git-echo/linux_patch_manager
Private
Public Access
1
0
Fork 0
Code Releases 8 Wiki Activity
Files
e0a9037be3ace547ca7879828686a6852fd00f10
linux_patch_manager/migrations
History
Draco-Lunaris-Echo 88b190ac8d fix(security): restrict auth-config mutations to Admin role (#5) 
Restrict manager-wide authentication configuration mutations (OIDC, SMTP, IP allowlist) to Admin role. Operators now receive 403 forbidden_role.

- New admin_required helper in settings.rs
- 4 gate changes: update_settings, discover_oidc, test_oidc, update_ip_whitelist
- 5 new AuditAction variants + migration 019
- SPA friendly error message on 403
- 3 admin_required unit tests pass (43/43)
- Full integration tests deferred to issue #15

Closes #5
2026-06-03 09:16:41 -05:00
..
001_initial_schema.sql
feat(M1): Project scaffolding, DB schema, core infrastructure
2026-04-23 15:55:53 +00:00
002_seed_admin.sql
fix: resolve all startup bugs (BUG-6 through BUG-9)
2026-04-28 23:01:03 +00:00
003_jobs_scheduling.sql
M5: Patch Deployment & Job Management
2026-04-23 17:08:43 +00:00
004_maintenance_windows.sql
feat: M6 maintenance windows + M7 WebSocket relay (real-time job status)
2026-04-23 17:42:51 +00:00
005_audit_hardening.sql
fix: resolve all startup bugs (BUG-6 through BUG-9)
2026-04-28 23:01:03 +00:00
006_host_patch_data_unique.sql
fix: make migration 006 idempotent for UNIQUE constraint
2026-05-04 15:36:29 +00:00
007_health_checks.sql
feat: health check configuration and worker engine (Phase 3+4)
2026-05-05 14:10:37 +00:00
008_health_check_worker.sql
feat: health check configuration and worker engine (Phase 3+4)
2026-05-05 14:10:37 +00:00
009_health_check_audit_actions.sql
fix: ServiceStatusData deserialization, audit_action enum, and agent HTTP client
2026-05-05 15:47:01 +00:00
010_cert_reissued_audit_action.sql
feat: cert bundle download with CA root, re-issue endpoint, and enhanced cert UI
2026-05-05 23:06:48 +00:00
011_health_check_target_host.sql
feat: add target_host_id to service health checks
2026-05-06 21:38:42 +00:00
012_account_lockout.sql
fix: eslint-disable for useEffect deps in UsersPage
2026-05-07 19:14:21 +00:00
013_maintenance_window_auto_apply.sql
fix: eslint-disable for useEffect deps in UsersPage
2026-05-07 19:14:21 +00:00
014_oidc_provider.sql
feat: OIDC SSO provider support (Keycloak, Azure AD, custom)
2026-05-13 13:32:24 +00:00
015_reporter_role.sql
feat: add reporter role for SSO auto-provisioning
2026-05-14 02:23:18 +00:00
016_enrollment_requests.sql
feat: add host self-enrollment workflow v0.1.7
2026-05-16 17:03:28 +00:00
017_enrollment_host_columns.sql
fix: reorder host insert before cert issuance, add migration for missing columns
2026-05-18 13:18:44 +00:00
018_add_hostname_to_enrollment.sql
feat: add host editing endpoint and frontend UI
2026-05-18 21:52:00 +00:00
019_auth_config_audit_actions.sql
fix(security): restrict auth-config mutations to Admin role (#5)
2026-06-03 09:16:41 -05:00