|
|
4ebff09671
|
fix(api): Ensure ALL required classes for viewset are inherited
ref: #459
|
2025-01-04 19:14:25 +09:30 |
|
|
|
e7601e311a
|
test(access): Skip test case for appsettings different organization due to model not being tenancy model.
ref: #448 #459
|
2025-01-04 18:26:12 +09:30 |
|
|
|
1087dde2d5
|
test(access): Ensure items returned from query are from user organization and/or globally set organization
ref: #459 closes #448
|
2025-01-04 18:04:02 +09:30 |
|
|
|
dd72843ffb
|
feat(access): Enable Objects from global organization to be viewable by user with the permission
ref: #448 #459
|
2025-01-03 12:14:26 +09:30 |
|
|
|
0d5f329146
|
feat(access): Enable Objects from globally set organization to return within query
ref: #448 #459
|
2025-01-03 12:00:46 +09:30 |
|
|
|
4b2a89c992
|
chore: test cleanup
ref: #459 closes #437
|
2025-01-03 10:09:38 +09:30 |
|
|
|
a4a9f2c3a9
|
feat(access): Enable the calling of the dynamic permissions function to obtain permissions
creates recursive loop
ref: #437 #459
|
2025-01-02 17:01:01 +09:30 |
|
|
|
e69c1e1b99
|
fix(itam): Dont query parent class for permissions
creates recursive loop
ref: #437 #459
|
2025-01-02 17:00:14 +09:30 |
|
|
|
0b362f04ee
|
test(itam): API v2 Inventory Permission Check skip diff org
ref: #437 #459 #461
|
2025-01-02 16:57:30 +09:30 |
|
|
|
d1dc330744
|
test(itam): API v2 Inventory Permission Checks
ref: #437 #459
|
2025-01-02 16:54:55 +09:30 |
|
|
|
ed8f8ae411
|
test: mv inventory test to itam app
ref: #437 #459
|
2025-01-02 13:58:06 +09:30 |
|
|
|
d33cf96db3
|
fix(core): If no org specified serializer fetch, dont attempt to access
ref: #459
|
2025-01-01 18:33:30 +09:30 |
|
|
|
f7b444b8e4
|
fix(access): If no org specified during permission check, rtn false for permission
ref: #437 #459
|
2025-01-01 18:25:44 +09:30 |
|
|
|
1fd433e621
|
feat(itam): Cater for RabbitMQ errors when uploading inventory
ref: #437 #459
|
2025-01-01 17:31:39 +09:30 |
|
|
|
df037e59c9
|
fix(itam): return serializer for inventory endpoint
ref: #437 #459
|
2025-01-01 17:31:06 +09:30 |
|
|
|
ddbce0c0ce
|
feat(itam): On Inventory upload validate existing device
ref: #437 #459
|
2024-12-31 14:10:35 +09:30 |
|
|
|
3c120291d2
|
refactor(itam): Device UUID field requires no default
ref: #437 #459
|
2024-12-31 13:29:37 +09:30 |
|
|
|
d6eea69c52
|
refactor(itam): mv inventory task to itam app
ref: #437
|
2024-12-31 11:32:18 +09:30 |
|
|
|
845a5fb473
|
test(access): Test Cases for Organization Permission Mixin
ref: #456 # closes #442
|
2024-12-28 21:37:01 +09:30 |
|
|
|
14b7c6d55b
|
fix(api): base index must inherit from IndexViewset
ref: #442 #456
|
2024-12-28 19:53:56 +09:30 |
|
|
|
406fd1bb01
|
fix(core): Dont attempt to access the object if it doesn't exist when fetching ticket permissions
ref: #442 #456
|
2024-12-28 18:32:25 +09:30 |
|
|
|
4656617583
|
fix(access): Cached list objects must be a list including an empty one as required
ref: #442 #456
|
2024-12-28 18:31:53 +09:30 |
|
|
|
08b113b1ba
|
feat(access): During permission checking also capture Http404
ref: #442 #456
|
2024-12-28 18:06:22 +09:30 |
|
|
|
a07dee370c
|
refactor(access): Use exceptions for permission flow as required
ref: #442 #456
|
2024-12-28 17:33:11 +09:30 |
|
|
|
fbaf8770df
|
feat(access): Super User to be granted permission
ref: #442 #456
|
2024-12-28 16:19:35 +09:30 |
|
|
|
e96916768e
|
feat(access): Cache the permission required during permission checking
