Livio Spring
7508e6c9f3
fix: correctly check denied domains and ips for actions ( #8810 )
...
# Which Problems Are Solved
System administrators can block hosts and IPs for HTTP calls in actions.
Using DNS, blocked IPs could be bypassed.
# How the Problems Are Solved
- Hosts are resolved (DNS lookup) to check whether their corresponding
IP is blocked.
# Additional Changes
- Added complete lookup ip address range and "unspecified" address to
the default `DenyList`
(cherry picked from commit 79fb4cc1cc
)
2024-10-23 07:33:43 +02:00
Tim Möhlmann
f680dd934d
refactor: rename package errors to zerrors ( #7039 )
...
* chore: rename package errors to zerrors
* rename package errors to gerrors
* fix error related linting issues
* fix zitadel error assertion
* fix gosimple linting issues
* fix deprecated linting issues
* resolve gci linting issues
* fix import structure
---------
Co-authored-by: Elio Bischof <elio@zitadel.com>
2023-12-08 15:30:55 +01:00
Elio Bischof
1a49b7d298
perf: project quotas and usages ( #6441 )
...
* project quota added
* project quota removed
* add periods table
* make log record generic
* accumulate usage
* query usage
* count action run seconds
* fix filter in ReportQuotaUsage
* fix existing tests
* fix logstore tests
* fix typo
* fix: add quota unit tests command side
* fix: add quota unit tests command side
* fix: add quota unit tests command side
* move notifications into debouncer and improve limit querying
* cleanup
* comment
* fix: add quota unit tests command side
* fix remaining quota usage query
* implement InmemLogStorage
* cleanup and linting
* improve test
* fix: add quota unit tests command side
* fix: add quota unit tests command side
* fix: add quota unit tests command side
* fix: add quota unit tests command side
* action notifications and fixes for notifications query
* revert console prefix
* fix: add quota unit tests command side
* fix: add quota integration tests
* improve accountable requests
* improve accountable requests
* fix: add quota integration tests
* fix: add quota integration tests
* fix: add quota integration tests
* comment
* remove ability to store logs in db and other changes requested from review
* changes requested from review
* changes requested from review
* Update internal/api/http/middleware/access_interceptor.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* tests: fix quotas integration tests
* improve incrementUsageStatement
* linting
* fix: delete e2e tests as intergation tests cover functionality
* Update internal/api/http/middleware/access_interceptor.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* backup
* fix conflict
* create rc
* create prerelease
* remove issue release labeling
* fix tracing
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2023-09-15 16:58:45 +02:00
Elio Bischof
681541f41b
feat: add quotas ( #4779 )
...
adds possibilities to cap authenticated requests and execution seconds of actions on a defined intervall
2023-02-15 02:52:11 +01:00
Silvan
43fb3fd1a6
feat(actions): add token customization flow and extend functionally with modules ( #4337 )
...
* fix: potential memory leak
* feat(actions): possibility to parse json
feat(actions): possibility to perform http calls
* add query call
* feat(api): list flow and trigger types
fix(api): switch flow and trigger types to dynamic objects
* fix(translations): add action translations
* use `domain.FlowType`
* localizers
* localization
* trigger types
* options on `query.Action`
* add functions for actions
* feat: management api: add list flow and trigger (#4352 )
* console changes
* cleanup
* fix: wrong localization
Co-authored-by: Max Peintner <max@caos.ch>
* id token works
* check if claims not nil
* feat(actions): metadata api
* refactor(actions): modules
* fix: allow prerelease
* fix: test
* feat(actions): deny list for http hosts
* feat(actions): deny list for http hosts
* refactor: actions
* fix: different error ids
* fix: rename statusCode to status
* Actions objects as options (#4418 )
* fix: rename statusCode to status
* fix(actions): objects as options
* fix(actions): objects as options
* fix(actions): set fields
* add http client to old actions
* fix(actions): add log module
* fix(actions): add user to context where possible
* fix(actions): add user to ctx in external authorization/pre creation
* fix(actions): query correct flow in claims
* test: actions
* fix(id-generator): panic if no machine id
* tests
* maybe this?
* fix linting
* refactor: improve code
* fix: metadata and usergrant usage in actions
* fix: appendUserGrant
* fix: allowedToFail and timeout in action execution
* fix: allowed to fail in token complement flow
* docs: add action log claim
* Update defaults.yaml
* fix log claim
* remove prerelease build
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-10-06 14:23:59 +02:00