|
|
17e437ce68
|
fix(access): Use request.method for determining the HTTP/Method for permission checks
ref: #442 #456
|
2024-12-27 18:50:09 +09:30 |
|
|
|
7c62643c6c
|
feat(access): Enforce view action and HTTP/Method match for permission checks
ref: #442 #456
|
2024-12-27 18:26:58 +09:30 |
|
|
|
f211f022a0
|
Merge pull request #454 from nofusscomputing/refactor-permission-checking
|
2024-12-26 21:55:21 +09:30 |
|
|
|
dc553317de
|
refactor(api): dedup code within viewset mixin
ref: #442 #454
|
2024-12-26 20:52:27 +09:30 |
|
|
|
aee6ccfb7a
|
test(core): remove different org testcase from history checks
this model is not a tenancy model yet. See #455 for details
ref: #442 #454 #455
|
2024-12-26 16:10:21 +09:30 |
|
|
|
10becacbf7
|
fix(access): Add HTTP/Method=DELETE as valid option for object delete/destroy.
ref: #442 #454
|
2024-12-26 15:31:02 +09:30 |
|
|
|
4545b3d721
|
test(core): When testing if history access is possible for user with perms, correct status is HTTP/200
ref: #442 #454
|
2024-12-26 14:12:07 +09:30 |
|
|
|
534186a7f9
|
fix(access): Ensure Object permission are checked when an object is having an action performed against it.
ref: #442 #454
|
2024-12-26 14:11:05 +09:30 |
|
|
|
4be1e97cbe
|
refactor(access): Object permission checking moved to has_object_permission function
ref: #442 #454
|
2024-12-26 00:49:40 +09:30 |
|
|
|
f2181b018d
|
refactor(access): move ability to get required permissions from permissions mixin to organization mixin
ref: #442 #454
|
2024-12-26 00:33:21 +09:30 |
|
|
|
d39f9ad463
|
refactor(core): move ticket linked item to dynamic parent model
now possible due to org mixins re-write
ref: #442 #454
|
2024-12-25 21:00:11 +09:30 |
|
|
|
6ff3d83222
|
refactor(api): Use new re-writen Mixins for Tenancy and Permission checks
ref: #442 #454
|
2024-12-25 20:59:14 +09:30 |
|
|
|
96ff5bd839
|
refactor(access): Organization Permission Mixin now caters for API ONLY
ref: #442 #454
|
2024-12-25 20:57:45 +09:30 |
|
|
|
d61929adaa
|
refactor(access): Organization Mixin now caters for API ONLY
ref: #442 #454
|
2024-12-25 20:57:31 +09:30 |
|
|
|
04d1795a1b
|
fix(core): History View is a read-only view
ref: #442 #454
|
2024-12-25 19:05:48 +09:30 |
|
|
|
7ced4cf524
|
fix(core): Permissions for Related ticket to be derived from ticket org
ref: #442 #454
|
2024-12-25 19:05:19 +09:30 |
|
|
|
bc1600e07b
|
fix(access): Team User permission organiztion is team org
ref: #442 #454
|
2024-12-25 19:04:19 +09:30 |
|
|
|
2c715d69fa
|
test(access): When adding org, test case must use non-super user
ref: #442 #454
|
2024-12-25 19:02:04 +09:30 |
|
|
|
595209709b
|
test(itim): Ensure external_links are returned as part of _urls
ref: #450 #452
|
2024-12-24 16:44:13 +09:30 |
|
|
|
0db83614a7
|
feat(itim): External Links to display on cluster details page
ref: #450 #452
|
2024-12-24 16:40:15 +09:30 |
|
|
|
b13bfdb47d
|
test(itim): Add API v2 permission checks for cluster services
ref: #452 fixes #451
|
2024-12-24 16:12:19 +09:30 |
|
|
|
0b6ec7bba8
|
test(itim): Add API v2 permission checks for device services
ref: #451 #452
|
2024-12-24 16:11:43 +09:30 |
|
|
|
1fcab6f245
|
feat(api): Add API v2 Endpoint for cluster services
ref: #451 #452
|
2024-12-24 16:10:57 +09:30 |
|
|
|
384b0e1d10
|
feat(api): distinguish between read-only and authenticateed user permissions
ref: #451 #452
