Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor(api): change FiatPermissionEvaluator to implement UserPermis… #1155

Merged
merged 2 commits into from
Apr 27, 2024
Merged

refactor(api): change FiatPermissionEvaluator to implement UserPermis… #1155

merged 2 commits into from
Apr 27, 2024

Conversation

dbyron-sf
Copy link
Contributor

@dbyron-sf dbyron-sf commented Apr 26, 2024
edited
Loading

…sionEvaluator

instead of PermissionEvaluator, and mark

public boolean hasPermission(
      String username, Serializable resourceName, String resourceType, Object authorization)

as @Override.

This makes this method available to e.g. S3ArtifactStoreGetter so it can authenticate by user. In some pipeline execution scenarios in orca (e.g. using #fetchReference in an Evaluate Variables stage), this is necessary since SecurityContextHolder.getContext() is null.

depends on spinnaker/kork#1179.

@dbyron-sf
refactor(api): change FiatPermissionEvaluator to implement UserPermis…
02d947d 
…sionEvaluator

instead of PermissionEvaluator, and mark

public boolean hasPermission(
      String username, Serializable resourceName, String resourceType, Object authorization)

as @OverRide.

This makes this method available to e.g. S3ArtifactStoreGetter so it can authenticate by
user.  In some pipeline execution scenarios in orca (e.g. using #fetchReference in an
Evaluate Variables stage), this is necessary since SecurityContextHolder.getContext() is
null.
@dbyron-sf
Copy link
Contributor Author

@Mergifyio update

@mergify Mergify
Copy link
Contributor

mergify bot commented Apr 27, 2024

update

✅ Branch has been successfully updated

@dbyron-sf dbyron-sf marked this pull request as ready for review April 27, 2024 01:33
@dbyron-sf dbyron-sf added the ready to merge Approved and ready for merge label Apr 27, 2024
@mergify mergify bot added the auto merged label Apr 27, 2024
@mergify mergify bot merged commit 5c90023 into spinnaker:master Apr 27, 2024
4 checks passed
@dbyron-sf dbyron-sf deleted the use-UserPermissionEvaluator branch April 27, 2024 01:47
@dbyron-sf dbyron-sf mentioned this pull request Apr 27, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@xibz xibz xibz approved these changes

@cfieber cfieber Awaiting requested review from cfieber cfieber is a code owner

@jonsie jonsie Awaiting requested review from jonsie jonsie is a code owner

Assignees
No one assigned
Labels
auto merged ready to merge Approved and ready for merge target-release/1.35
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dbyron-sf @xibz @spinnakerbot