Implement user management (create, list, get) via API

google / timesketch

Collaborative forensic timeline analysis

Apache License 2.0

2.52k stars 577 forks source link

Implement user management (create, list, get) via API #3024

Closed lo-chr closed 4 months ago

lo-chr commented 5 months ago

This PR fixes most of the features, mentioned here: https://github.com/google/timesketch/issues/3023

This PR is a first step into further capabilities of user management via API, although it lacks the ability to manage a particular user itself.

I also added some features to the testing framework, enabling the test of "admin only" tests, via creating admin users during test setup.

Checks

[x] All tests succeed -> there are some warnings in the Sigma Tests, which I did not touch. My added tests did succeed.
[x] Unit tests added.

Closing issues closes #3023

lo-chr commented 5 months ago

Giving this PR a bit more thought, I identified some inconsistencies regarding privacy. I will set this PR into draft mode again, fix the issues and submit the PR again. Sorry for the inconvenience.

lo-chr commented 5 months ago

I changed the UserResource, so that it does not check for admin privileges anymore.

Might be useful to limit details like mail address to admin users In the future.

berggren commented 5 months ago

Hi @lo-chr thanks for contributing! I'll review this on Friday, Jan 26.

lo-chr commented 5 months ago

I'll fix this over the weekend! Thank you for the review.

berggren commented 4 months ago

Thanks for contributing!

lo-chr commented 4 months ago

Thank your for the reviews and advice. I learned one or two things. ☺️