hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-17 23:13:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,847 Commits 8 Branches 90 Tags
cc35d84f257cfa037cb1e9a67acfad8c455c1c1c
Commit Graph

4847 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
IvanaH8
cc35d84f25 Revert "Change read:users(services):admin scope to read:users(services):roles" 
read:users(services):roles scopes will be added together with changes to api handlers
 2021-04-30 15:13:29 +02:00
IvanaH8
60c73de8b2 Change read:users(services):admin scope to read:users(services):roles 2021-04-29 09:23:43 +02:00
IvanaH8
b2c2866915 Update admin role scopes list 2021-04-29 09:14:24 +02:00
IvanaH8
cdc99580de Update scope hierarchy in roles.py and tests 2021-04-29 09:13:28 +02:00
Min RK
cf4b25ac56 sync with master 2021-04-22 14:14:02 +02:00
Min RK
eb71e39c77 Merge pull request #3435 from 0mar/token_handler 
Fixed scope checking in UserTokenListAPIHandler
 2021-04-22 13:52:13 +02:00
Min RK
ad090560d0 Merge pull request #3366 from IvanaH8/rbac-docs 
[rbac] Add RBAC documentation with myst-parser
 2021-04-22 13:50:58 +02:00
Min RK
a2b76bceb9 minor copy-editing, TODOs in rbac docs 2021-04-22 13:39:36 +02:00
Min RK
84d2e5de93 Merge pull request #3436 from consideRatio/pr/gha-security 2021-04-21 18:56:09 +02:00
Erik Sundell
5d18883543 ci: github workflow security, pin action to sha etc 2021-04-21 12:00:49 +02:00
0mar
103c6a406a Changed error code of UserTokenListAPIHandler back to 403 2021-04-21 09:43:24 +02:00
Min RK
fe37ff4ede Merge pull request #3431 from minrk/persist-roles 
Persist roles through OAuth process
 2021-04-21 07:50:24 +02:00
IvanaH8
4687a76a6f Add role name conventions to docs/source/rbac/roles.md 2021-04-20 17:28:41 +02:00
IvanaH8
79b57b7f3b Add admin:users:auth_state/server_state to docs/rest-api.yml 2021-04-20 16:48:56 +02:00
Min RK
0c7c1ed6b4 scopes.get_scopes_for is the only roles/scopes API to allow User wrapper 
all else requires orm objects
 2021-04-20 15:21:14 +02:00
Min RK
d8ded9aed8 resolve self in _get_subscopes 
avoids inconsistent behavior in different uses of _get_subscopes where 'self' is left unmodified,
leading to errors
 2021-04-20 14:58:34 +02:00
0mar
399203e5d3 Fixed scope checking in UserTokenListAPIHandler 2021-04-20 14:55:36 +02:00
Min RK
be76b5ebba tests for oauth roles 2021-04-20 14:49:42 +02:00
Min RK
4728325bf7 persist roles through oauth process 
- Attach role limit to OAuthClient
- Attach authorized roles to OAuthCode
- pass roles from code to API token on completion

standard 'scopes' in oauth process are matched against our 'roles' instead of our low-level scopes
 2021-04-20 14:29:29 +02:00
Min RK
53f0d88505 hook up oauthlib's logger to ours 
for better debugging
 2021-04-20 14:29:29 +02:00
Min RK
b9958e9069 Merge pull request #3434 from 0mar/server_permissions 
Server permissions
 2021-04-20 12:14:28 +02:00
0mar
8de2138566 Merge branch 'rbac' into server_permissions 2021-04-20 11:05:32 +02:00
0mar
ef1351b441 Added todo for future PR 2021-04-20 11:04:04 +02:00
Erik Sundell
1d83721117 Merge pull request #3432 from minrk/strict-role-names 
be strict about role names
 2021-04-19 17:30:35 +02:00
Min RK
639523a27c back to dev 2021-04-19 13:42:46 +02:00
Min RK
574d343881 release 1.4.0 1.4.0 2021-04-19 13:41:28 +02:00
Min RK
863ab1eb12 allow unreserved RFC3986 characters in role names: _-~. 2021-04-19 13:37:21 +02:00
Yuvi Panda
c205385023 Merge pull request #3424 from minrk/changelog-1.4 
more changelog for 1.4
 2021-04-19 17:06:23 +05:30
Min RK
9e0ac1594c more changelog for 1.4 2021-04-19 13:13:29 +02:00
Min RK
2fd434f511 Merge pull request #3430 from yuvipanda/additional_routes 
Support Proxy.extra_routes
 2021-04-19 13:12:11 +02:00
Min RK
24245a029f be strict about role names 
- 3-255 characters
- ascii lowercase, numbers, -
- must start with letter
- must not end with -

