Tomas Touceda
64f6a2f790
Return a distinct error when the auth header is not available vs when it's bad ( #1294 )
2021-07-05 10:17:31 -03:00
Zach Wasserman
c5280c0517
Add v4 suffix in go.mod ( #1224 )
2021-06-25 21:46:51 -07:00
Zach Wasserman
d78c5fd124
Clean up service and return license errors ( #1097 )
...
- Expose license errors instead of permission errors by adding explicit skip authorization.
- Remove pre-Teams authorization checks from service.
Fixes #964
2021-06-16 10:55:41 -07:00
Zach Wasserman
fb32f0cf40
Remove kolide types and packages from backend ( #974 )
...
Generally renamed `kolide` -> `fleet`
2021-06-06 15:07:29 -07:00
Zach Wasserman
ae1f41638c
Log subject/object/action with authz failures ( #972 )
2021-06-05 06:22:13 -07:00
Zach Wasserman
b3bafdce24
Return error messages for authentication errors ( #950 )
...
Previously the authorization middleware was masking the error when
authentication failed.
2021-06-03 18:24:23 -07:00
Zach Wasserman
18faa5a06b
Add authorization checks in service ( #938 )
...
- Add policy.rego file defining authorization policies.
- Add Go integrations to evaluate Rego policies (via OPA).
- Add middleware to ensure requests without authorization check are rejected (guard against programmer error).
- Add authorization checks to most service endpoints.
2021-06-03 16:24:15 -07:00
