Mon, 08 Apr 2019 00:11:20 +0200 |
Mads Kiilerich |
auth: make User.get_by_api_key more strict about only returning active non-default users
|
Thu, 03 Jan 2019 01:22:56 +0100 |
Mads Kiilerich |
auth: move IP check to AuthUser.make - it is more about accepting authentication than about permissions after authentication
|
Thu, 03 Jan 2019 01:22:45 +0100 |
Mads Kiilerich |
auth: introduce AuthUser.make factory which can return None if user can't be authenticated
|
Sun, 07 Apr 2019 23:44:17 +0200 |
Mads Kiilerich |
auth: remove AuthUser __init__ magic for fallback to default user instead of the requested user
|
Thu, 03 Jan 2019 01:22:06 +0100 |
Mads Kiilerich |
auth: drop unused AuthUser.is_authenticated
|
Sun, 07 Apr 2019 23:35:23 +0200 |
Mads Kiilerich |
auth: use other and better checks than is_authenticated
|
Thu, 03 Jan 2019 01:16:36 +0100 |
Mads Kiilerich |
auth: drop api_access_controllers_whitelist and give API key auth same access as other kinds of auth
|
Mon, 31 Dec 2018 02:32:23 +0100 |
Mads Kiilerich |
auth: refactor auth computation, introducing bump_permission helper function
|
Sat, 29 Dec 2018 19:16:56 +0100 |
Mads Kiilerich |
auth: drop "multiple_counter" from computing permissions
|
Sat, 29 Dec 2018 18:55:01 +0100 |
Mads Kiilerich |
auth: minor refactoring of computation of admin access for repo owners
|
Sat, 29 Dec 2018 18:39:46 +0100 |
Mads Kiilerich |
auth: drop the internal "explicit" flag - the new default is all we want; explicit permissions should never blindly overrule indirect permissions
|
Sat, 29 Dec 2018 17:48:07 +0100 |
Mads Kiilerich |
auth: explicit user permission should not blindly overrule permissions through user groups
|
Mon, 31 Dec 2018 02:25:11 +0100 |
Mads Kiilerich |
auth: global permissions given to the default user are the bare minimum and should apply to *all* other users too
|
Thu, 03 Jan 2019 01:03:27 +0100 |
Mads Kiilerich |
auth: minor code improvements around global permission
|