archive/pillar
0
0
Fork 0
Code Issues 42 Pull Requests Projects Releases Wiki Activity
1,324 Commits 12 Branches 2 Tags
Commit Graph

9 Commits

Author SHA1 Message Date
Sybren A. Stüvel
bd13d89817 Added permission check to DELETE of nodes. 2017-07-13 17:29:46 +02:00
Sybren A. Stüvel
59a95450e5 Updated Eve, Flask, and Werkzeug. Adjusted code to make Pillar work again. 
Eve     : 0.6.3   → 0.7.3
Flask   : 0.10.1  → 0.12.2
Werkzeug: 0.11.10 → 0.11.15

Also updated some secondary requirements.
 2017-05-18 15:46:02 +02:00
Sybren A. Stüvel
fdaf4af31a Modernised some unit tests 2017-05-05 14:40:37 +02:00
Sybren A. Stüvel
69d7c5c5ce Allow service accounts to be email-less 
This removes the ability of updating service accounts through the CLI
(something we never used anyway), now that service accounts cannot be
uniquely identified by their email address.
 2017-05-05 14:34:18 +02:00
Sybren A. Stüvel
d0557445cd Fix privilege escalation leak 
A PUT request on /api/user/{user-id} by the user themselves would allow
too much, and would allow self-granting of roles (including admin),
group membership (so join any arbitrary project) and pretend to be
service accounts.
 2017-05-04 12:48:30 +02:00
Sybren A. Stüvel
bced6cae68 Ran 2to3 on unittests, same sort of manual fixups as before 2017-03-22 15:49:51 +01:00
Sybren A. Stüvel
3afeeaccd0 Removed permission keys from node type definitions. 
This prevents replace_pillar_node_type_schemas() from overwriting existing
permissions.
 2016-10-20 13:05:43 +02:00
Sybren A. Stüvel
eea934a86a Added username to public user fields 2016-10-19 16:57:17 +02:00
Francesco Siddi
2c5dc34ea2 Introducing Pillar Framework 
Refactor of pillar-server and pillar-web into a single python package. This
simplifies the overall architecture of pillar applications.

Special thanks @sybren and @venomgfx
 2016-08-19 09:19:06 +02:00