Chaim Lev-Ari
ac7d819620
style(proxy): fix function name ( #4970 )
2021-04-09 09:02:48 +12:00
Chaim Lev-Ari
86ad1c6af1
feat(stacks): scope stack names to endpoint ( #4520 )
...
* refactor(stack): create unique name function
* refactor(stack): change stack resource control id
* feat(stacks): validate stack unique name in endpoint
* feat(stacks): prevent name collision with external stacks
* refactor(stacks): move resource id util
* refactor(stacks): supply resource id util with name and endpoint
* fix(docker): calculate swarm resource id
* feat(stack): prevent migration if stack name already exist
* feat(authorization): use stackutils
2021-02-23 21:18:05 +01:00
Chaim Lev-Ari
46dec01fe3
feat(endpoint): relocate docker security settings ( #4657 )
...
* feat(endpoint): migrate security settings to endpoint
* feat(endpoint): check for specific endpoint settings
* feat(endpoint): check security settings
* feat(docker): add config page
* feat(endpoint): save settings page
* feat(endpoints): disable features when not agent
* feat(sidebar): hide docker settings for regular user
* fix(docker): small fixes in configs
* fix(volumes): hide browse button for non admins
* refactor(docker): introduce switch component
* refactor(components/switch): seprate label from switch
* feat(app/components): align switch label
* refactor(app/components): move switch css
* fix(docker/settings): add ngijnect
* feat(endpoints): set default security values
* style(portainer): sort types
* fix(endpoint): rename security heading
* fix(endpoints): update endpoints settings
2021-02-09 21:09:06 +13:00
Chaim Lev-Ari
93d8c179f1
feat(containers): enforce disable bind mounts ( #4110 )
...
* feat(containers): enforce disable bind mounts
* refactor(docker): move check for endpoint admin to a function
* feat(docker): check if service has bind mounts
* feat(services): allow bind mounts for endpoint admin
* feat(container): enable bind mounts for endpoint admin
* fix(services): fix typo
2020-07-29 21:10:46 +12:00
Chaim Lev-Ari
7c3b83f6e5
refactor(portainer): introduce internal package ( #3924 )
...
* refactor(auth): move auth helpers to internal package
* refactor(edge-compute): move edge helpers to internal package
* refactor(tags): move tags helper to internal package
* style(portainer): sort imports
2020-06-16 19:58:16 +12:00
Anthony Lapenna
19d4db13be
feat(api): rewrite access control management in Docker ( #3337 )
...
* feat(api): decorate Docker resource creation response with resource control
* fix(api): fix a potential resource control conflict between stacks/volumes
* feat(api): generate a default private resource control instead of admin only
* fix(api): fix default RC value
* fix(api): update RC authorizations check to support admin only flag
* refactor(api): relocate access control related methods
* fix(api): fix a potential conflict when fetching RC from database
* refactor(api): refactor access control logic
* refactor(api): remove the concept of DecoratedStack
* feat(api): automatically remove RC when removing a Docker resource
* refactor(api): update filter resource methods documentation
* refactor(api): update proxy package structure
* refactor(api): renamed proxy/misc package
* feat(api): re-introduce ResourceControlDelete operation as admin restricted
* refactor(api): relocate default endpoint authorizations
* feat(api): migrate RBAC data
* feat(app): ResourceControl management refactor
* fix(api): fix access control issue on stack deletion and automatically delete RC
* fix(api): fix stack filtering
* fix(api): fix UpdateResourceControl operation checks
* refactor(api): introduce a NewTransport builder method
* refactor(api): inject endpoint in Docker transport
* refactor(api): introduce Docker client into Docker transport
* refactor(api): refactor http/proxy package
* feat(api): inspect a Docker resource labels during access control validation
* fix(api): only apply automatic resource control creation on success response
* fix(api): fix stack access control check
* fix(api): use StatusCreated instead of StatusOK for automatic resource control creation
* fix(app): resource control fixes
* fix(api): fix an issue preventing administrator to inspect a resource with a RC
* refactor(api): remove useless error return
* refactor(api): document DecorateStacks function
* fix(api): fix invalid resource control type for container deletion
* feat(api): support Docker system networks
* feat(api): update Swagger docs
* refactor(api): rename transport variable
* refactor(api): rename transport variable
* feat(networks): add system tag for system networks
* feat(api): add support for resource control labels
* feat(api): upgrade to DBVersion 22
* refactor(api): refactor access control management in Docker proxy
* refactor(api): re-implement docker proxy taskListOperation
* refactor(api): review parameters declaration
* refactor(api): remove extra blank line
* refactor(api): review method comments
* fix(api): fix invalid ServerAddress property and review method visibility
* feat(api): update error message
* feat(api): update restrictedVolumeBrowserOperation method
* refactor(api): refactor method parameters
* refactor(api): minor refactor
* refactor(api): change Azure transport visibility
* refactor(api): update struct documentation
* refactor(api): update struct documentation
* feat(api): review restrictedResourceOperation method
* refactor(api): remove unused authorization methods
* feat(api): apply RBAC when enabled on stack operations
* fix(api): fix invalid data migration procedure for DBVersion = 22
* fix(app): RC duplicate on private resource
* feat(api): change Docker API version logic for libcompose/client factory
* fix(api): update access denied error message to be Docker API compliant
* fix(api): update volume browsing authorizations data migration
* fix(api): fix an issue with access control in multi-node agent Swarm cluster
2019-11-13 12:41:42 +13:00