zot icon indicating copy to clipboard operation
zot copied to clipboard

Published 20 hours ago verified publisher icon project-zot

graphql: Apply authorization on /_search endpoint

Open alexstan12 opened this issue 2 years ago • 2 comments

  • AccessControlContext now resides in a separate package from where it can be imported, along with the contextKey that will be used to set and retrieve this context value.

  • AccessControlContext has a new field called Username, that will be of use for future implementations in graphQL resolvers.

  • GlobalSearch resolver now uses this context to filter repos available to the logged user.

Closes #615

What type of PR is this? feature

Which issue does this PR fix: using authz context for use on GraphQl resolvers

What does this PR do / Why do we need it:

If an issue # is not available please add repro steps and logs showing the issue:

Testing done on this change:

Automation added to e2e:

Will this break upgrades or downgrades?

Does this PR introduce any user-facing change?:

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

alexstan12 avatar Aug 16 '22 09:08 alexstan12

Codecov Report

Merging #728 (2a7b723) into main (74630ed) will increase coverage by 0.22%. The diff coverage is 89.17%.

@@            Coverage Diff             @@
##             main     #728      +/-   ##
==========================================
+ Coverage   88.43%   88.66%   +0.22%     
==========================================
  Files          65       66       +1     
  Lines       11865    12692     +827     
==========================================
+ Hits        10493    11253     +760     
- Misses       1077     1123      +46     
- Partials      295      316      +21
Impacted Files Coverage Δ
pkg/extensions/search/common/common.go 92.94% <ø> (+6.12%) :arrow_up:
pkg/extensions/sync/signatures.go 81.56% <ø> (ø)
pkg/extensions/search/schema.resolvers.go 79.89% <71.42%> (-2.17%) :arrow_down:
pkg/extensions/search/cve/cve.go 87.41% <72.72%> (-2.44%) :arrow_down:
pkg/api/routes.go 97.91% <80.00%> (+<0.01%) :arrow_up:
pkg/extensions/search/digest/digest.go 89.13% <83.33%> (ø)
pkg/storage/s3/s3.go 86.10% <85.71%> (+0.32%) :arrow_up:
pkg/extensions/search/resolver.go 88.53% <88.61%> (-0.83%) :arrow_down:
pkg/cli/service.go 78.59% <89.47%> (+2.46%) :arrow_up:
pkg/storage/local.go 84.56% <89.68%> (+1.16%) :arrow_up:
... and 19 more

:mega: We’re building smart automated test selection to slash your CI/CD build times. Learn more

codecov[bot] avatar Aug 16 '22 11:08 codecov[bot]

lgtm

eusebiu-constantin-petu-dbk avatar Aug 16 '22 13:08 eusebiu-constantin-petu-dbk