Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Simplify security.rs and authorization logic #674

Merged
merged 1 commit into from
Oct 20, 2022
Merged

Simplify security.rs and authorization logic #674

merged 1 commit into from
Oct 20, 2022

Conversation

svix-gabriel
Copy link
Contributor

@svix-gabriel svix-gabriel commented Oct 18, 2022
edited
Loading

This PR refactors security.rs and our auth* related axum extractors.

Motivation

  • Cut down on lines-of-code
  • Make permission/authorization parsing a bit more intuitive for axum handlers
  • Better leverage the type system to restrict axum handlers only to the permission-level information they need.

Solution

Some specifics

  • Many of our extractors had redundant information, or largely unused fields. This PR removes them
  • The Permissions struct has been simplified a bit, namely by moving things into an enum (as opposed to using the type_ enum just as a tag.
  • Removed the axum extractor for Permissions. We often chain authorization logic on top of the Permissions. However, the axum extractor for Permissions only authenticates requests, it doesn't authorize them.
  • Fixes a discrepancy between list_event_types and get_event_type. list_event_types was not checking for Organization privileges like get_event_types was.
  • AuthenticatedOrganization, AuthenticatedApp, etc, were also simplified a bit, and moved into a separate permissions.rs module.

@svix-gabriel svix-gabriel changed the title Simplify authorization logic Simplify security.rs and authorization logic Oct 18, 2022
@svix-gabriel svix-gabriel marked this pull request as ready for review October 18, 2022 21:32
@svix-gabriel svix-gabriel force-pushed the gabriel/update-auth branch 2 times, most recently from 0cf9c9a to 3cc63b4 Compare October 18, 2022 21:56
svix-dylan
svix-dylan reviewed Oct 19, 2022
View reviewed changes
Copy link
Contributor

@svix-dylan svix-dylan left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Permissions module name seems misleading, since the Permissions struct is defined in security.rs. Is there a better name?

@svix-gabriel
This refactors security.rs and our auth* related axum extractors.
cc01b84 
Some specifics
* Many of our extractors had redundant information, or largely unused fields. This PR removes them
* The `Permissions` struct has been simplified a bit, namely by moving things into an enum (as opposed to using the `type_` enum just as a tag.
* Removed the axum extractor for `Permissions`. We often chain authorization logic on top of the `Permissions`. However, the axum extractor for `Permissions` only authenticates requests, it doesn't authorize them.
* Fixes a discrepancy between `list_event_types` and `get_event_type`. `list_event_types` was not checking for Organization privileges like `get_event_types` was.
* `AuthenticatedOrganization`, `AuthenticatedApp`, etc, were also simplified a bit, and moved into a separate `permissions.rs` module.
@svix-gabriel svix-gabriel merged commit e0fe49f into main Oct 20, 2022
@svix-gabriel svix-gabriel deleted the gabriel/update-auth branch October 20, 2022 12:59
svix-gabriel added a commit that referenced this pull request Dec 22, 2022
@svix-gabriel
Fix GET /event-types permission regression (#736)
4b66293 
This PR fixes a regression with the `GET /event-type` endpoint.

## Motivation

In
[#674](cc01b84#diff-2a76cfc85cbfeae62fdc056d281dfa9a9c61fdfcb434435b02993b5cd31ddf58),
we refactored a lot of our permission logic so that the `Permission`
struct was no longer extracted directly in axum handlers. Instead, a
`permission::<Struct>` is extracted instead, which describes the
resources the user has authorized access too.

The regression was introduced
[here](cc01b84#diff-2a76cfc85cbfeae62fdc056d281dfa9a9c61fdfcb434435b02993b5cd31ddf58L176).
Originally, `GET /event-type` accepted the `Permission` struct directly
- which effectively means any authenticated user has access, but it was
changed to `permissions::Organization`, which [enforces org-only
access](cc01b84#diff-6482eed99ed190ec2d1e3da2390b61e530eb26e6f8bd4d24cfa5149a95401e77R33).

## Solution

Update the `GET /event-type` to accept any authenticated user.
Conceptually this maps to `permissions::ReadAll`, which is equivalent to
the original code where the `Permission` struct was extracted directly
in the Axum handler.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@svix-dylan svix-dylan svix-dylan approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@svix-gabriel @svix-dylan