mirror of
https://github.com/zitadel/zitadel.git
synced 2025-08-11 14:47:33 +00:00
Merge commit from fork
* fix: require permission to create and update session * fix: require permission to fail auth requests * merge main and fix integration tests * fix merge * fix integration tests * fix integration tests * fix saml permission check
This commit is contained in:
Livio Spring
@@ -1358,6 +1358,7 @@ InternalAuthZ:
|
||||
- "events.read"
|
||||
- "milestones.read"
|
||||
- "session.read"
|
||||
- "session.write"
|
||||
- "session.delete"
|
||||
- "action.target.read"
|
||||
- "action.target.write"
|
||||
@@ -1367,8 +1368,6 @@ InternalAuthZ:
|
||||
- "userschema.read"
|
||||
- "userschema.write"
|
||||
- "userschema.delete"
|
||||
- "session.read"
|
||||
- "session.delete"
|
||||
- Role: "IAM_OWNER_VIEWER"
|
||||
Permissions:
|
||||
- "iam.read"
|
||||
@@ -1462,6 +1461,7 @@ InternalAuthZ:
|
||||
- "project.grant.member.read"
|
||||
- "project.grant.member.write"
|
||||
- "project.grant.member.delete"
|
||||
- "session.read"
|
||||
- "session.delete"
|
||||
- Role: "IAM_USER_MANAGER"
|
||||
Permissions:
|
||||
@@ -1489,6 +1489,7 @@ InternalAuthZ:
|
||||
- "project.grant.write"
|
||||
- "project.grant.delete"
|
||||
- "project.grant.member.read"
|
||||
- "session.read"
|
||||
- "session.delete"
|
||||
- Role: "IAM_ADMIN_IMPERSONATOR"
|
||||
Permissions:
|
||||
@@ -1552,6 +1553,7 @@ InternalAuthZ:
|
||||
- "project.grant.member.read"
|
||||
- "project.grant.member.write"
|
||||
- "project.grant.member.delete"
|
||||
- "session.read"
|
||||
- "session.delete"
|
||||
- Role: "IAM_LOGIN_CLIENT"
|
||||
Permissions:
|
||||
@@ -1587,6 +1589,7 @@ InternalAuthZ:
|
||||
- "project.grant.member.read"
|
||||
- "project.grant.member.write"
|
||||
- "session.read"
|
||||
- "session.write"
|
||||
- "session.link"
|
||||
- "session.delete"
|
||||
- "userschema.read"
|
||||
@@ -1607,6 +1610,7 @@ InternalAuthZ:
|
||||
- "policy.read"
|
||||
- "project.read"
|
||||
- "project.role.read"
|
||||
- "session.read"
|
||||
- "session.delete"
|
||||
- Role: "ORG_OWNER_VIEWER"
|
||||
Permissions:
|
||||
@@ -1914,6 +1918,7 @@ SystemAuthZ:
|
||||
- "events.read"
|
||||
- "milestones.read"
|
||||
- "session.read"
|
||||
- "session.write"
|
||||
- "session.delete"
|
||||
- "action.target.read"
|
||||
- "action.target.write"
|
||||
@@ -1923,8 +1928,6 @@ SystemAuthZ:
|
||||
- "userschema.read"
|
||||
- "userschema.write"
|
||||
- "userschema.delete"
|
||||
- "session.read"
|
||||
- "session.delete"
|
||||
- Role: "IAM_OWNER_VIEWER"
|
||||
Permissions:
|
||||
- "iam.read"
|
||||
@@ -2018,6 +2021,7 @@ SystemAuthZ:
|
||||
- "project.grant.member.read"
|
||||
- "project.grant.member.write"
|
||||
- "project.grant.member.delete"
|
||||
- "session.read"
|
||||
- "session.delete"
|
||||
- Role: "IAM_USER_MANAGER"
|
||||
Permissions:
|
||||
@@ -2045,6 +2049,7 @@ SystemAuthZ:
|
||||
- "project.grant.write"
|
||||
- "project.grant.delete"
|
||||
- "project.grant.member.read"
|
||||
- "session.read"
|
||||
- "session.delete"
|
||||
- Role: "IAM_ADMIN_IMPERSONATOR"
|
||||
Permissions:
|
||||
@@ -2087,6 +2092,7 @@ SystemAuthZ:
|
||||
- "project.grant.member.read"
|
||||
- "project.grant.member.write"
|
||||
- "session.read"
|
||||
- "session.write"
|
||||
- "session.link"
|
||||
- "session.delete"
|
||||
- "userschema.read"
|
||||
|
||||
Reference in New Issue
Block a user