sftpgo-mirror/internal
Nicola Murino 3dd412f6e3
WebAdmin and REST API: remove too granular permissions
Our permissions system for admin users is too granular and some
permissions overlap. For example, you can define an administrator
with the "manage_system" permission and not with the "manage_admins"
or "manage_user" permission, but the "manage_system" permission
allows you to restore a backup and then create users and
administrators. The following permissions will be removed:
"manage_admins", "manage_apikeys", "manage_system", "retention_checks",
"manage_event_rules", "manage_roles", "manage_ip_lists". Now you
need to add the "*" permission to replace the removed granular
permissions because the removed permissions allow actions that
should only be allowed to super administrators.
There is no point in having separate, overlapping permissions.

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2024-11-10 10:46:28 +01:00
..
acme EventManager: add datetime placeholder 2024-10-08 18:39:00 +02:00
bundle remove end year from Copyright notice in files 2024-01-01 11:31:45 +01:00
cmd kms: add support for Oracle Key Vault 2024-10-02 18:14:05 +02:00
command replace utils.Contains with slices.Contains 2024-07-24 18:27:13 +02:00
common EventManager: allow to define the allowed system commands 2024-11-01 11:37:33 +01:00
config EventManager: allow to define the allowed system commands 2024-11-01 11:37:33 +01:00
dataprovider WebAdmin and REST API: remove too granular permissions 2024-11-10 10:46:28 +01:00
ftpd fix connection limits 2024-10-26 21:18:19 +02:00
httpclient remove end year from Copyright notice in files 2024-01-01 11:31:45 +01:00
httpd WebAdmin and REST API: remove too granular permissions 2024-11-10 10:46:28 +01:00
httpdtest user: add additional emails 2024-10-11 19:20:51 +02:00
kms kms: add support for Oracle Key Vault 2024-10-02 18:14:05 +02:00
logger log: fix level for transfer logs 2024-10-03 19:07:07 +02:00
metric remove end year from Copyright notice in files 2024-01-01 11:31:45 +01:00
mfa remove end year from Copyright notice in files 2024-01-01 11:31:45 +01:00
plugin plugins: fix passing additional environment variables 2024-11-05 18:06:58 +01:00
service kms: add support for Oracle Key Vault 2024-10-02 18:14:05 +02:00
sftpd fix connection limits 2024-10-26 21:18:19 +02:00
smtp smtp: replace deprecated method 2024-08-17 09:17:22 +02:00
telemetry httpd: allow to use proxy protocol 2024-08-10 21:02:38 +02:00
util don't allow admins to change their own permissions 2024-11-09 20:24:35 +01:00
version back to development 2024-05-16 04:54:46 +02:00
vfs remove some useless hooks 2024-09-27 15:52:51 +02:00
webdavd fix connection limits 2024-10-26 21:18:19 +02:00