this lets us avoid url escaping issues in e.g. oauth params
 2021-04-19 13:10:43 +02:00
YuviPanda
af39f39082 Mark extra proxy routes properly 2021-04-19 16:27:05 +05:30
YuviPanda
ab751bda5c Accomodate for host based routing 2021-04-19 16:26:09 +05:30
YuviPanda
f84078627f Add a little more documentation to extra_routes 2021-04-19 16:16:03 +05:30
YuviPanda
3ec3dc5195 Support Proxy.extra_routes 
When the hub is running in API-only mode, it's
very useful to have the proxy know where to send
URLs that would normally be serviced by the hub.
For example, / might go to a service that renders
a home page, while `/user` might go to a service that
tells the user their server is dead.

Right now, this happens 'out of band', with a process
that has to talk to the proxy directly. This is a
bit messy - the routes need to be re-added when the
proxy restarts, the hub might try to remove them, etc.
By adding support for this in the hub itself, all
this complexity is now removed and the hub continues
to own all the routes in the proxy
 2021-04-19 16:14:28 +05:30
Simon Li
73102e7aeb Merge pull request #3429 from minrk/push-auth 
typos in onbuild, demo images for push
 2021-04-19 09:19:57 +01:00
Min RK
b039e2985b typos in onbuild, demo images for push 
it's jupyterhub/jupyterhub-onbuild not jupyterthub-onbuild/jupyterhub
 2021-04-19 09:09:49 +02:00
Min RK
6d7863d56a Merge pull request #3428 from Carreau/doc-1 
DOC: Conform to numpydoc.
 2021-04-19 08:56:42 +02:00
Min RK
aba32e7200 Merge pull request #3425 from manics/docker-arm64 
Disable docker jupyterhub-demo arm64 build
 2021-04-19 08:33:45 +02:00
Matthias Bussonnier
a71823c5ab DOC: Conform to numpydoc. 
Minor syntax update
 2021-04-18 21:23:03 -07:00
IvanaH8
5a95681853 Add %TODO: flag for generating the table in docs/source/rbac/scopes.md 2021-04-16 17:26:19 +02:00
IvanaH8
a6b9fb160e Resolve merge conflicts 2021-04-16 17:20:22 +02:00
IvanaH8
0638783939 Synchronize docs/rest-api.yml with Available scopes table in docs/source/rbac/scopes.md 2021-04-16 17:11:46 +02:00
IvanaH8
b0f4548753 Add read:users(services):roles scopes to docs/source/rbac/scopes.md 2021-04-16 16:49:15 +02:00
IvanaH8
c6e3e06af9 Add Upgrade section to docs/source/rbac/upgrade.md 2021-04-16 16:31:01 +02:00
0mar
46e2f72fa6 Test server start/stop 2021-04-16 14:54:04 +02:00
0mar
b233859028 Refactored scope_filter 2021-04-16 14:03:31 +02:00
Simon Li
fcf9122519 jupyterhub/action-major-minor-tag-calculator@v1 
Co-authored-by: Erik Sundell <erik.i.sundell@gmail.com>
 2021-04-15 20:35:21 +01:00
0mar
cb104ffe42 Fixed tests 2021-04-15 17:30:13 +02:00
Simon Li
6c3fc41176 jupyterhub/action-major-minor-tag-calculator@main 2021-04-15 16:14:51 +01:00