adlerhurst
commented
1 year ago management service will not be added for the moment
Closed eliobischof closed 1 year ago
adlerhurst
commented
1 year ago management service will not be added for the moment
fforootd
commented
1 year ago management service will not be added for the moment
Can you please elaborate a little more? Where does the mgmt service not being added? To the action context? If yes why did we decide to do that?
livio-a
commented
1 year ago management service will not be added for the moment
Can you please elaborate a little more? Where does the mgmt service not being added? To the action context? If yes why did we decide to do that?
Yes he meant the api parameter of the actions.
This example was added as part of the actions for local users issue, which requested to be able to execute actions the on local authentication like we already have for external authentication, a.o. I want to be able to create the same actions as we have on external authentication.
While it would be nice to expose the management service / api directly in the actions, it will take some more effort to ensure the security, e.g. prevent broken auth.
As far as I know the mgmt service was mainly added for e2e testing purposes in the beginning of the PR.
fforootd
commented
1 year ago management service will not be added for the moment
Can you please elaborate a little more? Where does the mgmt service not being added? To the action context? If yes why did we decide to do that?
Yes he meant the api parameter of the actions. This example was added as part of the actions for local users issue, which requested to be able to execute actions the on local authentication like we already have for external authentication, a.o.
I want to be able to create the same actions as we have on external authentication. While it would be nice to expose the management service / api directly in the actions, it will take some more effort to ensure the security, e.g. prevent broken auth.As far as I know the mgmt service was mainly added for e2e testing purposes in the beginning of the PR.
OK thanks that gives it some context.
I think we should create a safeguard in actions where users can enables "secrets" in apis with either read or write access. But lets figure this our seperatly.
livio-a
commented
1 year ago OK thanks that gives it some context.
I think we should create a safeguard in actions where users can enables "secrets" in apis with either read or write access. But lets figure this our seperatly.
Yes "secrets" would also provide a way of setting an explicit context / executer (i.e. service account). We currently have an implicit context of org level / ORG_ADMIN and have all the authorization in the grpc service. Direct access to the management service would mean you could bypass that and e.g. access / manipulate information outside on other organisations. (Which is fine if you have the grant to do so, e.g. with a PAT of a service account in the secrets of the action.
eliobischof
commented
1 year ago I agree we have to ensure that validations and permission checks run. But I added the mgmt server not because of the e2e tests, ofc 😅. I think it's very inefficient for action devs (users) and api devs (us) to add more and more api contracts and implementations when we already have everything needed. Unfortunately the first trial didn't work as implemented, but IMO we should switch as fast as possible to a harmonized API for RPCs and actions.
fforootd
commented
1 year ago think it's very inefficient for action devs (users) and api devs (us) to add more and more api contracts and implementations when we already have everything needed.
Yes I think at one point we want to expose everything and have a safeguard for secrets (i.e you need to explicitly need to allow that)
Depends on https://github.com/zitadel/zitadel/issues/4908