b544334f45
1. Updating Personnel BPMN diagram to debug some issues.
...
2. Disabling the token timeout for now, to see if this corrects the issues Alex is having with lost work.
3. Raising more thoughtful error messages for unknown lookup options.
4. Providing better validation of default values and injecting the correct value for defaults related to enum lists of all types.
5. Bumping Spiffworkflow library which contains some better error messages and checks.
2020-09-01 15:58:50 -04:00
faba0f55ab
Adds AdminSession model and refactors impersonation methods to use it.
2020-07-30 12:40:53 -04:00
1b0ebecbf4
Uses Flask session to store impersonation state.
2020-07-30 10:17:02 -04:00
63537d7765
Adds is_admin boolean flag to user schema
2020-07-29 22:45:56 -04:00
452f2c3723
Building out a user service for getting the current user, it will provide a number of functions, one of which will allow administrative users to impersonate other users in some circumstances (but will assure that we log events correctly when an impersonation occures)
2020-07-27 14:38:57 -04:00
1f454536e3
Renames TOKEN_AUTH_SECRET_KEY to SECRET_KEY
2020-07-10 11:26:15 -04:00
561e254315
Prevents non-admin users from editing each others' tasks. Fixes bug where test user uid was not being set from token. Moves complete form and get workflow API test utility methods into BaseTest.
2020-06-12 13:46:10 -04:00
cccff9b856
Fixes broken unit tests. But still broken.
2020-06-11 11:29:58 -04:00
148e86bb42
Building out the boilerplate code to make pushing forward on this a little friendlier.
...
There is an approval api file, and approval model file and an approval test file.
2020-05-22 18:25:00 -04:00
992a85e9a5
Rough idea of what the Approvals model will look like.
2020-05-22 11:56:43 -04:00
f4342fc785
It became impossible to use the Swagger ui when we started adding authentication to all of the calls. I discovered Connexion and Swagger have a default way of handing JTW authentication and this cleans up our code quite a bit, moves the securing of endpoints into the API Definition, which is quite nice, and removes a whole library dependency (I never get to do that!) I added a SWAGGER_AUTH_KEY that can be used in non-production environments to allow users to quickly authenticate from the Swagger ui. I also removed all api calls to simple little happy api services, because that is just mean and pointless.
2020-03-24 14:15:21 -04:00
40e12f5ab5
Resolves marshmallow_sqlalchemy.ModelSchema deprecation warning
2020-03-16 13:37:31 -04:00
581434b453
Adds SSO header attributes
2020-02-20 15:43:29 -05:00
a642593e3d
Adding support to handle Single Sign On (Shibboleth) authentication using Flask SSO and an attribute map that has worked in the past with UVA's implementation. Aside from the new user endpoint, nothing requires authentication, but soon everything will expect it. I'm setting up a backdoor we can use for development and staging that will cause a round-robin affair that should make this relatively painless. Dropped "RestException" as we had two ways or raising errors, and that was silly.
2020-02-18 16:38:56 -05:00
Dan Funk
Aaron Louie