Accept token when creating or updating a task, but only report back the
authorization ID.
This means the executor and the platform adapter are now both aware of
an Authorization Service.
test(http): get user off of session in create authz test
fix(http): allow user id to be specified explicitly on authorization
create authorization now allows specifying user id explicitly. If no
user id is specified then we use the user id from the authorizer.
fix(http): use influxdb import
fix(http): use platform error in http auth tests
feat(cmd/influx): allow create auth command to specify user explicitly
feat(http): add org id to permissions
filter out resources that have mission IDs
fix(influxdb): simplify auth check in PermissionAllowed
review(platform): update as noted in review
fix(influxdb): ensure permission has valid org id
I did this with a dumb editor macro, so some comments changed too.
Also rename root package from platform to influxdb.
In interest of minimizing risk, anyone importing the root package has
now aliased it to "platform" so that no changes beyond imports were
necessary in those files.
Lastly, replace the old platform module to local path /dev/null so that
nobody can accidentally reintroduce a platform dependency while
migrating platform code to influxdb.
This iterface is supposed to be something that both sessions and
authorizations can share so that other components can authorize requests
as they see fit.
feat(platform): add id to authorization
feat(platform): add user arg to CreateAuthorization method on auth svc
migrate(platform): move idp command to platform directory
This comit did not move the ifql command as it depends on the query
service which has yet to be migrated.
feat(platform): add optional user name to authorization struct
feat(platform): add organization name to bucket struct
Additionally allow filtering buckets by organization name.
feat(prom): ensure that prom auth svc implement base interface
feat(prometheus): add user to create authorization method
feat(prom): drop user string from create authorization
feat(zap): ensure that zap auth svc implements base service interface
feat(zap): add user to create authorization method
feat(zap): drop user string from create authorization
feat(http): add ids to authorization service
feat(http): ensure that http authoriztaion service implements auth svc interface
feat(http): use authorization ids in authorization handler
squash(http): add check for http status accepted in authorization service
feat(http): clean up authorization service and handlers
feat(http): drop user string from create authorization
fix(http): normalize the http authorization service
feat(http): normalize bucket service and handler methods
Additonally, we added support for DELETE bucket
feat(http): add delete user handler
Additionally, there was a bit of general cleanup
feat(http): add delete route for organization handler and service
Did a bit of additional cleanup of the http code.
test(testing): add service conformance tests
test(testing): add organization service conformance tests
test(testing): add conformance test for orgs service
Additionally, there was a bit of cleanup in the users service tests
test(testing): add conformance test for authorizations service
test(testing): update auth tests to validate that user exists
test(testing): update authorization conformance tests with user name
test(testing): update bucket conformance tests to include organizations
feat(bolt): add bolt implementation services
feat(bolt): add bolt implementation of organization service
feat(bolt): add bolt implementation of users service
feat(bolt): add bolt implementation of authorization service
feat(bolt): add user to create authorization method
feat(bolt): drop user string from create authorization
fix(bolt): set user name on authorization after put
feat(bolt): update bucket servie to include organizations
feat(bolt): add dependent destroy of resources
feat(cmd/idpd): use bolt services in platform server
feat(cmd/idpd): use bolt organization service in platform server
feat(cmd/idpd): use bolt users service in plaform server
feat(cmd/idpd): use bolt client as authorization service
feat(cmd/idp): show user name in output of auth sub command
feat(cmd/idp): clean up bucket subcommand of idp command
fix(cmd/idp): normalize idp command output for users
fix(cmd/idp): normalize auth subcommand output
feat(cmd/idp): add support for delete organiztion command
migrate(idp): move ifql subcommand of idp to platform
Kelvin Wang
Mark Rushakoff
Michael Desa
Mark Rushakoff
Andrew Watkins
Chris Goller
Lyon Hill
Leonardo Di Donato