Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: Allow including Access Lists as nested members and owners (#38738)
- Recursively check for accesslist membership - Allow adding/removing/listing included access lists in acl commands - Add a recursive test - Use dynamic access lists structure from RFD - Resolve proto changes - Exclude 'list' members from Access List memberCount - Calc Access List member count with members of type 'list' excluded, return seperately to front end - Update examples/integrations - Update crd docs - Update tf docs - Perform calculation of inherited roles/traits to AccessList service in order to utilize cache and minimize number of requests. - Grant Okta integration RO for Access Lists - Update AccessListMember-* events - Include count for inherited grants - Include MembershipKind of affected member(s) - Emit inherited grants / members' MembershipKind for AccessListMember-* events - Update notified owners for Access Requests - Ensure dynamic owners are notified for Access Requests - Ensure dynamic owners are notified via Slack integration - Optionally pass an AbortSignal to `fetchAccessLists` in Web UI - Replace usages of `services.IsAccessListOwner/IsAccessListMember` with equivelant funcs from `Hierarchy` - Remove final references to AccessListMembershipChecker - Don't allow ACL deletion when member/owner in other lists - Guard Access List deletion behind membership/ownership checks for List - Expose Hierarchy func to recursively get all members - Tidy UserLoginStateGenerator logic involving ACL Membership/Ownership Co-authored-by: Maxim Dietz <maxim.dietz@goteleport.com>
- Loading branch information