-
Notifications
You must be signed in to change notification settings - Fork 456
Privileged access subsystem #393
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from all commits
Commits
Show all changes
13 commits
Select commit
Hold shift + click to select a range
b56f0cf
Initial commit for authentication layer
whisperity 7be0cf2
Clientside preconfigured credentials and automatic login if no sessio…
whisperity 24f05d9
Better authentication with less config reads and session storage
whisperity 6b76a60
Increase security by preventing session bleedover with clients from b…
whisperity b86f406
Move configuration file to user's HOME folder and implement dictionar…
whisperity b51c37e
Configurable session soft and hard timeout, and prune session after N…
whisperity cbef8cf
Made code pep8-compliant
whisperity 3d79813
LDAP authentication and configuration
whisperity 2781215
Tests for privileged access
whisperity 52b5a81
Make authentication dependencies optional and handle missing ones wit…
whisperity a66c809
Put authentication persistencies into more appropriate locations
whisperity 550d210
PAM authentication module for privileged access
whisperity 3d6f5b9
Moved authentication modules to a different .ci file and use portalocker
whisperity File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| python-ldap==2.4.22.0 | ||
| python-pam==1.8.2 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,4 @@ | ||
| sqlalchemy==1.0.9 | ||
| alembic==0.8.2 | ||
| thrift==0.9.1 | ||
| portalocker=1.0.0 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -3,3 +3,4 @@ alembic==0.8.2 | |
| psycopg2==2.5.4 | ||
| pg8000==1.10.2 | ||
| thrift==0.9.1 | ||
| portalocker==1.0.0 | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There seems to be some repetition. Does a local function make this code shorter overall?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So far we generated the source files with Thrift files differently for the report server (python only) and the report viewer (python and javascript). The authentication is python only which could be refactored into a separate function with the report server source file generation. I'm not sure it will be so much shorter, right now the generate_thrift_files function is not that long. If you think it is better you can refactor it into a separate function.