Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

!!! TASK: Remove obsolete legacy yaml policy for workspaces #5417

Merged
merged 1 commit into from
Jan 13, 2025
Merged

!!! TASK: Remove obsolete legacy yaml policy for workspaces #5417

merged 1 commit into from
Jan 13, 2025

Conversation

mhsdesign
Copy link
Member

With the introduction of explicit user assignments for workspaces #5146 and roles and the full evaluation of those via #5298 we have replaced the previously still kept 8.3 yaml security configuration for workspaces.

This decision was done as for security we can no longer use flows security framework which uses aop inside the content-repository library, and also we wanted to cleanup the user <-> workspace relation ship as well as the concept of internal vs shared workspaces.

Following yaml roles were removed:

  • Neos.ContentRepository:Administrator
  • Neos.ContentRepository:InternalWorkspaceAccess

Following yaml targets were removed:

  • Neos.Neos:PublicWorkspaceAccess
  • Neos.Neos:OtherWorkspacesAccess
  • Neos.Neos:Backend.OtherUsersPersonalWorkspaceAccess
  • Neos.Neos:Backend.PublishOwnWorkspaceContent
  • Neos.Neos:Backend.DiscardOwnWorkspaceContent
  • Neos.Workspace.Ui:Backend.PublishAllToLiveWorkspace

Note that these targets were moved to the Neos.Workspace.Ui:Backend package via #5118 in 9.0 but were removed now either way:

  • Neos.Neos:Backend.Module.Management.Workspaces.ManageOwnWorkspaces (Neos.Workspace.Ui:Backend.Module.Management.Workspace.ManageOwnWorkspaces)
  • Neos.Neos:Backend.Module.Management.Workspaces.ManageInternalWorkspaces (Neos.Workspace.Ui:Backend.Module.Management.Workspace.ManageInternalWorkspaces)
  • Neos.Neos:Backend.Module.Management.Workspaces.ManageAllPrivateWorkspaces (Neos.Workspace.Ui:Backend.Module.Management.Workspace.ManageAllPrivateWorkspaces)

Upgrade instructions

Review instructions

Checklist

  • Code follows the PSR-2 coding style
  • Tests have been created, run and adjusted as needed
  • The PR is created against the lowest maintained branch
  • Reviewer - PR Title is brief but complete and starts with FEATURE|TASK|BUGFIX
  • Reviewer - The first section explains the change briefly for change-logs
  • Reviewer - Breaking Changes are marked with !!! and have upgrade-instructions

This was referenced Jan 6, 2025
Merged
Merged
@mhsdesign mhsdesign requested review from bwaidelich and Sebobo January 8, 2025 10:06
@mhsdesign mhsdesign changed the title TASK: Remove obsolete legacy yaml policy for workspaces !!! TASK: Remove obsolete legacy yaml policy for workspaces Jan 13, 2025
@mhsdesign @Sebobo
TASK: Remove obsolete legacy yaml policy for workspaces
d056b20 
With the introduction of explicit user assignments for workspaces neos#5146 and roles and the full evaluation of those via neos#5298 we have replaced the previously still kept 8.3 yaml security configuration for workspaces.

This decision was done as for security we can no longer use flows security framework which uses aop inside the content-repository library, and also we wanted to cleanup the user <-> workspace relation ship as well as the concept of internal vs shared workspaces.

Following yaml roles were removed:
- `Neos.ContentRepository:Administrator`
- `Neos.ContentRepository:InternalWorkspaceAccess`

Following yaml targets were removed:
- `Neos.Neos:PublicWorkspaceAccess`
- `Neos.Neos:OtherWorkspacesAccess`
- `Neos.Neos:Backend.OtherUsersPersonalWorkspaceAccess`
- `Neos.Neos:Backend.PublishOwnWorkspaceContent`
- `Neos.Neos:Backend.DiscardOwnWorkspaceContent`
- `Neos.Workspace.Ui:Backend.PublishAllToLiveWorkspace`

Note that these targets were moved to the `Neos.Workspace.Ui:Backend` package via neos#5118 in 9.0 but were removed now either way:

- `Neos.Neos:Backend.Module.Management.Workspaces.ManageOwnWorkspaces` (`Neos.Workspace.Ui:Backend.Module.Management.Workspace.ManageOwnWorkspaces`)
- `Neos.Neos:Backend.Module.Management.Workspaces.ManageInternalWorkspaces` (`Neos.Workspace.Ui:Backend.Module.Management.Workspace.ManageInternalWorkspaces`)
- `Neos.Neos:Backend.Module.Management.Workspaces.ManageAllPrivateWorkspaces` (`Neos.Workspace.Ui:Backend.Module.Management.Workspace.ManageAllPrivateWorkspaces`)
@Sebobo Sebobo force-pushed the task/remove-obsolte-legacy-yaml-policy-for-workspaces branch from 8b6c4eb to d056b20 Compare January 13, 2025 10:47
Sebobo
Sebobo approved these changes Jan 13, 2025
View reviewed changes
Copy link
Member

@Sebobo Sebobo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good and still works, thx

@mhsdesign mhsdesign merged commit 94dda04 into neos:9.0 Jan 13, 2025
8 checks passed
@mhsdesign mhsdesign deleted the task/remove-obsolte-legacy-yaml-policy-for-workspaces branch January 13, 2025 10:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Sebobo Sebobo Sebobo approved these changes

@bwaidelich bwaidelich Awaiting requested review from bwaidelich

Assignees
No one assigned
Labels
9.0 Task
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mhsdesign @Sebobo