linux_patch_manager

git-echo/linux_patch_manager

Private

Public Access

Fork 0

Commit Graph

Author	SHA1	Message	Date
Draco-Lunaris-Echo	88b190ac8d	fix(security): restrict auth-config mutations to Admin role (#5 ) Restrict manager-wide authentication configuration mutations (OIDC, SMTP, IP allowlist) to Admin role. Operators now receive 403 forbidden_role. - New admin_required helper in settings.rs - 4 gate changes: update_settings, discover_oidc, test_oidc, update_ip_whitelist - 5 new AuditAction variants + migration 019 - SPA friendly error message on 403 - 3 admin_required unit tests pass (43/43) - Full integration tests deferred to issue #15 Closes #5	2026-06-03 09:16:41 -05:00

Author

SHA1

Message

Date

Draco-Lunaris-Echo

88b190ac8d

fix(security): restrict auth-config mutations to Admin role (#5 )

Restrict manager-wide authentication configuration mutations (OIDC, SMTP, IP allowlist) to Admin role. Operators now receive 403 forbidden_role.

- New admin_required helper in settings.rs
- 4 gate changes: update_settings, discover_oidc, test_oidc, update_ip_whitelist
- 5 new AuditAction variants + migration 019
- SPA friendly error message on 403
- 3 admin_required unit tests pass (43/43)
- Full integration tests deferred to issue #15

Closes #5

2026-06-03 09:16:41 -05:00

1 Commits