archive/pillar
0
0
Fork 0
Code Issues 42 Pull Requests Projects Releases Wiki Activity
1,163 Commits 12 Branches 2 Tags
118de127127773d1a04d056946229ef6a87ad19c
Commit Graph

8 Commits

Author SHA1 Message Date
Sybren A. Stüvel
d0557445cd Fix privilege escalation leak 
A PUT request on /api/user/{user-id} by the user themselves would allow
too much, and would allow self-granting of roles (including admin),
group membership (so join any arbitrary project) and pretend to be
service accounts.
 2017-05-04 12:48:30 +02:00
Sybren A. Stüvel
663627358f Ran 2to3 on pillar + some manual fixups 
The 'manual fixups' are:

- incorrect use of dict.items() where dict.iteritems() was meant; this
  results in list(dict.items()), which I changed to dict.items().
- removal of 'from __future__ import' lines, which 2to3 changes into
  empty lines; I removed the empty lines.
 2017-03-22 15:49:51 +01:00
Francesco Siddi
27df603299 Started moving processing function in subclasses 2017-03-01 08:56:26 +01:00
Sybren A. Stüvel
51c2c1d568 Make it possible for Pillar extensions to add service accounts. 2016-11-01 14:00:00 +01:00
Sybren A. Stüvel
0146b568c0 Allow extra fields in activities. 2016-10-12 14:29:28 +02:00
Sybren A. Stüvel
8aab88bdc2 Activities now have explicit project ID 
This allows for directly querying activity on a certain project.
Used in Attract for task/shot activity streams.
 2016-10-12 13:40:27 +02:00
Sybren A. Stüvel
78824c9c2a Allow extensions to define custom project properties 2016-09-20 15:59:39 +02:00
Francesco Siddi
2c5dc34ea2 Introducing Pillar Framework 
Refactor of pillar-server and pillar-web into a single python package. This
simplifies the overall architecture of pillar applications.

Special thanks @sybren and @venomgfx
 2016-08-19 09:19:06 +02:00