TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-02-28 21:47:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: login policy bug (#1268)

Browse Source 
* fix: permissions on login policy multifactors and secondfactors

* fix idp restriction

Co-authored-by: Max Peintner <max@caos.ch>
This commit is contained in:
Fabi 2021-02-10 10:01:00 +01:00 committed by GitHub
parent 823f8cc751
commit c205d65117
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
console/src/app/modules/idp-table/idp-table.component.html
View File

@ -1,6 +1,6 @@
<app-refresh-table [loading]="loading$ | async" (refreshed)="refreshPage()" [dataSize]="dataSource.data.length"
[emitRefreshOnPreviousRoutes]="['/iam/idp/create']" [timestamp]="idpResult?.viewTimestamp" [selection]="selection">
<ng-template appHasRole [appHasRole]="['iam.write']" actions>
<div actions>
<button (click)="deactivateSelectedIdps()" matTooltip="{{'IDP.DEACTIVATE' | translate}}" class="icon-button"
mat-icon-button *ngIf="selection.hasValue()" [disabled]="disabled">
<mat-icon>block</mat-icon>
@ -16,7 +16,7 @@
<a [routerLink]="createRouterLink" color="primary" mat-raised-button [disabled]="disabled">
<mat-icon class="icon">add</mat-icon>{{ 'ACTIONS.NEW' | translate }}
</a>
</ng-template>
</div>
<div class="table-wrapper">
<table class="table" mat-table [dataSource]="dataSource">

4
console/src/app/modules/policies/login-policy/login-policy.component.html
View File

@ -73,14 +73,14 @@
<p class="subdesc">{{ 'MFA.LIST.MULTIFACTORDESCRIPTION' | translate }}</p>
<app-mfa-table [service]="service" [serviceType]="serviceType"
[componentType]="LoginMethodComponentType.MultiFactor"
[disabled]="([serviceType == PolicyComponentServiceType.ADMIN ? 'iam.policy.write' : serviceType == PolicyComponentServiceType.MGMT ? 'iam.policy.write' : ''] | hasRole | async) == false">
[disabled]="([serviceType == PolicyComponentServiceType.ADMIN ? 'iam.policy.write' : serviceType == PolicyComponentServiceType.MGMT ? 'policy.write' : ''] | hasRole | async) == false">
</app-mfa-table>
<h3 class="subheader">{{ 'MFA.LIST.SECONDFACTORTITLE' | translate }}</h3>
<p class="subdesc">{{ 'MFA.LIST.SECONDFACTORDESCRIPTION' | translate }}</p>
<app-mfa-table [service]="service" [serviceType]="serviceType"
[componentType]="LoginMethodComponentType.SecondFactor"
[disabled]="([serviceType == PolicyComponentServiceType.ADMIN ? 'iam.policy.write' : serviceType == PolicyComponentServiceType.MGMT ? 'iam.policy.write' : ''] | hasRole | async) == false">
[disabled]="([serviceType == PolicyComponentServiceType.ADMIN ? 'iam.policy.write' : serviceType == PolicyComponentServiceType.MGMT ? 'policy.write' : ''] | hasRole | async) == false">
</app-mfa-table>
</ng-container>

12
pkg/grpc/management/proto/management.proto
View File

@ -1409,7 +1409,7 @@ service ManagementService {
};
option (caos.zitadel.utils.v1.auth_option) = {
permission: "iam.policy.read"
permission: "policy.read"
};
}
@ -1420,7 +1420,7 @@ service ManagementService {
};
option (caos.zitadel.utils.v1.auth_option) = {
permission: "iam.policy.write"
permission: "policy.write"
};
}
@ -1430,7 +1430,7 @@ service ManagementService {
};
option (caos.zitadel.utils.v1.auth_option) = {
permission: "iam.policy.write"
permission: "policy.write"
};
}
@ -1440,7 +1440,7 @@ service ManagementService {
};
option (caos.zitadel.utils.v1.auth_option) = {
permission: "iam.policy.read"
permission: "policy.read"
};
}
@ -1451,7 +1451,7 @@ service ManagementService {
};
option (caos.zitadel.utils.v1.auth_option) = {
permission: "iam.policy.write"
permission: "policy.write"
};
}
@ -1461,7 +1461,7 @@ service ManagementService {
};
option (caos.zitadel.utils.v1.auth_option) = {
permission: "iam.policy.write"
permission: "policy.write"
};
}