这是indexloc提供的服务,不要输入任何密码
Skip to content

allow unauthorized role in accesskey and JWT modes (close #595) #856

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Oct 25, 2018
Merged

allow unauthorized role in accesskey and JWT modes (close #595) #856

merged 7 commits into from
Oct 25, 2018

Conversation

@rakeshkky
Copy link
Member

@rakeshkky rakeshkky commented Oct 25, 2018
edited
Loading

Description

--unauthorized-role flag or HASURA_GRAPHQL_UNAUTHORIZED_ROLE env variable can be specified (optional) in following modes:

  • Access key only
  • JWT

In access-key only mode, when the x-hasura-access-key is absent, the query will be executed using the role specified with unauthorized-role option. JWT mode will have the same behavior when the Authorization header is absent in the request.

unauthorized-role option is not required for Webhook mode.

What component does this PR affect?

  • Server
  • Console
  • CLI
  • Docs
  • Community Content
  • Build System

Requires changes from other components? If yes, please mark the components:

  • Server
  • Console
  • CLI
  • Docs
  • Community Content
  • Build System

Related Issue

closes #595

Solution and Design

Type

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Docs update
  • Community content

Checklist:

  • I have read the contributing guide and my code conforms to the guidelines.
  • This change requires a change in the documentation.
  • I have updated the documentation accordingly.
  • I have added required tests.

@rakeshkky rakeshkky requested a review from 0x777 October 25, 2018 11:22
@rakeshkky rakeshkky self-assigned this Oct 25, 2018
@rakeshkky rakeshkky added s/ok-to-merge Status: This pull request can be merged to master c/server Related to server labels Oct 25, 2018
@hasura-bot
Copy link
Contributor

hasura-bot commented Oct 25, 2018

Review app available at: https://hge-ci-pull-856.herokuapp.com

0x777
0x777 reviewed Oct 25, 2018
View reviewed changes
@0x777
Copy link
Member

0x777 commented Oct 25, 2018

do not allow unauthorized role for webhook

@hasura-bot
Copy link
Contributor

hasura-bot commented Oct 25, 2018

Review app available at: https://hge-ci-pull-856.herokuapp.com

1 similar comment
@hasura-bot
Copy link
Contributor

hasura-bot commented Oct 25, 2018

Review app available at: https://hge-ci-pull-856.herokuapp.com

0x777
0x777 reviewed Oct 25, 2018
View reviewed changes
server/src-lib/Hasura/Server/Auth.hs Outdated
where
unAuthRoleNotReqForWebHook =
when (isJust mUnAuthRole) $
throwError $ "Fatal Error: --unauthorized-role (HASURA_GRAPHQL_UNAUTHORIZED_ROLE) is not required"
Copy link
Member

@0x777 0x777 Oct 25, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is not allowed

@hasura-bot
Copy link
Contributor

hasura-bot commented Oct 25, 2018

Review app available at: https://hge-ci-pull-856.herokuapp.com

1 similar comment
@hasura-bot
Copy link
Contributor

hasura-bot commented Oct 25, 2018

Review app available at: https://hge-ci-pull-856.herokuapp.com

@0x777 0x777 merged commit 10d8529 into hasura:master Oct 25, 2018
@hasura-bot
Copy link
Contributor

hasura-bot commented Oct 25, 2018

Review app https://hge-ci-pull-856.herokuapp.com is deleted

@sachaarbonel sachaarbonel mentioned this pull request Feb 28, 2019
Closed
This was referenced Dec 22, 2022
Open
Open
Open
Open
@Allymahmoud Allymahmoud mentioned this pull request Jun 20, 2023
Open
@sumodgeorge sumodgeorge mentioned this pull request Nov 28, 2023
Open
@Allymahmoud Allymahmoud mentioned this pull request Nov 28, 2023
Open
@sumodgeorge sumodgeorge mentioned this pull request Dec 1, 2023
Open
@ptakpatryk ptakpatryk mentioned this pull request Dec 19, 2023
Open
This was referenced Dec 19, 2023
Open
Open
@ptakpatryk ptakpatryk mentioned this pull request Dec 19, 2023
Open
@sumodgeorge sumodgeorge mentioned this pull request Dec 20, 2023
Open
This was referenced Mar 22, 2024
Open
Open
@sumodgeorge sumodgeorge mentioned this pull request Mar 23, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@0x777 0x777 0x777 approved these changes

Assignees

@rakeshkky rakeshkky

Labels

c/server Related to server s/ok-to-merge Status: This pull request can be merged to master

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Allow anonymous use without webhook

3 participants

@rakeshkky @hasura-bot @0x777