Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(rbac): remove invalid required permission #6608

Merged
merged 1 commit into from
Jan 20, 2025
Merged

fix(rbac): remove invalid required permission #6608

merged 1 commit into from
Jan 20, 2025

Conversation

AdriiiPRodri
Copy link
Contributor

Description

In this PR we have removed an unnecessary permission when performing a GET of the system scans.

Checklist

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@AdriiiPRodri AdriiiPRodri self-assigned this Jan 20, 2025
@AdriiiPRodri AdriiiPRodri requested a review from a team as a code owner January 20, 2025 12:54
@codecov Codecov
Copy link

codecov bot commented Jan 20, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 93.71%. Comparing base (b56d62e) to head (a59ce9d).
Report is 5 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #6608      +/-   ##
==========================================
+ Coverage   89.43%   93.71%   +4.28%     
==========================================
  Files        1182       66    -1116     
  Lines       33790     6349   -27441     
==========================================
- Hits        30219     5950   -24269     
+ Misses       3571      399    -3172
Flag Coverage Δ
api 93.71% <100.00%> (?)
prowler ?

Flags with carried forward coverage won't be shown. Click here to find out more.

Components Coverage Δ
prowler ∅ <ø> (∅)
api 93.71% <100.00%> (∅)

@AdriiiPRodri
Copy link
Contributor Author

Status update

Create a new role with MANAGE_SCANS permission:

Captura de pantalla 2025-01-20 a las 14 11 55

Create a new user and add the previous role

Captura de pantalla 2025-01-20 a las 14 12 13

Login with the new user and check scans for the provider (the provider its inside the group)

Captura de pantalla 2025-01-20 a las 14 14 15

Remove the provider from the allowed groups

Captura de pantalla 2025-01-20 a las 14 14 44

Captura de pantalla 2025-01-20 a las 14 21 02

Prior to this change, adding the MANAGE_SCANS permission and the group with the provider (MANAGE_PROVIDERS needed)

Captura de pantalla 2025-01-20 a las 14 21 02

vicferpoy
vicferpoy approved these changes Jan 20, 2025
View reviewed changes
Copy link
Member

@vicferpoy vicferpoy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for providing the manual tests! Hopefully we get to improve all the automated tests soon.

@vicferpoy vicferpoy merged commit 465a758 into master Jan 20, 2025
12 checks passed
@vicferpoy vicferpoy deleted the PRWLR-6038-Check-the-permissions-for-the-scans-endpoints-the-permissions-for-SAFE_METHODS-are-not-correct branch January 20, 2025 14:21
@paabloLC paabloLC added the backport-to-v5.1 Backport PR to the v5.1 branch label Jan 20, 2025
@prowler-bot prowler-bot mentioned this pull request Jan 20, 2025
Merged
@prowler-bot prowler-bot added the was-backported The PR was successfully backported to the target branch label Jan 20, 2025
@prowler-bot
Copy link
Collaborator

💚 All backports created successfully

Status Branch Result
v5.1

Questions ?

Please refer to the Backport tool documentation and see the Github Action logs for details

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vicferpoy vicferpoy vicferpoy approved these changes

Assignees

@AdriiiPRodri AdriiiPRodri

Labels
backport-to-v5.1 Backport PR to the v5.1 branch component/api was-backported The PR was successfully backported to the target branch
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@AdriiiPRodri @prowler-bot @vicferpoy @paabloLC