OptimusX
/
OneAuth
mirror of https://github.com/veypi/OneAuth.git
3
0
Fork 0
Code Issues Projects Releases Wiki Activity
239 Commits
3 Branches
2 Tags
25 MiB
master
v3
v2
v1.0.0
v0.1.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a7ffd15601'
${ noResults }
Commit Graph

7 Commits (a7ffd1560192fa689f6504a845526b63858a87bb)

Author SHA1 Message Date
veypi a7ffd15601 refactor: Remove multi-tenant org system and simplify auth 
- Delete org API endpoints (add_member, create, del, get, list, member, patch, tree)
    - Delete models/org.go and remove Org/OrgMember models
    - Delete org-related test files (org_crud, org_load_middleware, org_permission, multi_tenant)
    - Delete org test scripts (03_org_permission.sh, 04_org_load_middleware.sh)
    - Simplify auth/auth.go by removing org context and role loading logic
    - Remove org claims from JWT tokens and login/register responses
    - Redesign Permission model with hierarchical level-based access control
    - Add auth/design.md with new permission system specification
    - Update user and role APIs to work without org context
 5 days ago
veypi df0f7f047a refactor: Rename Config to Global and simplify app initialization 
- Rename cfg.Config to cfg.Global for consistency
    - Simplify cli/main.go to use vbase.App.Run() pattern
    - Update init.go to create app with vigo.New and Init function
    - Update all references from cfg.Config to cfg.Global across api, libs, models, and tests
    - Fix VBase constructor parameter order in ui/vbase.js
    - Update ui/env.js to use new VBase('vb', '/') initialization
 5 days ago
veypi 0b22d2c2c8 test: Add comprehensive security and integration tests 
- Add wildcard permission tests for RBAC hierarchy
    - Add multi-tenant isolation tests for organization access
    - Add OAuth2 security tests including client ownership and redirect URI
    - Add race condition tests for concurrent operations
    - Add edge case tests for SQL injection, XSS, input validation
    - Add security test report documenting findings and fixes
 7 days ago
veypi 7f7591cf6d test: Add integration tests for org, role and oauth client 
- Add OAuth client CRUD and access control tests
    - Add organization CRUD, tree and access control tests
    - Add role CRUD, access control and system role protection tests
    - Remove user:read permission from default user role
 1 week ago
veypi b0322047cd feat: Restrict user APIs to admins and add public user search 
- Add /api/auth/users endpoint for authenticated users to search other users
    - Only return public info (id, username, nickname, avatar) in search results
    - Change /api/user routes to require user:admin permission instead of user:read
    - Update auth tests to use /api/auth/me for self updates
    - Add tests for new user search endpoint
 1 week ago
veypi b8c894b5cf test: Refactor test infrastructure to use in-memory SQLite database 
- Add tests/README.md with comprehensive documentation for running and adding tests
    - Change TestDBFile from file-based 'test.db' to in-memory 'file::memory:?cache=shared'
    - Remove file cleanup in setup() and teardown() functions since memory database requires no cleanup
    - Simplify setup() by removing comments and streamlining database configuration
 1 week ago
veypi 01620b3185 refactor(test): restructure integration tests for auth and permissions 
- Move and split 'auth/auth_test.go' into the 'tests/' directory
    - Add 'tests/main_test.go' for global test suite setup
    - Add 'tests/helpers_test.go' for shared test utilities
    - Create separate test files for different auth scenarios ('auth_test.go', 'none_auth_test.go')
    - Add focused tests for org permissions and middleware ('org_permission_test.go', 'resource_perm_test.go', 'org_load_middleware_test.go')
 1 week ago