feat(extensions): remove rbac extension (#4157)

* feat(extensions): remove rbac extension client code * feat(extensions): remove server rbac code * remove extensions code * fix(notifications): remove error * feat(extensions): remove authorizations service * feat(rbac): deprecate fields * fix(portainer): revert change * fix(bouncer): remove rbac authorization check * feat(sidebar): remove roles link * fix(portainer): remove portainer module
2025-08-04 21:35:23 +02:00 · 2020-08-11 08:41:37 +03:00 · 2020-08-11 08:41:37 +03:00 · 9d18d47194
commit 9d18d47194
parent 8629738e34
117 changed files with 98 additions and 3487 deletions
--- a/api/http/handler/users/admin_init.go
+++ b/api/http/handler/users/admin_init.go
@ -9,7 +9,6 @@ import (
 	"github.com/portainer/libhttp/request"
 	"github.com/portainer/libhttp/response"
 	"github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/internal/authorization"
 )

 type adminInitPayload struct {
@ -45,9 +44,8 @@ func (handler *Handler) adminInit(w http.ResponseWriter, r *http.Request) *httpe
 	}

 	user := &portainer.User{
-		Username:                payload.Username,
-		Role:                    portainer.AdministratorRole,
-		PortainerAuthorizations: authorization.DefaultPortainerAuthorizations(),
+		Username: payload.Username,
+		Role:     portainer.AdministratorRole,
 	}

 	user.Password, err = handler.CryptoService.Hash(payload.Password)
--- a/api/http/handler/users/handler.go
+++ b/api/http/handler/users/handler.go
@ -6,7 +6,6 @@ import (
 	httperror "github.com/portainer/libhttp/error"
 	"github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/http/security"
-	"github.com/portainer/portainer/api/internal/authorization"

 	"net/http"

@ -28,9 +27,8 @@ func hideFields(user *portainer.User) {
 // Handler is the HTTP handler used to handle user operations.
 type Handler struct {
 	*mux.Router
-	DataStore            portainer.DataStore
-	CryptoService        portainer.CryptoService
-	AuthorizationService *authorization.Service
+	DataStore     portainer.DataStore
+	CryptoService portainer.CryptoService
 }

 // NewHandler creates a handler to manage user operations.
--- a/api/http/handler/users/user_create.go
+++ b/api/http/handler/users/user_create.go
@ -12,7 +12,6 @@ import (
 	bolterrors "github.com/portainer/portainer/api/bolt/errors"
 	httperrors "github.com/portainer/portainer/api/http/errors"
 	"github.com/portainer/portainer/api/http/security"
-	"github.com/portainer/portainer/api/internal/authorization"
 )

 type userCreatePayload struct {
@ -62,9 +61,8 @@ func (handler *Handler) userCreate(w http.ResponseWriter, r *http.Request) *http
 	}

 	user = &portainer.User{
-		Username:                payload.Username,
-		Role:                    portainer.UserRole(payload.Role),
-		PortainerAuthorizations: authorization.DefaultPortainerAuthorizations(),
+		Username: payload.Username,
+		Role:     portainer.UserRole(payload.Role),
 	}

 	settings, err := handler.DataStore.Settings().Settings()
--- a/api/http/handler/users/user_delete.go
+++ b/api/http/handler/users/user_delete.go
@ -81,10 +81,5 @@ func (handler *Handler) deleteUser(w http.ResponseWriter, user *portainer.User)
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to remove user memberships from the database", err}
 	}

-	err = handler.AuthorizationService.RemoveUserAccessPolicies(user.ID)
-	if err != nil {
-		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to clean-up user access policies", err}
-	}
-
 	return response.Empty(w)
 }