|
2024-12-24 16:08:22 +09:30 |
|
|
|
037a5c80d3
|
Merge branch 'development'
|
2024-12-23 07:50:40 +00:00 |
|
|
|
bd31777331
|
build: bump version 1.5.0 -> 1.6.0
1.6.0
|
2024-12-23 07:50:39 +00:00 |
|
|
|
bc16498533
|
Merge pull request #446 from nofusscomputing/development
|
2024-12-23 17:20:25 +09:30 |
|
|
|
1df7499dab
|
Merge pull request #424 from nofusscomputing/feature-next-release
|
2024-12-23 17:09:14 +09:30 |
|
|
|
c1cd9803b1
|
Merge pull request #443 from nofusscomputing/2024-12-23
|
2024-12-23 16:58:50 +09:30 |
|
|
|
54d653fa3a
|
fix(core): Add missing KB article delete signal for ticket linking cleanup
ref: #443 closes #416
|
2024-12-23 16:45:00 +09:30 |
|
|
|
19cee0cbe2
|
chore(base): add TicketLinkedItem migration for item type
ref: #416 #443
|
2024-12-23 16:43:57 +09:30 |
|
|
|
4eb6064bd1
|
fix(core): Ensure for KB article permissions can be correctly checked
ref: #416 #443
|
2024-12-23 15:50:12 +09:30 |
|
|
|
729305fa3e
|
fix(core): use cooorect model name for choices
ref: #416 #443
|
2024-12-23 15:49:37 +09:30 |
|
|
|
83a20f2b7b
|
test(core): KB article delete ticket link clean up checks
ref: #416 #443
|
2024-12-23 15:49:05 +09:30 |
|
|
|
5f3db741f2
|
test(core): KB Ticket linking serializer checks
ref: #416 #443
|
2024-12-23 15:48:13 +09:30 |
|
|
|
9a2625ec3b
|
test(core): KB Ticket linking permission checks
ref: #416 #443
|
2024-12-23 15:48:02 +09:30 |
|
|
|
d172db09b3
|
docs: add kb link reference
ref: #416 #443
|
2024-12-23 14:33:19 +09:30 |
|
|
|
c33416d977
|
Merge pull request #441 from nofusscomputing/2024-12-22
|
2024-12-22 21:38:58 +09:30 |
|
|
|
6c50088355
|
fix(itam): Use Device organization for device operating system
ref: #434 #441
|
2024-12-22 21:26:22 +09:30 |
|
|
|
2dfab2a2e4
|
fix(settings): remove field owner_organization from App Settings
ref: #441 fixes #439
|
2024-12-22 21:09:24 +09:30 |
|
|
|
0f5b2b6630
|
fix(core): Use object organization for ticket linked items
ref: #434 #441
|
2024-12-22 21:04:24 +09:30 |
|
|
|
60db1636a6
|
fix(itam): Use Software organization for Software Version
ref: #434 #441
|
2024-12-22 20:15:56 +09:30 |
|
|
|
f317ecb2e2
|
fix(itam): Use Operating System organization for OS Version
ref: #434 #441
|
2024-12-22 20:15:39 +09:30 |
|
|
|
7528adcd2f
|
fix(itam): Use Device organization for device software
ref: #434 #441
|
2024-12-22 20:12:00 +09:30 |
|
|
|
c84c0f5d82
|
fix(core): Use Ticket organization for ticket linked items
ref: #434 #441
|
2024-12-22 20:11:34 +09:30 |
|
|
|
8ed3e38403
|
fix(core): Use parent model organization for object notes
ref: #434 #441
|
2024-12-22 19:51:53 +09:30 |
|
|
|
6c95105528
|
refactor(access): Adjust permission check logic to use try..catch instead of gettattr due to base method throwing exception
if method is not overridden, the base class throws an exception instead of returning None
ref: #434 #441
|
2024-12-22 19:02:21 +09:30 |
|
|
|
40e2da5d8f
|
fix(access): During permission checking also use get_serializer if avail
ref: #434 #441
|
2024-12-22 18:15:03 +09:30 |
|
|
|
116655cf2e
|
fix(access): default to empty when attempting to get view attribute
ref: #434 #441
|
2024-12-22 17:45:39 +09:30 |
|
|
|
3d47a7157a
|
test(core): Add data for ticket comment does not use organization field
this fields value is the tickets org value
ref: #441 fixes #434
|
2024-12-22 17:24:47 +09:30 |
|
