* + endpoint and namespace level authorizations
+ user namespace authorization API
+ k8s client setup service account with k8s roles and policies by portainer role
* User authorization changes refresh token cache
* rbac authorizes k8s requests
* CE to EE migrator to include new authorizations
* code clean up
* comments
* * merge in the RestrictDefaultNamespace changes
* - remove unnecessary check for default namespace
* + updates namespace access policies when generating token
* * updates namespace access policies when querying the user namespace endpoint
* + k8s rule in rbac.go for endpoint access test
+ missing k8s cluster rules for different roles
* feat(rbac): update kube rbac
* feat(rbac): use the authorization directive
* feat(rbac): Update namespace access policies when user/team is deleted
* refactor(app): use new angular-multi-select capabilities
* feat(rbac): fix authorizations
* feat(rbac): fix userAccessPolicies update bug
* feat(rbac): add W applications authorizations
* feat(rbac): add application details W authorizations
* feat(rbac): add configurations W autohorizations
* feat(rbac): add configuration details W authorizations
* feat(rbac): add volumes W authorizations
* feat(rbac): add volume details W authorizations
* feat(rbac): add componentstatus to portainer-view role and add cluster/node authorizations
* fix(rbac): disable application note for non authorized user
* fix(rbac): add endpoints list and components status to portainer-basic
* fix(rbac): allow user to access default namespace when restrict default namespace isn't activated
* fix(rbac): remove default namespace from useraccesspolicies when restrict default namespace isn't activated
* fix(rbac): change some things
* fix(rbac): allow standard user to access container console
* - removed unused parameter
* fix(rbac): fix team authorizations
Co-authored-by: Maxime Bajeux <max.bajeux@gmail.com>
Co-authored-by: xAt0mZ <baron_l@epitech.eu>
* refactor(rbac): move client extension code
* feat(app): remove checks for extension
* feat(rbac): remove checks for extensions
* feat(extensions): remove reference to rbac extensions
* feat(roles): add changes from codebase before removal of rbac
* refactor(security): remove rbac service
* refactor(security): use AdminAccess as an alias
* fix(access): rename policies type
* style(security): add comment about Aliasing AdminAccess to RestrictedAccess
* feat(bolt): add auth migration from ce to ee
* feat(stacks): use authorized access to stop/start stacks
* fix(bolt): supply right params to migrator
* feat(rbac): get authorization on client side
* feat(custom-templates): introduce types
* feat(custom-templates): introduce data layer service
* feat(custom-templates): introduce http handler
* feat(custom-templates): create routes and view stubs
* feat(custom-templates): add create custom template ui
* feat(custom-templates): add json keys
* feat(custom-templates): introduce custom templates list page
* feat(custom-templates): introduce update page
* feat(stack): create template from stack
* feat(stacks): create stack from custom template
* feat(custom-templates): disable edit/delete of templates
* fix(custom-templates): fail update on non admin/owner
* fix(custom-templates): add ng-inject decorator
* chore(plop): revert template
* feat(stacks): remove actions column
* feat(stack): add button to create template from stack
* feat(stacks): add empty state for templates
* feat(custom-templates): show templates in a list
* feat(custom-template): replace table with list
* feat(custom-templates): move create template button
* refactor(custom-templates): introduce more fields
* feat(custom-templates): use stack type when creating template
* feat(custom-templates): use same type as stack
* feat(custom-templates): add edit and delete buttons to template item
* feat(custom-templates): customize stack before deploy
* feat(stack): show template details
* feat(custom-templates): move customize
* feat(custom-templates): create description required
* fix(template): show platform icon
* fix(custom-templates): show spinner when creating stack
* feat(custom-templates): prevent user from edit templates
* feat(custom-templates): use resource control for custom templates
* feat(custom-templates): show created templates
* feat(custom-templates): filter templates by stack type
* fix(custom-templates): create swarm or standalone stack
* feat(stacks): filter templates by type
* feat(resource-control): disable resource control on public
* feat(custom-template): apply access control on edit
* feat(custom-template): add form validation
* feat(stack): disable create custom template from external task
* refactor(custom-templates): create template from file and type
* feat(templates): introduce a file handler that returns template docker file
* feat(template): introduce template duplication
* feat(custom-template): enforce unique template name
* fix(template): rename copy button
* fix(custom-template): clear access control selection between templates
* fix(custom-templates): show required fields
* refactor(filesystem): use a constant for temp path