodo <[email protected]>
Signed-off-by: dusanb94 <[email protected]>

* NOISSUE - Add Call Home Client to Mainflux services (absmach#1751)

* Move Things and Users to Clients

Signed-off-by: dusanb94 <[email protected]>
Signed-off-by: rodneyosodo <[email protected]>
Signed-off-by: SammyOina <[email protected]>

* collect and send data package

Signed-off-by: SammyOina <[email protected]>

* create telemetry migrations

Signed-off-by: SammyOina <[email protected]>

* add telemetry endpoints

Signed-off-by: SammyOina <[email protected]>

* add transport

Signed-off-by: SammyOina <[email protected]>

* create service

Signed-off-by: SammyOina <[email protected]>

* remove homing server

Signed-off-by: SammyOina <[email protected]>

* add call home to adapters

Signed-off-by: SammyOina <[email protected]>

* add last seen

Signed-off-by: SammyOina <[email protected]>

* rename logger

Signed-off-by: SammyOina <[email protected]>

* remove homing client

Signed-off-by: SammyOina <[email protected]>

* use unmerged repo

Signed-off-by: SammyOina <[email protected]>

* use renamed module

Signed-off-by: SammyOina <[email protected]>

* update call home version

Signed-off-by: SammyOina <[email protected]>

* edit documentation

Signed-off-by: SammyOina <[email protected]>

* align table

Signed-off-by: SammyOina <[email protected]>

* use alias for call home client

Signed-off-by: SammyOina <[email protected]>

* update callhome

Signed-off-by: SammyOina <[email protected]>

* update call home pkg

Signed-off-by: SammyOina <[email protected]>

* update call home

Signed-off-by: SammyOina <[email protected]>

* fix modules

Signed-off-by: SammyOina <[email protected]>

* use mf build version

Signed-off-by: SammyOina <[email protected]>

* use mf build version

Signed-off-by: SammyOina <[email protected]>

* restore default

Signed-off-by: SammyOina <[email protected]>

* add call home for users and things

Signed-off-by: SammyOina <[email protected]>

* enable opting on call home

Signed-off-by: SammyOina <[email protected]>

* remove full stops

Signed-off-by: SammyOina <[email protected]>

* update callhome client

Signed-off-by: SammyOina <[email protected]>

* add call home to all services

Signed-off-by: SammyOina <[email protected]>

* fix build

Signed-off-by: SammyOina <[email protected]>

* restore sdk tests

Signed-off-by: SammyOina <[email protected]>

* remove unnecessary changes

Signed-off-by: SammyOina <[email protected]>

* restore health_test.go

Signed-off-by: SammyOina <[email protected]>

---------

Signed-off-by: dusanb94 <[email protected]>
Signed-off-by: rodneyosodo <[email protected]>
Signed-off-by: SammyOina <[email protected]>
Co-authored-by: b1ackd0t <[email protected]>
Signed-off-by: dusanb94 <[email protected]>

---------

Signed-off-by: dusanb94 <[email protected]>
Signed-off-by: rodneyosodo <[email protected]>
Signed-off-by: SammyOina <[email protected]>
Co-authored-by: b1ackd0t <[email protected]>
Co-authored-by: Sammy Kerata Oina <[email protected]>

Loading branch information

3 people authored Jun 14, 2023

1 parent 3d0d6e2 commit 55e09c1

.gitignore

-Original file line number
+Diff line change
@@ Expand Up / @@ -5,3 +5,9 @@ @@
     # https://digitalfortress.tech/tricks/creating-a-global-gitignore/
     build
+    # tools
+    tools/e2e/e2e
+    tools/mqtt-bench/mqtt-bench
+    tools/provision/provision
+    tools/provision/mfconn.toml

Makefile

-Original file line number
+Diff line change
@@ Expand Up / @@ -5,7 +5,7 @@ MF_DOCKER_IMAGE_NAME_PREFIX ?= mainflux @@
     BUILD_DIR = build
     SERVICES = users things http coap ws lora influxdb-writer influxdb-reader mongodb-writer \
     	mongodb-reader cassandra-writer cassandra-reader postgres-writer postgres-reader timescale-writer timescale-reader cli \
-    	bootstrap opcua auth twins mqtt provision certs smtp-notifier smpp-notifier
+    	bootstrap opcua twins mqtt provision certs smtp-notifier smpp-notifier
     DOCKERS = $(addprefix docker_,$(SERVICES))
     DOCKERS_DEV = $(addprefix docker_dev_,$(SERVICES))
     CGO_ENABLED ?= 0
@@ Expand Down Expand Up / @@ -78,7 +78,8 @@ test: @@
     proto:
     	protoc -I. --go_out=. --go_opt=paths=source_relative pkg/messaging/*.proto
-    	protoc -I. --go_out=. --go_opt=paths=source_relative --go-grpc_out=. --go-grpc_opt=paths=source_relative *.proto
+    	protoc -I. --go_out=. --go_opt=paths=source_relative --go-grpc_out=. --go-grpc_opt=paths=source_relative users/policies/*.proto
+    	protoc -I. --go_out=. --go_opt=paths=source_relative --go-grpc_out=. --go-grpc_opt=paths=source_relative things/policies/*.proto
     $(SERVICES):
     	$(call compile_service,$(@))
@@ Expand Down @@

README.md

-Original file line number
+Diff line change
@@ Expand Up @@
     - Mutual TLS Authentication (mTLS) using X.509 Certificates
     - Fine-grained access control (policies, ABAC/RBAC)
     - Message persistence (Cassandra, InfluxDB, MongoDB and PostgresSQL)
-    - Platform logging and instrumentation support (Prometheus and OpenTracing)
+    - Platform logging and instrumentation support (Prometheus and OpenTelemetry)
     - Event sourcing
     - Container-based deployment using [Docker][docker] and [Kubernetes][kubernetes]
     - [LoRaWAN][lora] network integration
@@ Expand Down @@

0 comments on commit `55e09c1`

Please sign in to comment.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Commit

There are no files selected for viewing

0 comments on commit `55e09c1`

Commit

There are no files selected for viewing

0 comments on commit 55e09c1

0 comments on commit `55e09c1`