-
Notifications
You must be signed in to change notification settings - Fork 76
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(jans-cedarling): ensure that all cedarling test fixture files are human-readable. #10036
Conversation
DryRun Security SummaryThe pull request enhances the policy management and access control capabilities of the Cedarling application by adding support for YAML policy stores, improving policy deserialization, enhancing the policy store structure, and providing detailed policy and schema definitions. Expand for full summarySummary: The code changes in this pull request focus on enhancing the policy management and access control capabilities of the Cedarling application. The key changes include:
From an application security perspective, these changes are generally positive, as they improve the overall security posture of the Cedarling application. The focus on input validation, error handling, and the implementation of a robust policy management system are all important security considerations. However, it's crucial to ensure that the policy definitions and their implementation are thoroughly reviewed to avoid any unintended security vulnerabilities. Additionally, the handling of sensitive information, such as identity source metadata and token data, should be carefully examined to prevent potential security issues like information disclosure or unauthorized access. Files Changed:
Code AnalysisWe ran Riskiness🟢 Risk threshold not exceeded. |
62240ff
to
ffdefa1
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I feel OK to merge but we have changes in the schema
in PR #10039
so probably better to wait some time
jans-cedarling/bindings/cedarling_python/tests/test_policy_store.py
Outdated
Show resolved
Hide resolved
The merge-base changed after approval.
ffdefa1
to
319146a
Compare
Signed-off-by: John Anderson <[email protected]>
…pect to current policy store schema Signed-off-by: John Anderson <[email protected]>
Signed-off-by: John Anderson <[email protected]>
… level Signed-off-by: John Anderson <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great, but how about every notice of "cedar_version" : "v2.4.7",
replace to "cedar_version": "v4.0.0",
?
Signed-off-by: John Anderson <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ok
Prepare
Description
Target issue
10021
closes #10021
Implementation Details
convert most json files in
jans-cedarling/test_files
. Some tests using the remaning json files rely on the base64 encoded values to achieve their assertions.update all rust tests making use of changed files.
update all python tests making use of changed files.
document all files in
jans-cedarling/test_files
and injans-cedarling/test_files/README.md
Test and Document the changes
Please check the below before submitting your PR. The PR will not be merged if there are no commits that start with
docs:
to indicate documentation changes or if the below checklist is not selected.