ref: #442 #456
|
2024-12-28 15:47:12 +09:30 |
|
|
|
8e1cf2401a
|
fix(core): when gather ticket permissions, use getter as object may not exist
ref: #442 #456
|
2024-12-28 15:45:47 +09:30 |
|
|
|
580abaefa6
|
fix(core): action metadata to use view permission for tickets
ref: #442 #456
|
2024-12-28 15:11:50 +09:30 |
|
|
|
193c6c3b7f
|
feat(api): Add IndexViewset to ViewSet mixin
ref: #442 #456
|
2024-12-27 23:03:39 +09:30 |
|
|
|
62fcb5aa01
|
test(api): Adjust test case for metadata visibility
view user only
ref: #442 #456
|
2024-12-27 22:28:12 +09:30 |
|
|
|
1c87eeb188
|
feat(access): If the user lacks the permission during permission checks, return sooner
ref: #442 #456
|
2024-12-27 18:51:10 +09:30 |
|
|
|
17e437ce68
|
fix(access): Use request.method for determining the HTTP/Method for permission checks
ref: #442 #456
|
2024-12-27 18:50:09 +09:30 |
|
|
|
7c62643c6c
|
feat(access): Enforce view action and HTTP/Method match for permission checks
ref: #442 #456
|
2024-12-27 18:26:58 +09:30 |
|
|
|
dc553317de
|
refactor(api): dedup code within viewset mixin
ref: #442 #454
|
2024-12-26 20:52:27 +09:30 |
|
|
|
aee6ccfb7a
|
test(core): remove different org testcase from history checks
this model is not a tenancy model yet. See #455 for details
ref: #442 #454 #455
|
2024-12-26 16:10:21 +09:30 |
|
|
|
10becacbf7
|
fix(access): Add HTTP/Method=DELETE as valid option for object delete/destroy.
ref: #442 #454
|
2024-12-26 15:31:02 +09:30 |
|
|
|
4545b3d721
|
test(core): When testing if history access is possible for user with perms, correct status is HTTP/200
ref: #442 #454
|
2024-12-26 14:12:07 +09:30 |
|
|
|
534186a7f9
|
fix(access): Ensure Object permission are checked when an object is having an action performed against it.
ref: #442 #454
|
2024-12-26 14:11:05 +09:30 |
|
|
|
4be1e97cbe
|
refactor(access): Object permission checking moved to has_object_permission function
ref: #442 #454
|
2024-12-26 00:49:40 +09:30 |
|
|
|
f2181b018d
|
refactor(access): move ability to get required permissions from permissions mixin to organization mixin
ref: #442 #454
|
2024-12-26 00:33:21 +09:30 |
|
|
|
d39f9ad463
|
refactor(core): move ticket linked item to dynamic parent model
now possible due to org mixins re-write
ref: #442 #454
|
2024-12-25 21:00:11 +09:30 |
|
|
|
6ff3d83222
|
refactor(api): Use new re-writen Mixins for Tenancy and Permission checks
ref: #442 #454
|
2024-12-25 20:59:14 +09:30 |
|
|
|
96ff5bd839
|
refactor(access): Organization Permission Mixin now caters for API ONLY
ref: #442 #454
|
2024-12-25 20:57:45 +09:30 |
|
|
|
d61929adaa
|
refactor(access): Organization Mixin now caters for API ONLY
ref: #442 #454
|
2024-12-25 20:57:31 +09:30 |
|
|
|
04d1795a1b
|
fix(core): History View is a read-only view
ref: #442 #454
|
2024-12-25 19:05:48 +09:30 |
|
|
|
7ced4cf524
|
fix(core): Permissions for Related ticket to be derived from ticket org
ref: #442 #454
|
2024-12-25 19:05:19 +09:30 |
|
|
|
bc1600e07b
|
fix(access): Team User permission organiztion is team org
ref: #442 #454
|
2024-12-25 19:04:19 +09:30 |
|
|
|
2c715d69fa
|
test(access): When adding org, test case must use non-super user
ref: #442 #454
|
2024-12-25 19:02:04 +09:30 |
|
|
|
595209709b
|
test(itim): Ensure external_links are returned as part of _urls
ref: #450 #452
|
2024-12-24 16:44:13 +09:30 |
|
|
|
0db83614a7
|
feat(itim): External Links to display on cluster details page
ref: #450 #452
|
2024-12-24 16:40:15 +09:30 |
|
